HOW TO CREATE AND KILL PROCESSES USING WIN32 API

Creating A Process

• A process can be created using CreateProcess function of Win32 API. The prototype of this function is:

BOOL CreateProcess
(LPCTSTR lpszImageName, // path of executable file
LPTSTR lpszCommandLine, // command line
LPSECURITY_ATTRIBUTES lpsaProcess, // process security attributes
LPSECURITY_ATTRIBUTES lpsaThread, // thread security attributes
BOOL fInheritHandles, // does new process inherit handles
DWORD fdwCreate, // process creation flags
LPVOID lpvEnvironment, // environment block for new process
LPCTSTR lpszCurDir, // current folder for new process
LPSTARTUPINFO lpsiStartInfo, // specifies window features
LPPROCESS_INFORMATION lppiProcInfo); // new process information

• To create a process, you can simply pass the name of the process leaving the other parameters to take
the default value NULL except the ninth and tenth parameter. Ninth parameter is the address of the
structure STARTUPINFO that you need to fill before calling CreateProcess and contains information
required to run the process. Tenth parameter is the address of the uninitialized structure
PROCESS_INFORMATION which receives the information about the newly created process.

• STARTUPINFO structure must be initialized to 0 to avoid process crash due to corrupted data. This
initialization can be done using either of the following function calls:

memset(&StartupInfo, 0, sizeof(StartupInfo));
::ZeroMemory(&StartupInfo, sizeof(StartupInfo));

Of the several fields in STARTUPINFO, field ‘cb’ must be set to the size of the STARTUPINFO structure.

• Following call will launch the notepad with readme.txt file opened in it.

STARTUPINFO StartupInfo;
PROCESS_INFORMATION ProcInfo;
memset (&StartupInfo, 0, sizeof (STARTUPINFO));
StartupInfo.cb = sizeof (STARTUPINFO);

::CreateProcess ("notepad.exe", _T("readme.txt"),NULL,NULL,FALSE,0,NULL,NULL,

&StartupInfo, &ProcInfo);

If application path is not in your PATH environment variable then you need to specify to append the
complete path to the application name, e.g. “C:\\Windows\\System32\\notepad.exe”. Note the use of double
back-slash in the path string.

Running A Console Application Silently

• To run a console application without starting the associated command prompt, you need to set following
two fields of STARTUPINFO before calling the CreateProcess function.

StartupInfo.dwFlags = STARTF_USESHOWWINDOW;
StartupInfo.wShowWindow = SW_HIDE;

Both these fields are of DWORD type. The first field dwFlags informs the application that we are setting
window display information while second field wShowWindow sets the window to hide.

Killing A Process

• The Win32 API function used to kill a process is:

Prepared by: Syed Feroz Zainvi Available at: http://www.computer-science-notes.blogspot.com

E-mail: zainvi.sf@gmail.com
 HOW TO CREATE AND KILL PROCESSES USING WIN32 API

BOOL TerminateProcess(HANDLE hProcess, UINT fuExitCode);

• Before we can call this function, we require handle to the process. This is done using OpenProcess
function and passing process id as contained in the PROCESS_INFORMATION structure returned by
CreateProcess function call. Process id can be retrieved using other means also.

HANDLE hHandle;
hHandle = ::OpenProcess(PROCESS_ALL_ACCESS,0,ProcInfo.dwProcessId );

• It is better to check the ExitCode returned by the child process. Following function does this:
DWORD dwExitCode = 0;
::GetExitCodeProcess(hHandle,&dwExitCode);

• The process is finally killed by TerminateProcess function as follows:

If(dwExitCode == STILL_ACTIVE)
::TerminateProcess(hHandle,dwExitCode);

Related Win32 API Functions

• To wait until the child process has exited.

::WaitForSingleObject(ProcInfo.hProcess, INFINITE);

• To change the process priority

::SetPriorityClass

• To release the handles in ProcInfo. These functions will not terminate the process itself.
CloseHandle(ProcInfo.hThread); and CloseHandle(ProcInfo.hProcess);

End Notes

• Besides Win32 API functions, following functions can also be used for creating and killing the
processes:
o System()
o WinExec()
o ShellExecute()
o PostMessage (WM_CLOSE)

But CreateProcess is the most powerful one.

References

• Code Project Website:

o Creating a process, and then killing it By ljp
o Running console applications silently By Steven Szelei
o Kill Application Using Win32 APIs By chaitanya shah
• Books:
o Mastering Visual C++ 6, Michael J. Young, Sybex, Inc., ISBN: 0782122736
o Programming Applications for Microsoft Windows, Jeffrey Richter,ISBN 1-57231-996-8

Prepared by: Syed Feroz Zainvi Available at: http://www.computer-science-notes.blogspot.com

E-mail: zainvi.sf@gmail.com