Hi @all
I have a problem with Process32FirstW it returns ervery 0
with Process32FirstA have i no problems why?
I have google about it and not anything found
LOCAL ProcessInformation:PROCESSENTRY32
LOCAL hSnapShot:DWORD
mov ProcessInformation.dwSize,sizeof PROCESSENTRY32
invoke CreateToolhelp32Snapshot,TH32CS_SNAPALL,NULL
mov hSnapShot,eax
invoke Process32FirstW,hSnapShot,addr ProcessInformation
.if eax==TRUE
invoke MessageBox,0,CTEXT ("TRUE"),0,MB_OK
.endif
http://social.msdn.microsoft.com/Forums/en-US/vcmfcatl/thread/a8ed898f-1242-4c82-b29a-84433059b504/
I have solved it i must use Unicode structur
IFDEF __UNICODE__
MODULEENTRY32 equ MODULEENTRY32W
PROCESSENTRY32 equ PROCESSENTRY32W
ELSE
MODULEENTRY32 equ MODULEENTRY32A
PROCESSENTRY32 equ PROCESSENTRY32A
ENDIF ; !UNICODE
PROCESSENTRY32W STRUCT
dwSize DWORD ?
cntUsage DWORD ?
th32ProcessID DWORD ? ; this process
th32DefaultHeapID DWORD ?
th32ModuleID DWORD ? ; associated exe
cntThreads DWORD ?
th32ParentProcessID DWORD ? ; this process's parent process
pcPriClassBase DWORD ? ; Base priority of process's threads
dwFlags DWORD ?
szExeFile dw MAX_PATH dup (?)
PROCESSENTRY32W ENDS
PROCESSENTRY32A STRUCT
dwSize DWORD ?
cntUsage DWORD ?
th32ProcessID DWORD ?
th32DefaultHeapID DWORD ?
th32ModuleID DWORD ?
cntThreads DWORD ?
th32ParentProcessID DWORD ?
pcPriClassBase DWORD ?
dwFlags DWORD ?
szExeFile db MAX_PATH dup(?)
PROCESSENTRY32A ENDS
MODULEENTRY32W STRUCT
dwSize DWORD ?
th32ModuleID DWORD ? ; This module
th32ProcessID DWORD ? ; owning process
GlblcntUsage DWORD ? ; Global usage count on the module
ProccntUsage DWORD ? ; Module usage count in th32ProcessID's context
modBaseAddr DWORD ? ; Base address of module in th32ProcessID's context
modBaseSize DWORD ? ; Size in bytes of module starting at modBaseAddr
hModule DWORD ? ; The hModule of this module in th32ProcessID's context
szModule dw MAX_MODULE_NAME32+1 dup (?)
szExePath dw MAX_PATH dup (?)
MODULEENTRY32W ENDS
MODULEENTRY32A STRUCT
dwSize DWORD ?
th32ModuleID DWORD ?
th32ProcessID DWORD ?
GlblcntUsage DWORD ?
ProccntUsage DWORD ?
modBaseAddr DWORD ?
modBaseSize DWORD ?
hModule DWORD ?
szModule db MAX_MODULE_NAME32+1 dup(?)
szExePath db MAX_PATH dup(?)
MODULEENTRY32A ENDS
To Hutch can you this add to the windows.inc?
Try reading Ramon Sala's post in the MASM32 sub forum, he has addressed it with replacements.
What for a sub forum from ramon?
