Thread: Spying processes

  1. #1
    Registered User
    Join Date
    Mar 2005
    Posts
    69

    Spying processes

    I've to write a Win32 program that,given a file,tells me what process uses it...tricky uh?

    Perhaps i could use a cicle like this :

    Code:
     for(..some condition..){
      
         LockFileEx(handle to the file to control, ...... , ... , ..... , ... );
       
         Use GetLastError() and FormatMessage() for checking if an     error has occured
       and,if it is so,then some other process is reading the file and the 
       FormatMessage() function will tell me information about that process (i think)
       if i call it with the error code returned by GetLastError()
    
       Otherwise , if there's no error , UnlockFileEx(.....);
    
    }
    could it work?

  2. #2
    Banned
    Join Date
    Oct 2004
    Posts
    250
    I dont get what you want to do are you trying to check to see if a process is allready running?

  3. #3
    Registered User
    Join Date
    Jan 2005
    Posts
    847
    Quote Originally Posted by Lionel
    could it work?
    No GetLastError just returns an error code and FormatMessage traslates that error code into a desription of that error but
    dosen't give anymore specific information.
    Doing this would be tricky maybe the tool filemon from systeminternals.com might be of some use.

  4. #4
    Registered User
    Join Date
    Sep 2004
    Location
    California
    Posts
    3,268
    You could do this by hooking the API functions OpenFile(), CreateFileA(), and CreateFileW(). Hooking API functions is pretty tricky though, so I suggest finding another way around the problem you are facing.

  5. #5
    Yes, my avatar is stolen anonytmouse's Avatar
    Join Date
    Dec 2002
    Posts
    2,544
    You can get the processes that have a file open but I think you're moving into the undocumented.

  6. #6
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,656
    Sounds a bit like you're trying to write (part of) http://www.sysinternals.com/ntw2k/fr.../procexp.shtml
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Replies: 34
    Last Post: 05-27-2009, 12:26 PM
  2. Task Manager: Applications vs Processes
    By Shwick in forum Windows Programming
    Replies: 3
    Last Post: 08-14-2008, 06:47 AM
  3. Processes not dying
    By Elkvis in forum Linux Programming
    Replies: 12
    Last Post: 04-23-2008, 08:59 AM
  4. binary tree of processes
    By gregulator in forum C Programming
    Replies: 1
    Last Post: 02-28-2005, 12:59 AM
  5. Unix processes
    By J-Dogg in forum Linux Programming
    Replies: 1
    Last Post: 03-24-2003, 05:42 PM