Today I came observed the Windows Explorer process loading another PE executable file but there was no subsequent process launch. The only explanations I could find were in regards to DLL executables behaving this way so that the loading process could use functions.
I have noticed Explorer doing this with programs such as Internet Explorer, additional Explorer processes and rundll32.exe.
What would cause a process to load a module but then not actually execute the module to create a new process? Why does this type of activity occur?
Related
I have a LabView application that uses an external C DLL. When I run my application in the development environment, the DLL is blocked even after the the app is closed.
When I want to overwrite or delete the DLL, I have to first close LabView completely.
Is this a known issue? Can anyone offer a solution for this problem?
Yes, you must do two things in your LabVIEW application:
Specify the path to the library on the block diagram rather than in the configuration dialog (which changes LabVIEW's behavior from load-time linking to run-time linking).
When you're done using the DLL node, wire a null path to tell LabVIEW that you're done using it (which causes Windows' reference count to decrement to 0 and the OS will unlock the file).
More details here: Can I Dynamically Load and Unload a DLL in LabVIEW?
I am using JSmooth to generate EXE for my Java application. If I run the executable as administrator, the Java process runs within the same process as the executable. Otherwise it spawns a new javaw process. I would like for the java process to always run in the same process as the executable.
How can I make the executable to not spawn new process for javaw?
Not sure if you found the answer to this as I begun using JSmooth but if you look under "Skeleton" and select "Windowed Wrapper", you will see the option to "Launch java app in the exe process" checkbox. I believe this is what you're looking for.
I have a W2K8 box running some automation software.
Once of the drivers that I need to load for it adds a dll into a sub-folder of the program (in Program Files (x86)).
When the program tries to load the driver it spits out an error that it can't find the file. The location that it is looking for the file is correct and if I browse to that location the file is definaelty there.
Other drivers that use similar techniology (i.e. dll's in that same folder) are working fine, in that they find there dll and load up.
If I install the software on a XP/Win7/W2k3 OS it all works fine for the driver in question.
Is there something funky that the OS is doing that is not making the file visible to the program. The account that the servive for this program is running under is an admin account, the same account that I am loggedin with on the console.
I am told that the drivers are all C++ based drivers if that makes any difference.
Thats for any leads
Mick
Just off hand, it sounds like a permissions issue. That the application in question doesn't have access to the Program Files folder. Is this something you have checked? If not, I would start there.
I have an external Windows .exe that is actually Java application: Running the .exe starts javaw.exe, which in turn runs that Java application.
I didn't write that application and have no access to it through an API. I need to be able to kill it, however. So right now I just kill the Windows process javaw.exe, which is fine for a test machine running only that Java application but if I need finer granularity, I cannot currently do so.
My searches yielded suggestions such as Sysinternal's Process Explorer or the jps command in the JDK, but in the target systems for which I intend to provide the script, neither JDK nor Sysinternal's Process Explorer can be running.
Is there any other way that doesn't require an external tool? Does javaw.exe have a switch or command line option that lists Java processes? Is there a JRE version of jps?
Thanks.
I'd still suggest just killing the javaw.exe.
I can't see the downside, since it is the process you want to kill after all.
Remember that if you run multiple applications on the machine, they should each have a separate JVM instance. So you can still kill the specific application if you need to.
The JDK (and possibly the JRE) ship with a utility called jps which can list all Java processes but also tell you the Main-Class currently running in that JVM. If JMX/JConsole is not an option, simply parsing the output of "jps -ml" and killing the appropriate process may work.
If you want to kill an entire JVM, just kill the javaw.exe process. Within a JVM there can be multiple Java threads but there's no way to poke into a JVM and terminate a thread unless the developer of the application provided a method to do so.
Based on your comment, multiple javaw.exe programs are running and you need to know which one to kill.
You might want to try connecting to each of the processes with JConsole and inspect the JVM. There may be enough clues to determine which one to kill. Once you've identified the profile of your application, you should be able to script the logic to make it easier in the future (use JMX to get most of the information provided by JConsole).
If the executable launches javaw then exits without providing any further information it seems like you need to use your scripting language to take a snapshot of running processes on the machine before launching the executable and after the executable has finished. Then you'll be able to deduce which is the new javaw process. What scripting language are you using?
Just another approach: if you have the jdk, there is a program called jvisualVM in the bin folder. It has nice info about each running JVM context. One of the things you can see is the PID of the VM, which I use to kill the process in Windows using task manager (on windows PID is not shown by default, but you can easily enable the column by going into view -> show columns )
We created a plugin; it is a DLL (Run-Time Dynamic Linking) which uses a 3rd party library (wxWidgets) and also links dynamically to that. The host software seems to scan our plugin, but exported functions are not called. We checked all dependencies with DependencyWalker.
We see in the debugger that the plugin is loaded, but the DllMain is not called, and the plugin is unloaded.
We tried loading our plugin from a simple test application using LoadLibrary and GetProcAddress which recognized and called the exported functions.
Having wxWidgets linked statically worked fine, though.
Does anyone have an idea why the exported function, respectively DllMain are not called, or can point out a tool which is capable to monitor the whole DLL loading process?
If wxWidgets is loaded already into the process address space before your plugin is loaded (the host app could do that, or there might be another plugin linking to wxWidgets which is loaded before yours), then there might be a chance that it is another version, missing some of the entry points that your plugin needs. Running the host app under DependencyWalker or WinDbg should show you which wxWidgets DLL is loaded, and you could try to load your plugin from your test app using exactly the same wxWidgets DLL. That should reveal whether there are missing dependencies.
Perhaps the host software does some funky things when loading the plugin and doesn't like wxWindows.
Anyways, try using the ProcessExplorer from the SysInternals suite to check what the process is doing.