How to Create and Kill Processes Using Win32 API

Creating A Process

· A process can be created using CreateProcess function of Win32 API. The prototype of this function is:

BOOL CreateProcess

(LPCTSTR lpszImageName, // path of executable file

LPTSTR lpszCommandLine, // command line

LPSECURITY_ATTRIBUTES lpsaProcess, // process security attributes

LPSECURITY_ATTRIBUTES lpsaThread, // thread security attributes

BOOL fInheritHandles, // does new process inherit handles

DWORD fdwCreate, // process creation flags

LPVOID lpvEnvironment, // environment block for new process

LPCTSTR lpszCurDir, // current folder for new process

LPSTARTUPINFO lpsiStartInfo, // specifies window features

LPPROCESS_INFORMATION lppiProcInfo); // new process information

· To create a process, you can simply pass the name of the process leaving the other parameters to take the default value NULL except the ninth and tenth parameter. Ninth parameter is the address of the structure STARTUPINFO that you need to fill before calling CreateProcess and contains information required to run the process. Tenth parameter is the address of the uninitialized structure PROCESS_INFORMATION which receives the information about the newly created process.

· STARTUPINFO structure must be initialized to 0 to avoid process crash due to corrupted data. This initialization can be done using either of the following function calls:

memset(&StartupInfo, 0, sizeof(StartupInfo));
::ZeroMemory(&StartupInfo, sizeof(StartupInfo));  
Of the several fields in STARTUPINFO, field ‘cb’ must be set to the size of the STARTUPINFO structure.

· Following call will launch the notepad with readme.txt file opened in it.



memset (&StartupInfo, 0, sizeof (STARTUPINFO));

StartupInfo.cb = sizeof (STARTUPINFO);

::CreateProcess ("notepad.exe", _T("readme.txt"),NULL,NULL,FALSE,0,NULL,NULL, &StartupInfo, &ProcInfo);

If application path is not in your PATH environment variable then you need to specify to append the complete path to the application name, e.g. “C:\\Windows\\System32\\notepad.exe”. Note the use of double back-slash in the path string.

Running A Console Application Silently

· To run a console application without starting the associated command prompt, you need to set following two fields of STARTUPINFO before calling the CreateProcess function.

StartupInfo.wShowWindow = SW_HIDE;
Both these fields are of DWORD type. The first field dwFlags informs the application that we are setting window display information while second field wShowWindow sets the window to hide.

Killing A Process

· The Win32 API function used to kill a process is:

BOOL TerminateProcess(HANDLE hProcess, UINT fuExitCode);

· Before we can call this function, we require handle to the process. This is done using OpenProcess function and passing process id as contained in the PROCESS_INFORMATION structure returned by CreateProcess function call. Process id can be retrieved using other means also.

HANDLE hHandle;

hHandle = ::OpenProcess(PROCESS_ALL_ACCESS,0,ProcInfo.dwProcessId );

· It is better to check the ExitCode returned by the child process. Following function does this:

DWORD dwExitCode = 0;


· The process is finally killed by TerminateProcess function as follows:

If(dwExitCode == STILL_ACTIVE)


Related Win32 API Functions

· To wait until the child process has exited.

::WaitForSingleObject(ProcInfo.hProcess, INFINITE);

· To change the process priority


· To release the handles in ProcInfo. These functions will not terminate the process itself.

CloseHandle(ProcInfo.hThread); and CloseHandle(ProcInfo.hProcess);

End Notes

· Besides Win32 API functions, following functions can also be used for creating and killing the processes:

o System()

o WinExec()

o ShellExecute()

o PostMessage (WM_CLOSE)

But CreateProcess is the most powerful one.


· Code Project Website

  • Books

o Mastering Visual C++ 6, Michael J. Young, Sybex, Inc., ISBN: 0782122736

o Programming Applications for Microsoft Windows, Jeffrey Richter,ISBN 1-57231-996-8