General Programming | [C++] Problem getting process list.

Author	Message	Time
CupHead	First, I used EnumProcesses from the PSAPI, which only returned processes that were owned by me. Next, I tried this: (Comments removed for brevity.) [code] #include <windows.h> #include <tlhelp32.h> #include <stdio.h> BOOL GetProcessModule (DWORD dwPID, DWORD dwModuleID, LPMODULEENTRY32 lpMe32, DWORD cbMe32) { BOOL bRet = FALSE; BOOL bFound = FALSE; HANDLE hModuleSnap = NULL; MODULEENTRY32 me32 = {0}; hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPID); if (hModuleSnap == INVALID_HANDLE_VALUE) { printf("Creating snapshot of process ID %d failed with error %d...\n", dwPID, GetLastError()); return (FALSE); } me32.dwSize = sizeof(MODULEENTRY32); if (Module32First(hModuleSnap, &me32)) { do { if (me32.th32ModuleID == dwModuleID) { CopyMemory (lpMe32, &me32, cbMe32); bFound = TRUE; } } while (!bFound && Module32Next(hModuleSnap, &me32)); bRet = bFound; } else bRet = FALSE; CloseHandle (hModuleSnap); return (bRet); } BOOL GetProcessList () { HANDLE hProcessSnap = NULL; BOOL bRet = FALSE; PROCESSENTRY32 pe32 = {0}; hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if (hProcessSnap == INVALID_HANDLE_VALUE) { printf("Snapshot returned invalid handle value...\n"); return (FALSE); } pe32.dwSize = sizeof(PROCESSENTRY32); if (Process32First(hProcessSnap, &pe32)) { DWORD dwPriorityClass; BOOL bGotModule = FALSE; MODULEENTRY32 me32 = {0}; do { bGotModule = GetProcessModule(pe32.th32ProcessID, pe32.th32ModuleID, &me32, sizeof(MODULEENTRY32)); if (bGotModule) { HANDLE hProcess; hProcess = OpenProcess (PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID); dwPriorityClass = GetPriorityClass (hProcess); CloseHandle (hProcess); printf( "\nPriority Class Base\t%d\n", pe32.pcPriClassBase); printf( "PID\t\t\t%d\n", pe32.th32ProcessID); printf( "Thread Count\t\t%d\n", pe32.cntThreads); printf( "Module Name\t\t%s\n", me32.szModule); printf( "Full Path\t\t%s\n\n", me32.szExePath); } else { printf("Was not able to GetProcessModule()...\n"); } } while (Process32Next(hProcessSnap, &pe32)); bRet = TRUE; } else printf("Could not walk the list of processes...\n"); bRet = FALSE; CloseHandle (hProcessSnap); return (bRet); } void main() { if(!GetProcessList()) printf("Was not able to get process list.\n"); } [/code] Anyway, that gets me error 5 (Access denied.) when I try to create the module snapshot. (There is a NT priv. that I do not have which disallows getting the profile of a single process.) However, neither of these methods is returning a complete list of processes, the first because it only lists mine, the second because part of the calls are failing. However, Task Manager (taskmgr) is able to get and list all of the processes and their owners. Anyone know how this is done programatically?	July 27, 2003, 4:15 AM
iago	Decompile taskmgr.exe! :P	July 27, 2003, 11:57 AM
CupHead	Not the answer I was looking for.	July 27, 2003, 3:11 PM
K	You cannot get a complete list of processes without certain permissions, AFAIK. The OpenProcess() call will fail on certain system processes, like the System Idle Process. You can look at the code I posted here: http://www.vbforums.com/showthread.php?s=&threadid=249578 (CornedBee's updated version is probably better) for closing a process by its filename; you should be find the applicable code in the GetProcessIdFromName() function.	July 27, 2003, 4:31 PM
Grok	Use ToolHelp. Search for ProcessFirst() and ProcessNext() functions. CupHead, see chapter 4 in the ebook "Programm Applications for Windows" by Jeffrey Richter. Code Sample 4-6 ProcessInfo should give you some ideas. It was written for Windows 2000, but you might be able to adapt it for Windows 2003.	July 27, 2003, 4:46 PM
Eibro	[quote author=Grok link=board=5;threadid=2093;start=0#msg16147 date=1059324387] Use ToolHelp. Search for ProcessFirst() and ProcessNext() functions. [/quote]He is, isn't he? (Well, Process32First() and Process32Next())	July 27, 2003, 4:54 PM
iago	[quote author=Grok link=board=5;threadid=2093;start=0#msg16147 date=1059324387]CupHead, see chapter 4 in the ebook "Programm Applications for Windows" by Jeffrey Richter. Code Sample 4-6 ProcessInfo should give you some ideas. It was written for Windows 2000, but you might be able to adapt it for Windows 2003. [/quote] http://www.valhallalegends.com/iago/windows.chm	July 28, 2003, 7:11 AM

