Figure 3   EnableDebugPrivAndRun.cpp


 /*************************************************************
 Module name: EnableDebugPrivAndRun.cpp
 Notices: Written 1998 by Jeffrey Richter
 Description: Enables the Debug privilege before running an app
 *************************************************************/
 
 
 #define STRICT
 #include <Windows.h>
 
 
 //////////////////////////////////////////////////////////////
 
 
 BOOL EnablePrivilege(HANDLE hToken, LPCTSTR szPrivName, 
                      BOOL fEnable) {
 
    TOKEN_PRIVILEGES tp;
    tp.PrivilegeCount = 1;
    LookupPrivilegeValue(NULL, szPrivName, &tp.Privileges[0].Luid);
    tp.Privileges[0].Attributes = fEnable ? SE_PRIVILEGE_ENABLED : 0;
    AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(tp), NULL, NULL);
    return((GetLastError() == ERROR_SUCCESS));
 }
 
 
 //////////////////////////////////////////////////////////////
 
 
 int WINAPI WinMain(HINSTANCE hinstExe, HINSTANCE hinstExePrev, 
                    LPSTR pszCmdLine, int nCmdShow) {
 
    HANDLE hToken;
    if (OpenProcessToken(GetCurrentProcess(), 
                         TOKEN_ADJUST_PRIVILEGES, &hToken)) {
       if (EnablePrivilege(hToken, SE_DEBUG_NAME, TRUE)) {
 
          if (ShellExecute(NULL, NULL, pszCmdLine, NULL, 
             NULL, SW_SHOWNORMAL) < (HINSTANCE) 32) {
 
             MessageBox(NULL, pszCmdLine, 
                        __TEXT("EnableDebugPrivAndRun: Couldn't run"),
                        MB_OK | MB_ICONINFORMATION);
          }
       }
       CloseHandle(hToken);
    }
    return(0);
 }
 
 
 //////////////////////// End Of File /////////////////////////
  

Figure 4   RunImageLocally.cpp


 /******************************************************************************
 Module name: RunImageLocally.cpp
 Notices: Written 1998 by Jeffrey Richter
 Description: Forces an executable image to be run from the paging file.
 ******************************************************************************/
 
 
 #include <windows.h>
 
 
 ///////////////////////////////////////////////////////////////////////////////
 
 
 void WINAPI RunImageLocally(HINSTANCE hinst) {
    DWORD cp= 0;
    static DWORD s_dwPageSize = 0;
 
    // Get the system's page size (do this only once)
    if (s_dwPageSize == 0) {
       SYSTEM_INFO si;
       GetSystemInfo(&si);
       s_dwPageSize = si.dwPageSize;
    }
 
    PBYTE pbAddr = (PBYTE) hinst;
    MEMORY_BASIC_INFORMATION mbi;
    VirtualQuery(pbAddr, &mbi, sizeof(mbi));
 
    // Perform this loop until we find a region beyond the end of the file.
    while (mbi.AllocationBase == hinst) {
 
       // We can only force committed pages into RAM.
       // We do not want to trigger guard pages and confuse the application.
       if ((mbi.State == MEM_COMMIT) && ((mbi.Protect & PAGE_GUARD) == 0)) {
 
          // Determine if the pages in this region are nonwriteable
          BOOL fNonWritableRgn = 
             (mbi.Protect == PAGE_NOACCESS) || 
             (mbi.Protect == PAGE_READONLY) || 
             (mbi.Protect == PAGE_EXECUTE)  || 
             (mbi.Protect == PAGE_EXECUTE_READ);
 
          DWORD dwOrigProtect = 0;
          if (fNonWritableRgn) {
             // Nonwriteable region, make it writeable (with the least protection)
             VirtualProtect(mbi.BaseAddress, mbi.RegionSize, 
                            PAGE_EXECUTE_READWRITE, &dwOrigProtect);
          } else {
             // This is a writeable page, we can leave the protections alone.
          }
 
          // Write to every page in the region.
          // This forces the page to be in RAM and swapped to the paging file.
          for (DWORD cbRgn = 0; cbRgn < mbi.RegionSize; cbRgn += s_dwPageSize) {
             // Volatile so that the optimizer won't remove this code
             volatile PDWORD pdw = (PDWORD) &pbAddr[cbRgn];  
             *pdw = *pdw;
             cp++;
          }
 
          if (dwOrigProtect != 0) {
             // If we changed the protection, change it back
             VirtualProtect(mbi.BaseAddress, mbi.RegionSize, dwOrigProtect, 
                            &dwOrigProtect);
          }
       }
 
       // Get next region
       VirtualQuery(pbAddr += mbi.RegionSize, &mbi, sizeof(mbi));
    }
    GetLastError();
 }
 
 
 ///////////////////////////////////////////////////////////////////////////////
 
 
 int WINAPI WinMain(HINSTANCE hinstExe, HINSTANCE hinstExePrev, 
                    LPSTR lpCmdLine, int nCmdShow) {
 
    RunImageLocally(hinstExe);
    return(0);
 }
 
 
 ///////////////////////////////// End Of File /////////////////////////////////