2

My goal is to close a certain user process (screensaver) by its process ID when enumerated from my local service. I can obtain its PID, but there comes two issues, so I want to ask first before I begin implementing it. Namely:

  1. Is it possible to obtain main thread's HWND by PID from a service?

  2. Even if I have an HWND of a user process, will I be able to SendMessage it from a service?

I can obviously TerminateProcess it, I'm just trying to be "nice" first.

c00000fd
  • 20,994
  • 29
  • 177
  • 400
  • for 1 look at here http://stackoverflow.com/questions/2221103/how-to-get-process-handle-from-process-id and for 2 – meneldal Jun 08 '15 at 01:16
  • @meneldal: I'm talking about window handle in 1 and not process handle. – c00000fd Jun 08 '15 at 01:19
  • But a PID refers to a process not a window. If you have the handle on the process you should be able to get what you want from there. – meneldal Jun 08 '15 at 01:22
  • 1
    No, you can't SendMessage directly from a service to a user application. You'll have to launch a process in the user's session to send the message on your behalf. – Harry Johnston Jun 08 '15 at 02:31
  • @HarryJohnston: Yeah, thanks. That's what I thought. The problem in this case is that the screensaver may run in a logon session and as far as I know there's no way to launch a process there, correct? – c00000fd Jun 08 '15 at 02:53
  • 1
    @c00000fd: if you've got the process ID, you should be able to take the security token from the process and run your process in the same security context. A complicating factor is that I think the screensaver runs in the relevant session's secure desktop, but that's just a matter of setting the `STARTUPINFO` structure for the new process accordingly. – Harry Johnston Jun 08 '15 at 03:35
  • @HarryJohnston: Hmm. Good point. Thanks. I guess I can technically use `OpenProcessToken` to get access token for the screensaver process and then use it to run my own process using `CreateProcessAsUser`, and then from it use `EnumWindows`/`GetWindowThreadProcessId` combo to obtain `HWND` for the screensaver PID, and then use it to `SendMessage(WM_CLOSE)` to the screensaver. In theory it should work... It's just too bad that it involves so many steps + one extra executable. Or ... instead just call `TerminateProcess` on it :) – c00000fd Jun 08 '15 at 05:56
  • It's true that there aren't many screensavers that actually *need* to shut down cleanly! Maybe the seti@home screensaver, if anybody is still running it. Are there screensavers that mine bitcoins? :-) – Harry Johnston Jun 08 '15 at 20:57

0 Answers0