[1] | 1 | ' api_tlhelp32.sbp
|
---|
| 2 |
|
---|
| 3 | Const MAX_MODULE_NAME32 = 255
|
---|
| 4 |
|
---|
| 5 |
|
---|
| 6 |
|
---|
| 7 | '-----------------------
|
---|
| 8 | ' Shapshot function
|
---|
| 9 | '-----------------------
|
---|
| 10 |
|
---|
| 11 | Const TH32CS_SNAPHEAPLIST = &H00000001
|
---|
| 12 | Const TH32CS_SNAPPROCESS = &H00000002
|
---|
| 13 | Const TH32CS_SNAPTHREAD = &H00000004
|
---|
| 14 | Const TH32CS_SNAPMODULE = &H00000008
|
---|
| 15 | Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST or TH32CS_SNAPPROCESS or TH32CS_SNAPTHREAD or TH32CS_SNAPMODULE)
|
---|
| 16 | Const TH32CS_INHERIT = &H80000000
|
---|
| 17 | Declare Function CreateToolhelp32Snapshot Lib "kernel32" (dwFlags As DWord, th32ProcessID As DWord) As HANDLE
|
---|
| 18 |
|
---|
| 19 |
|
---|
| 20 |
|
---|
| 21 | '-----------------------
|
---|
| 22 | ' heap walking
|
---|
| 23 | '-----------------------
|
---|
| 24 |
|
---|
| 25 | Type HEAPLIST32
|
---|
| 26 | dwSize As DWord
|
---|
| 27 | th32ProcessID As DWord
|
---|
| 28 | th32HeapID As DWord
|
---|
| 29 | dwFlags As DWord
|
---|
| 30 | End Type
|
---|
| 31 | TypeDef PHEAPLIST32 = *HEAPLIST32
|
---|
| 32 | TypeDef LPHEAPLIST32 = *HEAPLIST32
|
---|
| 33 |
|
---|
| 34 | 'dwFlags
|
---|
| 35 | Const HF32_DEFAULT = 1 ' process's default heap
|
---|
| 36 | Const HF32_SHARED = 2 ' is shared heap
|
---|
| 37 |
|
---|
| 38 | Declare Function Heap32ListFirst Lib "kernel32" (hSnapshot As HANDLE, ByRef hi As HEAPLIST32) As BOOL
|
---|
| 39 | Declare Function Heap32ListNext Lib "kernel32" (hSnapshot As HANDLE, ByRef hi As HEAPLIST32) As BOOL
|
---|
| 40 |
|
---|
| 41 | Type HEAPENTRY32
|
---|
| 42 | dwSize As DWord
|
---|
| 43 | hHandle As DWord
|
---|
| 44 | dwAddress As DWord
|
---|
| 45 | dwBlockSize As DWord
|
---|
| 46 | dwFlags As DWord
|
---|
| 47 | dwLockCount As DWord
|
---|
| 48 | dwResvd As DWord
|
---|
| 49 | th32ProcessID As DWord
|
---|
| 50 | th32HeapID As DWord
|
---|
| 51 | End Type
|
---|
| 52 | TypeDef PHEAPENTRY32 = *HEAPENTRY32
|
---|
| 53 | TypeDef LPHEAPENTRY32 = *HEAPENTRY32
|
---|
| 54 |
|
---|
| 55 | 'dwFlags
|
---|
| 56 | Const LF32_FIXED = &H00000001
|
---|
| 57 | Const LF32_FREE = &H00000002
|
---|
| 58 | Const LF32_MOVEABLE = &H00000004
|
---|
| 59 |
|
---|
| 60 | Declare Function Heap32First Lib "kernel32" (ByRef he As HEAPENTRY32, th32ProcessID As DWord, th32HeapID As DWord) As BOOL
|
---|
| 61 | Declare Function Heap32Next Lib "kernel32" (ByRef he As HEAPENTRY32) As BOOL
|
---|
| 62 |
|
---|
| 63 | Declare Function Toolhelp32ReadProcessMemory Lib "kernel32" (th32ProcessID As DWord, lpBaseAddress As VoidPtr, lpBuffer As VoidPtr, cbRead As DWord, ByRef NumberOfBytesRead As DWord) As BOOL
|
---|
| 64 |
|
---|
| 65 |
|
---|
