T
thoatson
Guest
I am working on a program that should work in parallel with another one ("Logos"). To accomplish this, it will connect to that program via COM interface. The idea is that if Logos is running, my program will communicate with it, but if Logos is not running, my program will work independently.
My program contains the following function:
bool FindProcess(CString sought)
{
bool result = false;
DWORD aProcesses[1024], cbUsed, cProcessesFound;
unsigned int i;
// Get the list of process identifiers.
if (!EnumProcesses(aProcesses, sizeof(aProcesses), &cbUsed))
return result;
// Calculate how many process identifiers were returned.
cProcessesFound = cbUsed / sizeof(DWORD);
TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>");
CString tempStr;
// send trace data to output window
tempStr.Format(L"%d Processes:", cProcessesFound);
TRACET(tempStr); TRACEN;
tempStr = L"\t#\tPID\tName";
TRACET(tempStr); TRACEN;
// search list of process ids for process name
for (i = 0; i < cProcessesFound; i++)
{
if (aProcesses != 0)
{
// Get process handle
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE, aProcesses);
// if process can be opened (some system processes are protected)
if (NULL != hProcess)
{
HMODULE hMod;
DWORD cbUsed;
// instead of enumerating all modules for this process, only
// get 1st one - the .exe
if (EnumProcessModules(hProcess, &hMod, sizeof(hMod), &cbUsed))
{
// Get module's base name
GetModuleBaseName(hProcess, hMod, szProcessName,
sizeof(szProcessName) / sizeof(TCHAR));
tempStr.Format(L"%d:\t%d\t%s", i, aProcesses, szProcessName);
TRACET(tempStr); TRACEN;
// if module name matches what we're looking for
if (!sought.CompareNoCase(szProcessName))
{
result = true;
break;
}
}
}
// Release process handle
CloseHandle(hProcess);
}
}
return result;
}
When this function runs, it fails to find the Logos process. Here is the output:
226 Processes:
# PID Name
105: 7912 MotoHelperAgent.exe
115: 5436 CLMLSvc_P2G8.exe
131: 10908 AirDroid.exe
134: 10452 ISBMgr.exe
135: 10664 AvastUI.exe
136: 8724 PMBVolumeWatcher.exe
138: 9756 BrStMonW.exe
139: 10684 BrotherHelp.exe
142: 12208 pptd40nt.exe
144: 11792 PdfPro7Hook.exe
146: 6616 IAStorIcon.exe
180: 6956 devenv.exe
181: 6188 PerfWatson2.exe
182: 6128 ServiceHub.Host.Node.x86.exe
184: 12496 ServiceHub.IdentityHost.exe
185: 8284 ServiceHub.Host.CLR.x86.exe
186: 2824 ServiceHub.SettingsHost.exe
187: 12108 ServiceHub.VSDetouredHost.exe
189: 7588 Notepad++Portable.exe
190: 9164 notepad++.exe
200: 17668 AirDroidHelper.exe
205: 17312 VCPkgSrv.exe
213: 12700 BART5-4.exe
#213 is the running program which is enumerating the processes.
Here is a snippet from Task Manager, showing the Logos process:
I tried a modification to my function in order to use a different approach to getting the module names:
bool FindProcess(CString sought)
{
bool result = false;
DWORD aProcesses[1024], cbUsed, cProcessesFound;
unsigned int i;
// Get the list of process identifiers.
if (!EnumProcesses(aProcesses, sizeof(aProcesses), &cbUsed))
return result;
// Calculate how many process identifiers were returned.
cProcessesFound = cbUsed / sizeof(DWORD);
// search list of process ids for process name
TCHAR szPathName[MAX_PATH] = TEXT("<unknown>");
CString pathName, moduleName;
int pathEndOffset;
for (i = 0; i < cProcessesFound; i++)
{
if (aProcesses != 0)
{
// Get process handle
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE, aProcesses);
// if process can be opened (some system processes are protected)
if (NULL != hProcess)
{
HMODULE hMod;
DWORD cbUsed;
// instead of enumerating all modules for this process, only
// get 1st one - the .exe
if (EnumProcessModules(hProcess, &hMod, sizeof(hMod), &cbUsed))
{
// Get module's file name
GetModuleFileName(hMod, szPathName,
sizeof(szPathName) / sizeof(TCHAR));
// if a file name was returned
if (wcslen(szPathName))
{
// offset of beginning of file name (i.e. end of path)
pathEndOffset = wcsrchr(szPathName, '\\') - szPathName;
pathName = szPathName;
moduleName = pathName.Right(pathName.GetLength() - pathEndOffset);
// if module name matches what we're looking for
if (!sought.CompareNoCase(moduleName))
{
result = true;
break;
}
}
}
}
// Release process handle
CloseHandle(hProcess);
}
}
return result;
}
When I ran this, only the name of my own program was found; all other processes had no name (i.e. empty string).
