Valhalla Legends Archive

First, I used EnumProcesses from the PSAPI, which only returned processes that were owned by me.  Next, I tried this:  (Comments removed for brevity.)


#include <windows.h>
#include <tlhelp32.h>
#include <stdio.h>

BOOL GetProcessModule (DWORD dwPID, DWORD dwModuleID,
    LPMODULEENTRY32 lpMe32, DWORD cbMe32)
{
   BOOL          bRet        = FALSE;
   BOOL          bFound      = FALSE;
   HANDLE        hModuleSnap = NULL;
   MODULEENTRY32 me32        = {0};

   hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPID);
   if (hModuleSnap == INVALID_HANDLE_VALUE) {
      printf("Creating snapshot of process ID %d failed with error %d...\n", dwPID, GetLastError());
       return (FALSE);
   }

   me32.dwSize = sizeof(MODULEENTRY32);

   if (Module32First(hModuleSnap, &me32))
   {
       do
       {
           if (me32.th32ModuleID == dwModuleID)
           {
               CopyMemory (lpMe32, &me32, cbMe32);
               bFound = TRUE;
           }
       }
       while (!bFound && Module32Next(hModuleSnap, &me32));

       bRet = bFound;
   }
   else
       bRet = FALSE;

   CloseHandle (hModuleSnap);

   return (bRet);
}

BOOL GetProcessList ()
{
   HANDLE         hProcessSnap = NULL;
   BOOL           bRet      = FALSE;
   PROCESSENTRY32 pe32      = {0};

   hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

   if (hProcessSnap == INVALID_HANDLE_VALUE) {
      printf("Snapshot returned invalid handle value...\n");
       return (FALSE);
   }

   pe32.dwSize = sizeof(PROCESSENTRY32);

   if (Process32First(hProcessSnap, &pe32))
   {
       DWORD         dwPriorityClass;
       BOOL          bGotModule = FALSE;
       MODULEENTRY32 me32       = {0};

       do
       {
           bGotModule = GetProcessModule(pe32.th32ProcessID,
               pe32.th32ModuleID, &me32, sizeof(MODULEENTRY32));

           if (bGotModule)
           {
               HANDLE hProcess;

                hProcess = OpenProcess (PROCESS_ALL_ACCESS,
                   FALSE, pe32.th32ProcessID);
               dwPriorityClass = GetPriorityClass (hProcess);
               CloseHandle (hProcess);

               printf( "\nPriority Class Base\t%d\n",
                   pe32.pcPriClassBase);
               printf( "PID\t\t\t%d\n", pe32.th32ProcessID);
               printf( "Thread Count\t\t%d\n", pe32.cntThreads);
               printf( "Module Name\t\t%s\n", me32.szModule);
               printf( "Full Path\t\t%s\n\n", me32.szExePath);
           } else {
            printf("Was not able to GetProcessModule()...\n");
         }
       }
       while (Process32Next(hProcessSnap, &pe32));
       bRet = TRUE;
   }
   else
      printf("Could not walk the list of processes...\n");
       bRet = FALSE;

   CloseHandle (hProcessSnap);
   return (bRet);
}

void main() {
   if(!GetProcessList())
      printf("Was not able to get process list.\n");
}


Anyway, that gets me error 5 (Access denied.) when I try to create the module snapshot.  (There is a NT priv. that I do not have which disallows getting the profile of a single process.)  However, neither of these methods is returning a complete list of processes, the first because it only lists mine, the second because part of the calls are failing.  However, Task Manager (taskmgr) is able to get and list all of the processes and their owners.  Anyone know how this is done programatically?

Decompile taskmgr.exe!

Not the answer I was looking for.

You cannot get a complete list of processes without certain permissions, AFAIK.  The OpenProcess() call will fail on certain system processes, like the System Idle Process. You can look at the code I posted here: http://www.vbforums.com/showthread.php?s=&threadid=249578 (CornedBee's updated version is probably better) for closing a process by its filename; you should be find the applicable code in the GetProcessIdFromName() function.

Use ToolHelp.

Search for ProcessFirst() and ProcessNext() functions.

CupHead, see chapter 4 in the ebook "Programm Applications for Windows" by Jeffrey Richter.  Code Sample 4-6 ProcessInfo should give you some ideas.  It was written for Windows 2000, but you might be able to adapt it for Windows 2003.

Quote from: Grok on July 27, 2003, 11:46 AM
Use ToolHelp.

Search for ProcessFirst() and ProcessNext() functions.

He is, isn't he? (Well, Process32First() and Process32Next())

Quote from: Grok on July 27, 2003, 11:46 AMCupHead, see chapter 4 in the ebook "Programm Applications for Windows" by Jeffrey Richter.  Code Sample 4-6 ProcessInfo should give you some ideas.  It was written for Windows 2000, but you might be able to adapt it for Windows 2003.

http://www.valhallalegends.com/iago/windows.chm