Cant work

[Airboi]

Hi

I fix the issues and tried in 32bit and 64bit office at Windows10 Environment

But I found result = NtQueryInformationProcess(newProcessHandle, 0, pbi, Len(pbi), size) doesn't work. the result is FALSE

And the new Process still be a childProcess of WINWORD.EXE. Can you help me

By the way, the function to getPid is not work. I used WMI to get Pid

Function getProcessId(ByVal name As String)
    Dim objServices As Object, objProcessSet As Object, Process As Object
    Dim tmp As Integer
    Set objServices = GetObject("winmgmts:\\.\root\CIMV2")
    Set objProcessSet = objServices.ExecQuery("SELECT ProcessID, name FROM Win32_Process WHERE name = " & Chr(&H22) & name & Chr(&H22), , 48)
    For Each Process In objProcessSet
        tmp = Process.ProcessID
    Next
    getProcessId = tmp
End Function

Thanks

[christophetd]

Hi,

Thanks for reporting. Could you try setting a breakpoint just after NtQueryInformationProcess is run, and look at the value of err.LastDllError? It should give you an error number that you can make sense of using https://docs.microsoft.com/en-us/windows/desktop/Debug/system-error-codes--0-499-

[Airboi]

Hi

I got 0 of err.LastDllError(means no error?), and NtQueryInformationProcess still return 0. How could it happen?

[christophetd]

Did you end up finding a solution?

[Airboi]

No... I didn't

[Chantal2019]

when I try to run it and press debug keep highlighting this line:

result = NtQueryInformationProcess(newProcessHandle, 0, pbi, Len(pbi), size)

[Chantal2019]

[Jay1508]

is there any fix?

[christophetd]

Hello,

Sorry, I've not been maintaining this code for quite some time. If someone knows of a fix, I gladly take a contribution, thanks!