进程枚举(多种方法)
2012-08-29
进程枚举,时常要用到。(ToolHelp大法)
#include <windows.h> #include <stdio.h> #include <Tlhelp32.h> int main(int argc, char *argv[]) { PROCESSENTRY32 pe32; HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL); if(hProcessSnap == INVALID_HANDLE_VALUE) { printf("CreateSnapshot failed\n"); return 0; } if(!Process32First(hProcessSnap, &pe32)) { printf("Find First process failed\n"); return 0; } do { printf("Name:%s PID:%d\n", pe32.szExeFile, pe32.th32ProcessID); }while(Process32Next(hProcessSnap, &pe32)); return 0; }
2012-08-30
/* *进程枚举 EnumProcesses大法 *BOOL WINAPI EnumProcesses( * __out DWORD* pProcessIds, //用于保存所有进程PID的数组 * __in DWORD cb, //数组大小 * __out DWORD* pBytesReturned //PID数组中实际返回的字节数 *当获得系统中所有进程的PID后,我们就可以使用OpenProcess函数打开指定的进程, *再调用GetModuleBaseName获得该进程的名字. *调用EnumProcessModules枚举该进程调用的所有模块. *调用GetModuleFileNameEx获得模块文件的全路径 * */ #include <Windows.h> #include <stdio.h> #include <Psapi.h> #pragma comment(lib, "Psapi.lib") void PrintProcessNameAndPID(const int PID); int main(int argc, char *argv[]) { DWORD *cbProcess[MAX_PATH]; //保存PID的数组 DWORD dwNeed, dwReturned; unsigned int nloop; if(!EnumProcesses(cbProcess, sizeof(cbProcess), &dwNeed)) return 0; //计算返回了多少个PID dwReturned = dwNeed/sizeof(DWORD); for(nloop = 0; nloop <= dwReturned; nloop++) { if(cbProcess[nloop] != 0) { PrintProcessNameAndPID(cbProcess[nloop]); } } return 0; } //根据PID打印进程信息 void PrintProcessNameAndPID(const int nPID) { char cProcessName[MAX_PATH] = ""; HANDLE hOpenProcess; hOpenProcess = OpenProcess(PROCESS_VM_READ|PROCESS_QUERY_INFORMATION, TRUE, nPID); if(hOpenProcess == INVALID_HANDLE_VALUE) { return; } //获取进程名 if(GetModuleBaseName(hOpenProcess, NULL, cProcessName, sizeof(cProcessName))) { printf("ProcessName:%s PID:%d\n", cProcessName, nPID); CloseHandle(hOpenProcess); return; } CloseHandle(hOpenProcess); }
把难题清清楚楚地写出来,便已经解决了一半。只有先认清问题,才能很好地解决问题。这种观点在管理学上被称为吉德林法则。
浙公网安备 33010602011771号