I have this code here:
#include "windows.h"
#include "Tlhelp32.h"
#include "shellapi.h"
#include <wchar.h>
#include <fstream>
bool enumProcesses();
int main()
{
enumProcesses();
ShellExecute( NULL, L"open", L"log.txt", NULL, NULL, SW_SHOW );
return 0;
}
bool enumProcesses()
{
std::wofstream log("log.txt");
PROCESSENTRY32 lppe;
MODULEENTRY32 lpme;
HANDLE hSnapshot;
HANDLE mSnapshot;
lppe.dwSize = sizeof( PROCESSENTRY32 );
lpme.dwSize = sizeof( MODULEENTRY32 );
hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
if( hSnapshot == INVALID_HANDLE_VALUE )
{
log << L"Error creating process snapshot.";
return false;
}
if( !Process32First( hSnapshot, &lppe ) )
{
log << L"Error enumerating first process.";
return false;
}
else
{
mSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, lppe.th32ProcessID );
if( mSnapshot != INVALID_HANDLE_VALUE )
{
Module32First( mSnapshot, &lpme );
}
if( wcscmp( lppe.szExeFile, L"[System Process]" ) != 0 )
{
log << lpme.szExePath << "\n";
}
}
while( Process32Next( hSnapshot, &lppe ) )
{
if( wcscmp( lppe.szExeFile, L"System" ) != 0 )
{
if( (mSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, lppe.th32ProcessID )) != INVALID_HANDLE_VALUE )
{
if( Module32First( mSnapshot, &lpme ) ) {
log << lpme.szExePath << "\n";
}
}
}
}
CloseHandle( hSnapshot );
CloseHandle( mSnapshot );
log.close();
return true;
}
My problem is that whenever I debug this code in VC++ using F5 or CTRL + F5, it shows me all the processes but when I create a release version and run it, some things don't even show anymore and I'm not sure why..
Here's what I'm talking about:
release version:
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
c:\Program Files\Microsoft Visual Studio 9.0\Common7\ide\mspdbsrv.exe
C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\devenv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\windows\Desktop\c++ projects\gggg\Debug\gggg.exe
log created on debug:
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
c:\Program Files\Microsoft Visual Studio 9.0\Common7\ide\mspdbsrv.exe
C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\devenv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\cmd.exe
c:\Documents and Settings\windows\Desktop\c++ projects\gggg\Release\gggg.exe
Does it have something to do with permissions?
EDIT:
Looking at 1800 INFORMATION's post, I tried to "force" it to run under SYSTEM account by using psexec -i -d -s and it worked... Is there any way I could run this without the need of doing such a thing?