countProcesses := Processes.ItemCount;
for i1 := 0 to countProcesses - 1 do
begin
exe:=Processes.Items[i1].ExeFile;
if UpperCase( exe).Contains( UpperCase('GecoMaes.exe')) then
begin
ip := Processes.Items[i1];
mmo1.Lines.Add('IProcess.Session:' + ip.Session.ToString());
mmo1.Lines.Add('IProcess.GetHandle:' + ip.GetHandle().Handle.ToString());
mmo1.Lines.Add('ExeFile:' + Processes.Items[i1].ExeFile);
mmo1.Lines.Add('UserName:' + Processes.Items[i1].UserName);
end;
end;
var PrivilegesEnabled : boolean = false;
procedure EnableAllPrivileges;
type TTokenPrivileges = record
PrivilegeCount : dword;
Privileges : array [0..maxInt shr 4 - 1] of TLUIDAndAttributes;
end;
var token : THandle;
c2 : dword;
i1 : integer;
ptp : ^TTokenPrivileges;
backup, restore, owner : int64;
begin
if PrivilegesEnabled then
exit;
if OpenProcessToken(windows.GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, token) then
try
c2 := 0;
GetTokenInformation(token, TokenPrivileges, nil, 0, c2);
if c2 <> 0 then begin
ptp := pointer(LocalAlloc(LPTR, c2 * 2));
if GetTokenInformation(token, TokenPrivileges, ptp, c2 * 2, c2) then begin
// enabling backup/restore privileges breaks Explorer's Samba support
if not LookupPrivilegeValueA(nil, PAnsiChar(DecryptStr(CSeBackupPrivilege )), backup ) then backup := 0;
if not LookupPrivilegeValueA(nil, PAnsiChar(DecryptStr(CSeRestorePrivilege )), restore) then restore := 0;
if not LookupPrivilegeValueA(nil, PAnsiChar(DecryptStr(CSeTakeOwnershipPrivilege)), owner ) then owner := 0;
for i1 := 0 to integer(ptp^.PrivilegeCount) - 1 do
if (ptp^.Privileges[i1].Luid <> backup ) and
(ptp^.Privileges[i1].Luid <> restore) and
(ptp^.Privileges[i1].Luid <> owner ) then
ptp^.Privileges[i1].Attributes := ptp^.Privileges[i1].Attributes or SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(token, false, PTokenPrivileges(ptp)^, c2, PTokenPrivileges(nil)^, dword(pointer(nil)^));
end;
LocalFree(HLOCAL(ptp));
end;
finally CloseHandle(token) end;
PrivilegesEnabled := true;
end;