Trapping a Windows Message

I have a application that runs on a server.  I would like to create an event procedure that fires when ever a Window Message tells a process (test.exe) to start.  Before the Message actually tells the process to start I need my application to check certain things, then if everything is good let the Message through to start the process.

1.  Is there a tool that will show me the Window Message that start an application or process?  Maybe something by sysinternals?

2.  How can I create an Procedure that traps the message that starts the app or process?

Thanks
LVL 2
jbauer22Asked:
Who is Participating?
 
BrianGEFF719Commented:
well you can modify a registry value to intercept all running of EXE Files...this is acctually how some viruses load. It might be highly un-conventional, but it will work. The same way a TEXT file knows to open with Notepad, you can make an EXE file load with your program.

Then just process the command line args.

dim cmds as string
cmds = commands$
if instr(commands$,"virus") then
 msgbox "This program is not allowed to run"
else
 shell(command$)
end if


modify HKEY_CLASSES_ROOT\EXEFile\Shell\Open\Command to

c:\interceptprogram.exe "%1" %*
0
 
BrianGEFF719Commented:
sorry it should be COMMAND$
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
ArkCommented:
Take a look on my sample http://www.freevbcode.com/ShowCode.Asp?ID=1308
>>This is a .dll that uses a number of shell functions (including some undocumented ones) to hook and log a variety of shell messages (e.g., window creation, window activation, window deactivation). Included is a sample client project that illustrates how to use the .dll to log shell events. Be sure to register the .dll before running the sample project.<<
0
 
BrianGEFF719Commented:
The reason I recommended my way was because, we all know a window is not needed to execute code. Thats the reason I suggested my highly un-orthodox code.



-Brian
0
 
ArkCommented:
Brian, this key is for shell open command (ie if you start app from explorer/desktop). Try your sample with command prompt/Run menu.
0
 
BrianGEFF719Commented:
but doesnt the visual basic Shell() command do the same thing. The only thing that would work different would be CreateProcess() API.


-Brian
0
 
BrianGEFF719Commented:
Correct Me if I am wrong.

0
 
BrianGEFF719Commented:
Acctually I retract my previous statement. Shell() Command does not at all play with the registry nor does CreateProcess(). So maybe a combination of Window Checking and Explorer shell modifying would be in order.


-Brian
0
 
ArkCommented:
Yes, but most application (c++/other then VB based) use CreateProcess() instead of ShellExecute(.."open")
0
 
jbauer22Author Commented:
Brian - I'd like to intercept the specific message that is starting the EXE.

Ark - It looks like the example only captures window events.

Thanks.
0
 
ArkCommented:
Sory, probably I misundersood smth. What do you mean "Window Message that start an application or process"? Messages are sending to already opened windows and can not start a process.
0
 
BrianGEFF719Commented:
Ark: I think what he is saying is that he wants to intercept all CreateProcess() API Calls and all ShellExecute API calls which cannot be easily done.
0
 
jbauer22Author Commented:
Brian - Are there any tools to help me intercept the CreateProcess and ShcellExecute Calls?
0
All Courses

From novice to tech pro — start learning today.