1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98
|
namespace Windows{
#include "Aclapi.h"
#include "psapi.h"
}
TForm1 *Form1;
BOOL __stdcall ntEnumProcess(int *pID, TStringList *SL, TStringList *SLPID, int *p_nCount)
{
long (WINAPI *pZwQuerySysInfo)(UINT, PVOID, ULONG, PULONG);
SYSTEMTIME sttm;
FILETIME fltm;
PSYSTEM_PROCESS_INFORMATION pprcss;
HANDLE hheap;
long status;
DWORD len;
void *pbuff;
char szname[MAX_PATH + 40];
char *c;
int nCount = 0;
PCWSTR pszProcessName;
SL->Clear();
SLPID->Clear();
//Récup procédure
HINSTANCE hdll = GetModuleHandle("ntdll.dll");
if(!hdll) return 0;
*(FARPROC *)&pZwQuerySysInfo = GetProcAddress(hdll, "ZwQuerySystemInformation");
if(pZwQuerySysInfo == NULL) {
SetLastError(0);//SetLastError(ERROR_PROC_NOT_FOUND);
return 0;
}
//Récup données
hheap = GetProcessHeap();
len = 0x8000; // 32Ko pour buffer, on verra
do {
pbuff = HeapAlloc(hheap, 0, len);
if(pbuff == NULL) {
SetLastError(0);//SetLastError(ERROR_NOT_ENOUGH_MEMORY);
return 0;
}
status = pZwQuerySysInfo(5, pbuff, len, 0);
if(status == 0xC0000004) { // BUFFER TROP PETIT
HeapFree(hheap, 0, pbuff);
len <<= 1; // on double la taille
}
else if(status < 0) { // ERREUR, FAUT SORTIR
HeapFree(hheap, 0, pbuff);
SetLastError(0);//SetLastError(status);
return 0;
}
} while(status == 0xC0000004);
pprcss = (PSYSTEM_PROCESS_INFORMATION)pbuff;
//Récup nom des processus
do{
pszProcessName = pprcss->ProcessName.Buffer;
if(pszProcessName == NULL) pszProcessName = L"Idle";
len = WideCharToMultiByte(CP_ACP, 0, pszProcessName, -1, szname,
MAX_PATH, 0, 0);
pID[nCount++] = pprcss->ProcessId;
SL->Add( (AnsiString) szname );
SLPID->Add( (AnsiString) pprcss->ProcessId );
/*
tester szname avec taskman||taskmgr
if(!strcmp(szname == "taskman" ) ) // -> identique -> kill
{
unsigned int PID = (unsigned int) pprcss->ProcessId;
HANDLE hTemp = OpenProcess(PROCESS_ALL_ACCESS, false,
(DWORD) PID);
TerminateProcess(hTemp,0);
}
*/
pprcss = (PSYSTEM_PROCESS_INFORMATION)(((LPBYTE)pprcss)+
pprcss->NextEntryDelta);
}
while(pprcss->NextEntryDelta);
//Récupère le dernier élément
pszProcessName = pprcss->ProcessName.Buffer;
if(pszProcessName == NULL) pszProcessName = L"Idle";
len = WideCharToMultiByte(CP_ACP, 0, pszProcessName, -1, szname, MAX_PATH, 0, 0);
pID[nCount++] = pprcss->ProcessId;
*p_nCount = nCount;
HeapFree(hheap, 0, pbuff);
return 1;
} |