Can anyone offer a suggestion why I can't see the same processes as Task Manager? (I know that system processes are protected, but what about the others?) Is there any way I can revise FindProcess() in order to accomplish my objective?
Continue reading...
My program contains the following function:
bool FindProcess(CString sought)
{
bool result = false;
DWORD aProcesses[1024], cbUsed, cProcessesFound;
unsigned int i;
// Get the list of process identifiers.
if (!EnumProcesses(aProcesses, sizeof(aProcesses), &cbUsed))
return result;
// Calculate how many process identifiers were returned.
cProcessesFound = cbUsed / sizeof(DWORD);
TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>");
CString tempStr;
// send trace data to output window
tempStr.Format(L"%d Processes:", cProcessesFound);
TRACET(tempStr); TRACEN;
tempStr = L"\t#\tPID\tName";
TRACET(tempStr); TRACEN;
// search list of process ids for process name
for (i = 0; i < cProcessesFound; i++)
{
if (aProcesses != 0)
{
// Get process handle
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE, aProcesses);
// if process can be opened (some system processes are protected)
if (NULL != hProcess)
{
HMODULE hMod;
DWORD cbUsed;
// instead of enumerating all modules for this process, only
// get 1st one - the .exe
if (EnumProcessModules(hProcess, &hMod, sizeof(hMod), &cbUsed))
{
// Get module's base name
GetModuleBaseName(hProcess, hMod, szProcessName,
sizeof(szProcessName) / sizeof(TCHAR));
tempStr.Format(L"%d:\t%d\t%s", i, aProcesses, szProcessName);
TRACET(tempStr); TRACEN;
// if module name matches what we're looking for
if (!sought.CompareNoCase(szProcessName))
{
result = true;
break;
}
}
}
// Release process handle
CloseHandle(hProcess);
}
}
return result;
}
When this function runs, it fails to find the Logos process. Here is the output:
226 Processes:
# PID Name
105: 7912 MotoHelperAgent.exe
115: 5436 CLMLSvc_P2G8.exe
131: 10908 AirDroid.exe
134: 10452 ISBMgr.exe
135: 10664 AvastUI.exe
136: 8724 PMBVolumeWatcher.exe
138: 9756 BrStMonW.exe
139: 10684 BrotherHelp.exe
142: 12208 pptd40nt.exe
144: 11792 PdfPro7Hook.exe
146: 6616 IAStorIcon.exe
180: 6956 devenv.exe
181: 6188 PerfWatson2.exe
182: 6128 ServiceHub.Host.Node.x86.exe
184: 12496 ServiceHub.IdentityHost.exe
185: 8284 ServiceHub.Host.CLR.x86.exe
186: 2824 ServiceHub.SettingsHost.exe
187: 12108 ServiceHub.VSDetouredHost.exe
189: 7588 Notepad++Portable.exe
190: 9164 notepad++.exe
200: 17668 AirDroidHelper.exe
205: 17312 VCPkgSrv.exe
213: 12700 BART5-4.exe
#213 is the running program which is enumerating the processes.
Here is a snippet from Task Manager, showing the Logos process:
I tried a modification to my function in order to use a different approach to getting the module names:
bool FindProcess(CString sought)
{
bool result = false;
DWORD aProcesses[1024], cbUsed, cProcessesFound;
unsigned int i;
// Get the list of process identifiers.
if (!EnumProcesses(aProcesses, sizeof(aProcesses), &cbUsed))
return result;
// Calculate how many process identifiers were returned.
cProcessesFound = cbUsed / sizeof(DWORD);
// search list of process ids for process name
TCHAR szPathName[MAX_PATH] = TEXT("<unknown>");
CString pathName, moduleName;
int pathEndOffset;
for (i = 0; i < cProcessesFound; i++)
{
if (aProcesses != 0)
{
// Get process handle
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE, aProcesses);
// if process can be opened (some system processes are protected)
if (NULL != hProcess)
{
HMODULE hMod;
DWORD cbUsed;
// instead of enumerating all modules for this process, only
// get 1st one - the .exe
if (EnumProcessModules(hProcess, &hMod, sizeof(hMod), &cbUsed))
{
// Get module's file name
GetModuleFileName(hMod, szPathName,
sizeof(szPathName) / sizeof(TCHAR));
// if a file name was returned
if (wcslen(szPathName))
{
// offset of beginning of file name (i.e. end of path)
pathEndOffset = wcsrchr(szPathName, '\\') - szPathName;
pathName = szPathName;
moduleName = pathName.Right(pathName.GetLength() - pathEndOffset);
// if module name matches what we're looking for
if (!sought.CompareNoCase(moduleName))
{
result = true;
break;
}
}
}
}
// Release process handle
CloseHandle(hProcess);
}
}
return result;
}
When I ran this, only the name of my own program was found; all other processes had no name (i.e. empty string).
Can anyone offer a suggestion why I can't see the same processes as Task Manager? (I know that system processes are protected, but what about the others?) Is there any way I can revise FindProcess() in order to accomplish my objective?
Continue reading...