First, I used EnumProcesses from the PSAPI, which only returned processes that were owned by me. Next, I tried this: (Comments removed for brevity.)

[code]
#include <windows.h>
#include <tlhelp32.h>
#include <stdio.h>

BOOL GetProcessModule (DWORD dwPID, DWORD dwModuleID,
LPMODULEENTRY32 lpMe32, DWORD cbMe32)
{
BOOL bRet = FALSE;
BOOL bFound = FALSE;
HANDLE hModuleSnap = NULL;
MODULEENTRY32 me32 = {0};

hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPID);
if (hModuleSnap == INVALID_HANDLE_VALUE) {
      printf("Creating snapshot of process ID %d failed with error %d...\n", dwPID, GetLastError());
return (FALSE);
   }

me32.dwSize = sizeof(MODULEENTRY32);

if (Module32First(hModuleSnap, &me32))
{
do
{
if (me32.th32ModuleID == dwModuleID)
{
CopyMemory (lpMe32, &me32, cbMe32);
bFound = TRUE;
}
}
while (!bFound && Module32Next(hModuleSnap, &me32));

bRet = bFound;
}
else
bRet = FALSE;

CloseHandle (hModuleSnap);

return (bRet);
}

BOOL GetProcessList ()
{
HANDLE hProcessSnap = NULL;
BOOL bRet = FALSE;
PROCESSENTRY32 pe32 = {0};

hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

if (hProcessSnap == INVALID_HANDLE_VALUE) {
      printf("Snapshot returned invalid handle value...\n");
return (FALSE);
   }

pe32.dwSize = sizeof(PROCESSENTRY32);

if (Process32First(hProcessSnap, &pe32))
{
DWORD dwPriorityClass;
BOOL bGotModule = FALSE;
MODULEENTRY32 me32 = {0};

do
{
bGotModule = GetProcessModule(pe32.th32ProcessID,
pe32.th32ModuleID, &me32, sizeof(MODULEENTRY32));

if (bGotModule)
{
HANDLE hProcess;

hProcess = OpenProcess (PROCESS_ALL_ACCESS,
FALSE, pe32.th32ProcessID);
dwPriorityClass = GetPriorityClass (hProcess);
CloseHandle (hProcess);

printf( "\nPriority Class Base\t%d\n",
pe32.pcPriClassBase);
printf( "PID\t\t\t%d\n", pe32.th32ProcessID);
printf( "Thread Count\t\t%d\n", pe32.cntThreads);
printf( "Module Name\t\t%s\n", me32.szModule);
printf( "Full Path\t\t%s\n\n", me32.szExePath);
} else {
            printf("Was not able to GetProcessModule()...\n");
         }
}
while (Process32Next(hProcessSnap, &pe32));
bRet = TRUE;
}
else
      printf("Could not walk the list of processes...\n");
bRet = FALSE;

CloseHandle (hProcessSnap);
return (bRet);
}

void main() {
   if(!GetProcessList())
      printf("Was not able to get process list.\n");
}
[/code]

Anyway, that gets me error 5 (Access denied.) when I try to create the module snapshot. (There is a NT priv. that I do not have which disallows getting the profile of a single process.) However, neither of these methods is returning a complete list of processes, the first because it only lists mine, the second because part of the calls are failing. However, Task Manager (taskmgr) is able to get and list all of the processes and their owners. Anyone know how this is done programatically?

Valhalla Legends Forums Archive | General Programming | [C++] Problem getting process list.