#include $LIBRARY TYPE PROCLIST DIM count% DIM name$[1024] DIM pid%[1024] DIM path$[1024] DIM priority%[1024] END TYPE '$COMMENT DIM tPL AS PROCLIST ProcessList(&tPL, "") FOR INTEGER iCC = 0 TO (tPL.count - 1) Print "+++++" & CRLF$ & _ "[" & (iCC) & " ] = " & tPL.name$[iCC] & CRLF$ & _ "PID:" & str$((int)tPL.pid[iCC]) & CRLF$ & _ "PATH: " & tPL.path$[iCC] & CRLF$ & _ "PRIORITY:" & str$(tPL.priority[iCC]) NEXT iCC PRINT "Total processes received: " & (tPL.count) '$COMMENT pause FUNCTION ProcessList OPTIONAL(BYREF taPL AS PROCLIST, sExeSearch$ = "") IF sExeSearch = "" THEN FUNCTION = smk_ProcessListHandler(&taPL) LOCAL nRValue AS INTEGER LOCAL tTmpPL AS PROCLIST LOCAL sTempExe AS STRING LOCAL nCountMatch AS INTEGER tTmpPL = taPL nRValue = smk_ProcessListHandler(&tTmpPL) IF nRValue = 0 THEN FUNCTION = 0 'Are we looking for all instances of 1 Process, or all of them IF RIGHT$(LCASE$(sExeSearch), 4) <> ".exe" THEN sTempExe = sExeSearch & ".exe" sTempExe = LCASE$(sTempExe) FOR INTEGER i = 0 TO tTmpPL.count - 1 IF LCASE$(tTmpPL.name[i]) = sTempExe THEN taPL.name$[nCountMatch] = tTmpPL.name[i] taPL.pid[nCountMatch] = tTmpPL.pid[i] taPL.path$[nCountMatch] = tTmpPL.path[i] taPL.priority[nCountMatch] = tTmpPL.priority[i] nCountMatch++ ENDIF NEXT i taPL.count = nCountMatch IF nCountMatch > 0 THEN FUNCTION = 1 FUNCTION = 0 END FUNCTION FUNCTION smk_ProcessListHandler(BYREF taPL AS PROCLIST) LOCAL aPList[1024] AS DWORD LOCAL cbNeeded AS DWORD LOCAL szProcessName[MAX_PATH+1] AS TCHAR LOCAL hProcess AS HANDLE LOCAL hMod AS HMODULE LOCAL ncbNeeded AS DWORD LOCAL szProcessPath[MAX_PATH+1] AS TCHAR LOCAL nCountProcesses AS INTEGER 'Get all the ProcessId's IF EnumProcesses(aPList, sizeof(aPList), &cbNeeded) = 0 THEN FUNCTION = 0 taPL.count = (cbNeeded / sizeof(DWORD)) - 1 FOR INTEGER i = 0 TO taPL.count IF (aPList[i] != 0) THEN 'Get the Process Handle from the PID hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | _ PROCESS_VM_READ, FALSE, aPList[i]) 'If we don't have the right permissions to read or query set below IF hProcess = 0 THEN IF (ProcessSetPrivilege()) THEN 'Now that we have permission, get the process handle hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | _ PROCESS_VM_READ, FALSE, aPList[i]) ENDIF ENDIF 'Get an array of all the open modules for the process 'Will make an exception for 64 bit OS later on (doubt 95/98/ME added) EnumProcessModules(hProcess, &hMod, sizeof(hMod), &ncbNeeded) 'Pass the module array to get the ansi file name GetModuleBaseNameA(hProcess, hMod, szProcessName, (DWORD)261) 'Pass the module array to get the ansi file path '(may look at _splitpath for later for basename) GetModuleFileNameExA(hProcess, hMod, szProcessPath, (DWORD)261) taPL.name$[nCountProcesses] = szProcessName$ taPL.pid[nCountProcesses] = (int)aPList[i] taPL.path$[nCountProcesses] = szProcessPath$ taPL.priority[nCountProcesses] = (int)GetPriorityClass(hProcess) nCountProcesses++ CloseHandle(hProcess) ENDIF NEXT i taPL.count = nCountProcesses FUNCTION = 1 END FUNCTION FUNCTION ProcessSetPrivilege OPTIONAL(lpszPrivilege AS LPCTSTR = SE_DEBUG_NAME, _ bEnablePrivilege AS BOOL = 1) AS BOOL LOCAL tp AS TOKEN_PRIVILEGES LOCAL luid AS LUID LOCAL hToken AS HANDLE LOCAL hProcess AS HANDLE 'Get the current processes thread handle hProcess = GetCurrentProcess() 'Make sure we at least have query rights and open the token for adjusting IF OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES , &hToken) = 0 THEN CloseHandle(hToken) FUNCTION = 0 ENDIF 'If we don't have the rights we need return false IF LookupPrivilegeValue(NULL, lpszPrivilege, &luid) = 0 THEN CloseHandle(hToken) FUNCTION = 0 ENDIF tp.PrivilegeCount = 1 tp.Privileges[0].Luid = luid IF (bEnablePrivilege) THEN tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED ELSE tp.Privileges[0].Attributes = 0 ENDIF 'Add the lpszPrivilege request (in this case default is debug) IF AdjustTokenPrivileges(hToken, 0, &tp, SIZEOF(TOKEN_PRIVILEGES), _ (PTOKEN_PRIVILEGES)NULL, (PDWORD)NULL) = 0 THEN CloseHandle(hToken) FUNCTION = 0 ENDIF 'If for some reason we were not granted rights, return false IF (GetLastError() = ERROR_NOT_ALL_ASSIGNED) THEN CloseHandle(hToken) FUNCTION = 0 ENDIF CloseHandle(hToken) FUNCTION = 1 END FUNCTION