| 66 |
|
---|
| 67 | '-----------------------
|
---|
| 68 | ' Process walking
|
---|
| 69 | '-----------------------
|
---|
| 70 |
|
---|
| 71 | Type PROCESSENTRY32
|
---|
| 72 | dwSize As DWord
|
---|
| 73 | cntUsage As DWord
|
---|
| 74 | th32ProcessID As DWord
|
---|
| 75 | th32DefaultHeapID As DWord
|
---|
| 76 | th32ModuleID As DWord
|
---|
| 77 | cntThreads As DWord
|
---|
| 78 | th32ParentProcessID As DWord
|
---|
| 79 | pcPriClassBase As Long
|
---|
| 80 | dwFlags As DWord
|
---|
| 81 | szExeFile[ELM(MAX_PATH)] As Byte
|
---|
| 82 | End Type
|
---|
| 83 | TypeDef PPROCESSENTRY32 = *PROCESSENTRY32
|
---|
| 84 | TypeDef LPPROCESSENTRY32 = *PROCESSENTRY32
|
---|
| 85 |
|
---|
| 86 | Declare Function Process32First Lib "kernel32" (hSnapshot As HANDLE, ByRef pe As PROCESSENTRY32) As BOOL
|
---|
| 87 | Declare Function Process32Next Lib "kernel32" (hSnapshot As HANDLE, ByRef pe As PROCESSENTRY32) As BOOL
|
---|
| 88 |
|
---|
| 89 |
|
---|
| 90 |
|
---|
| 91 | '-----------------------
|
---|
| 92 | ' Thread walking
|
---|
| 93 | '-----------------------
|
---|
| 94 |
|
---|
| 95 | Type THREADENTRY32
|
---|
| 96 | dwSize As DWord
|
---|
| 97 | cntUsage As DWord
|
---|
| 98 | th32ThreadID As DWord
|
---|
| 99 | th32OwnerProcessID As DWord
|
---|
| 100 | tpBasePri As Long
|
---|
| 101 | tpDeltaPri As Long
|
---|
| 102 | dwFlags As DWord
|
---|
| 103 | End Type
|
---|
| 104 | TypeDef PTHREADENTRY32 = *THREADENTRY32
|
---|
| 105 | TypeDef LPTHREADENTRY32 = *THREADENTRY32
|
---|
| 106 |
|
---|
| 107 | Declare Function Thread32First Lib "kernel32" (hSnapshot As HANDLE, ByRef te As THREADENTRY32) As BOOL
|
---|
| 108 | Declare Function Thread32Next Lib "kernel32" (hSnapshot As HANDLE, ByRef te As THREADENTRY32) As BOOL
|
---|
| 109 |
|
---|
| 110 |
|
---|
| 111 |
|
---|
| 112 | '-----------------------
|
---|
| 113 | ' Module walking
|
---|
| 114 | '-----------------------
|
---|
| 115 |
|
---|
| 116 | Type MODULEENTRY32
|
---|
| 117 | dwSize As DWord
|
---|
| 118 | th32ModuleID As DWord
|
---|
| 119 | th32ProcessID As DWord
|
---|
| 120 | GlblcntUsage As DWord
|
---|
| 121 | ProccntUsage As DWord
|
---|
| 122 | modBaseAddr As *Byte
|
---|
| 123 | modBaseSize As DWord
|
---|
| 124 | hModule As HANDLE
|
---|
| 125 | szModule[ELM(MAX_MODULE_NAME32 + 1)] As Byte
|
---|
| 126 | szExePath[ELM(MAX_PATH)] As Byte
|
---|
| 127 | End Type
|
---|
| 128 | TypeDef PMODULEENTRY32 = *MODULEENTRY32
|
---|
| 129 | TypeDef LPMODULEENTRY32 = *MODULEENTRY32
|
---|
| 130 |
|
---|
| 131 | Declare Function Module32First Lib "kernel32" (hSnapshot As HANDLE, ByRef me As MODULEENTRY32) As BOOL
|
---|
| 132 | Declare Function Module32Next Lib "kernel32" (hSnapshot As HANDLE, ByRef me As MODULEENTRY32) As BOOL
|
---|