Solved

How toi check if an EXE is running in background in Windows ??

Posted on 2006-11-19
14
396 Views
Last Modified: 2008-01-09
Hi All,
  Though this is a very common question I am bit confused in selecting the appropriate method.
 The standard method of doing this is to implement a "Mutex" and use it across process.  But the exe which I am trying to find out is 3rd party tool and they wont give out their mutex id.

So the other alternative is to list all the process name and execute a search on the result.

If any expert could sugget me a better alternative it would be great.

Thanks for your earliest attention.

Regards,

Manjesh Gowda S H
0
Comment
Question by:Manjesh
  • 5
  • 4
  • 2
  • +3
14 Comments
 
LVL 85

Expert Comment

by:Mike Tomlinson
ID: 17977039
What language are you working in here?...
0
 
LVL 5

Expert Comment

by:Alkali_Guy
ID: 17977155
You can use the FindWindow or EnumWindows function to search the windows by title.
0
 
LVL 21

Expert Comment

by:theGhost_k8
ID: 17977171
using api
 Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" _
        (ByVal lpClassName As String, ByVal lpWindowName As String) As IntPtr

FindWindow(vbNullString, "Docsvault Professional") <- returns handle of that window..
search on FindWindow API.. u'll get it...
i might have used it in my program(i guess i dont remember things for looooooooong time) .. check following link...

http://www.codeproject.com/Purgatory/KzIPC.asp
0
 
LVL 85

Expert Comment

by:Mike Tomlinson
ID: 17977199
If something .Net, then see Process.GetProcessesByName():
http://msdn2.microsoft.com/en-us/library/z3w4xdc9(VS.80).aspx
0
 
LVL 1

Author Comment

by:Manjesh
ID: 17977329
Sorry guys.. for the insufficient information.

Apart from the name of the exe I dont have an other information. So finding a window in the exe is out of question...

And the code in VC++, I am seeking for some kind of Win32 API.

Thanks for the quick reply...

0
 
LVL 21

Expert Comment

by:theGhost_k8
ID: 17977331
hay you must be having the window caption?!!!! you can search it...
0
 
LVL 1

Author Comment

by:Manjesh
ID: 17977341
even if there is window I cannot rely on it... Only the name of the exe will not change( thats what can be guaranteed)..

Thanks for the quick reply...
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 21

Expert Comment

by:theGhost_k8
ID: 17977343
thats wat i mean
use spy++ in VS tool check windowcaption and keep it in findwindow
0
 
LVL 1

Author Comment

by:Manjesh
ID: 17977355
I can do that ... tomm the entire window caption nay change or it might not have an UI at all...

I want to find out if the process is running only by its name and not use anything else.

So any other alternative ??

Thanks for your quick reply...
0
 
LVL 21

Expert Comment

by:theGhost_k8
ID: 17977366
a process must have some identity to find...
if window caption or classname changes u must search accordingly..
i dont think u can scan a same process with different name/class...
might give an alternative place to search an app.
U HAVE TO CHANGE ACCORDGLY THE EXE NAME/CLASSNAME

well you can also use WMI select query to find / fetch all processes but even it wont help if exe names keep changing.
0
 
LVL 1

Author Comment

by:Manjesh
ID: 17977383
No the exe wil never chage its guaranteed... I thought of using a tool or exe which will list the name of all the process and then execute a search for the exe name in the release.

May be I will try someting in WMI .... and specific function with in WMI whcih I can use...


Thanks for ur quick reply...
0
 
LVL 1

Accepted Solution

by:
i_mahesh earned 30 total points
ID: 17977855
Hi Manjesh,

there are 2 scenarios here

1. The process you are looking for is loaded in your process space (as child process may be)

-> In this case you can use GetModuleHandle / GetModuleHandleEx to determine if the process is loaded or not (If its not loaded then the API will fail with NULL return)

2. Other wise there is no straight forward way which you can use to determine if the given exe is running or not.

You can refere to the code snippet below to determine if the process is running by enumerating the running processes in the system.

/*********************************/
BOOL PrintProcessNameAndID(LPCTSTR lpszProcessNameToFind, DWORD processID )
{
    TCHAR szProcessName[MAX_PATH] = _T("<unknown>");

    BOOL bReturnValue = FALSE;
    // Get a handle to the process.

    HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION |
                                   PROCESS_VM_READ,
                                   FALSE, processID );

    // Get the process name.
    if (NULL != hProcess )
    {
        HMODULE hMod;
        DWORD cbNeeded = 0;

        if ( EnumProcessModules( hProcess, &hMod, sizeof(hMod),
             &cbNeeded) )
        {
            GetModuleBaseName( hProcess, hMod, szProcessName,
                               sizeof(szProcessName)/sizeof(TCHAR) );
        }
    }

    // Compare the process name and decide.
    if (_tcsicmp(szProcessName, lpszProcessNameToFind) == 0)
        bReturnValue = TRUE;
    else
        bReturnValue = FALSE;

    CloseHandle( hProcess );

    return bReturnValue;
}


int APIENTRY _tWinMain(HINSTANCE hInstance,
                     HINSTANCE hPrevInstance,
                     LPTSTR    lpCmdLine,
                     int       nCmdShow)
{
    // Get the list of process identifiers.

    DWORD aProcesses[1024], cbNeeded, cProcesses;
    unsigned int i;

    if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) )
        return -1;

    // Calculate how many process identifiers were returned.
    cProcesses = cbNeeded / sizeof(DWORD);

    //Process to find
    LPCTSTR lpszProcessNameToFind = _T("IEXPLORE.EXE");

    // Print the name and process identifier for each process.
    for ( i = 0; i < cProcesses; i++ )
    {
        if (PrintProcessNameAndID( lpszProcessNameToFind, aProcesses[i] ))
        {
            MessageBox(NULL, _T("Process found"), 0, 0);
            break;
        }
    }

    return 0;
}
/********************************/
0
 
LVL 24

Expert Comment

by:mankowitz
ID: 17979154
Another option is to create a wrapper program around the .exe that you are looking for. You can give the wrapper an identity (mutex, window caption, processID, whatever) and then check to see if the wrapper is running.
0
 
LVL 1

Author Comment

by:Manjesh
ID: 17984474
Mahesh tx for the soultion.. ur code has done my job.. thanks..
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Displaying an arrayList in a listView using the default adapter is rarely the best solution. To get full control of your display data, and to be able to refresh it after editing, requires the use of a custom adapter.
Although it can be difficult to imagine, someday your child will have a career of his or her own. He or she will likely start a family, buy a home and start having their own children. So, while being a kid is still extremely important, it’s also …
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now