I have it figured out to use Process32 and Module32 apis and structs for Ansii and unicode build
And works perfect :t
IFDEF __UNICODE__
Process32First equ <Process32FirstW>
ENDIF
IFDEF __UNICODE__
Process32Next equ <Process32NextW>
ENDIF
Process32First PROTO :DWORD,:DWORD
Process32FirstW PROTO :DWORD,:DWORD
Process32Next PROTO :DWORD,:DWORD
Process32NextW PROTO :DWORD,:DWORD
IFDEF __UNICODE__
Module32First equ <Module32FirstW>
ENDIF
IFDEF __UNICODE__
Module32Next equ <Module32NextW>
ENDIF
Module32First PROTO STDCALL :DWORD,:DWORD
Module32FirstW PROTO STDCALL :DWORD,:DWORD
Module32Next PROTO STDCALL :DWORD,:DWORD
Module32NextW PROTO STDCALL :DWORD,:DWORD
IFDEF __UNICODE__
PROCESSENTRY32 equ PROCESSENTRY32W
ELSE
PROCESSENTRY32 equ PROCESSENTRY32A
ENDIF ; !UNICODE
IFDEF __UNICODE__
MODULEENTRY32 equ MODULEENTRY32W
ELSE
MODULEENTRY32 equ MODULEENTRY32A
ENDIF ; !UNICODE
PROCESSENTRY32W STRUCT
dwSize DWORD ?
cntUsage DWORD ?
th32ProcessID DWORD ? ; this process
th32DefaultHeapID DWORD ?
th32ModuleID DWORD ? ; associated exe
cntThreads DWORD ?
th32ParentProcessID DWORD ? ; this process's parent process
pcPriClassBase DWORD ? ; Base priority of process's threads
dwFlags DWORD ?
szExeFile dw MAX_PATH dup (?)
PROCESSENTRY32W ENDS
PROCESSENTRY32A STRUCT
dwSize DWORD ?
cntUsage DWORD ?
th32ProcessID DWORD ?
th32DefaultHeapID DWORD ?
th32ModuleID DWORD ?
cntThreads DWORD ?
th32ParentProcessID DWORD ?
pcPriClassBase DWORD ?
dwFlags DWORD ?
szExeFile db MAX_PATH dup(?)
PROCESSENTRY32A ENDS
MODULEENTRY32W STRUCT
dwSize DWORD ?
th32ModuleID DWORD ? ; This module
th32ProcessID DWORD ? ; owning process
GlblcntUsage DWORD ? ; Global usage count on the module
ProccntUsage DWORD ? ; Module usage count in th32ProcessID's context
modBaseAddr DWORD ? ; Base address of module in th32ProcessID's context
modBaseSize DWORD ? ; Size in bytes of module starting at modBaseAddr
hModule DWORD ? ; The hModule of this module in th32ProcessID's context
szModule dw MAX_MODULE_NAME32+1 dup (?)
szExePath dw MAX_PATH dup (?)
MODULEENTRY32W ENDS
MODULEENTRY32A STRUCT
dwSize DWORD ?
th32ModuleID DWORD ?
th32ProcessID DWORD ?
GlblcntUsage DWORD ?
ProccntUsage DWORD ?
modBaseAddr DWORD ?
modBaseSize DWORD ?
hModule DWORD ?
szModule db MAX_MODULE_NAME32+1 dup(?)
szExePath db MAX_PATH dup(?)
MODULEENTRY32A ENDS
Hi ragdog,
You can check this thread :
A pair of bugs in Kernel32.lib and kernlp.lib (http://masm32.com/board/index.php?topic=506.0)
Not a bug but a problem of define with masm.
The usual way to define ansi and unicode function is to add a A or a W at the end of the function.
Here it's not the case,there is only Process32First and Process32FirstW.
Like that There is a problem with masm.
Quote
Process32NextW PROTO :DWORD ,:DWORD
Process32First PROTO :DWORD ,:DWORD
IFDEF UNICODE
Process32First equ < Process32FirstW>
ENDIF
When use of unicode you got error "A2005:symbol redefinition Process32First "
This don't happen with the c++.
To avoid this:
Quote
Process32NextW PROTO :DWORD ,:DWORD
IFDEF UNICODE
Process32First equ < Process32FirstW>
ELSE
Process32First PROTO :DWORD ,:DWORD
ENDIF
The Process32First prototype is only define in ansi version.
As this , there is no more problem and you can switch from ansi to unicode,the both work.
Later:
The masm32 lib haven't _Process32First@8
Quote
_Process32First@8 ;only in sdk windows lib kernel32.lib
_Process32FirstW@8
_Process32Next@8
_Process32NextW@8
we covered this problem in depth in the old forum...
http://www.masmforum.com/board/index.php?topic=18294.0 (http://www.masmforum.com/board/index.php?topic=18294.0)
http://www.masmforum.com/board/index.php?topic=18850.0 (http://www.masmforum.com/board/index.php?topic=18850.0)
http://www.masmforum.com/board/index.php?topic=18900.0 (http://www.masmforum.com/board/index.php?topic=18900.0)
@Dave
My last post Definition works fine to build ansi and unicode :t
http://masm32.com/board/index.php?topic=716.msg5998#msg5998
I still fail to see what all the noise is about, Ramon Sala reported the problem some time ago then subsequently posted a solution to rebuilding the library. All of this noise is something like re-inventing the wheel, its already been done.
Hi all,
(Hutch: Thanks)
In the link below there is a downloadable zip (kernel32.zip) fixing the problem. Just replace the kernel32.inc and kernel32.lib from Masm32 corresponding folders with those coming in the mentioned zip file.
http://masm32.com/board/index.php?topic=506.0
Regards,
Ramon
Thanks to all
But now have i the next question why have Module32FirstW
MODULEENTRY32W.szModule not a russian file name
Here is my Project
Start "Тест Программа.exe" and run bdrt.exe for list processes
it print only "C:\Radasm3\Masm\Projects\bdrt\???? ?????????.exe"
Why?
Greets,
Quote from: ragdog on September 28, 2012, 11:03:00 PM
Start "Тест Программа.exe" and run bdrt.exe for list processes
it print only "C:\Radasm3\Masm\Projects\bdrt\???? ?????????.exe"
Looks like you are printing an ANSI string that once was a Unicode string. Check at which point the "wrong" conversion took place. Or write it to a file, zip it and post it here.
Sorry i forgot to upload my project :badgrin:
Olly says this:
0012F950 3F 00 3F 00|3F 00 3F 00|3F 00 20 00|3F 00 3F 00| ? ? ? ? ? ? ?
0012F960 3F 00 3F 00|3F 00 3F 00|3F 00 3F 00|3F 00 3F 00| ? ? ? ? ? ? ? ?
0012F970 2E 00 65 00|78 00 65 00|00 00 00 00|00 00 00 00| . e x e
So Module32FirstW creates crippled Unicode.
Yes Jochen i know my first address was look in olly
But why make this crippled Unicode
Ok i know i can use GetModuleFileNameExW and i have the correct filename
but i think is must work with Module32FirstW ::)
you may try GetModuleFileNameEx:
include \masm32\include\Psapi.inc
includelib \masm32\lib\Psapi.lib
...
start:
invoke SetConsoleOutputCP,1251 ; maybe not needed on you computer?
...
LOCAL wsz[MAX_PATH]:WCHAR
...
invoke GetModuleFileNameExW,hProcess,ModuleInformation.hModule,ADDR wsz,LENGTHOF wsz
Quoteyou may try GetModuleFileNameEx:
I have say
QuoteOk i know i can use GetModuleFileNameExW and i have the correct filename
I wonder why Module32FirstW not fill the structur for
szModule WCHAR MAX_MODULE_NAME32+1 dup (?)
szExePath WCHAR MAX_PATH dup (?)
MODULEENTRY32W ENDS
or Process32FirstW
szExeFile WCHAR MAX_PATH dup (?)
PROCESSENTRY32W ENDS
for get the Filename or Exe Path
Current use i in my code
; ---icon + Path---
mov eax,ProcessInformation.th32ProcessID
invoke OpenProcess,PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, FALSE,eax
mov ebx,eax
invoke GetModuleFileNameExW,ebx,NULL,addr buffer,256