-- 作者:卷积内核
-- 发布时间:4/9/2008 9:51:00 AM
-- 获得当前进程的列表
//进程描述信息 typedef struct _tagPROCESSINFO { DWORD dwPID; TCHAR strPath[_MAX_PATH]; TCHAR strName[_MAX_FNAME]; } PROCESSINFO, *LPPROCESSINFO; //获取进程信息列表 BOOL EnumProcessesInfo( PROCESSINFO* lpPsInfo, ULONG ulSize, ULONG* pulNeeded ) // lpPsInfo [out] : 指向PROCESSINFO结构数组的指针 // nSize [in] : lpPsInfo中的元素个数 // nNeeded [out] : 实际的元素个数 // 返回值 : TRUE : 成功; FALSE : 失败 { ASSERT( pulNeeded ); LPDWORD lpdwPIDs ; //存储进程ID数组 DWORD dwbSize, dwbSize2; dwbSize2 = 256 * sizeof( DWORD ); lpdwPIDs = NULL; do { if( lpdwPIDs ) { HeapFree( GetProcessHeap(), 0, lpdwPIDs ); dwbSize2 *= 2; } lpdwPIDs = (LPDWORD)HeapAlloc( GetProcessHeap(), 0, dwbSize2 ); if( lpdwPIDs == NULL ) { return FALSE ; } if( ! ::EnumProcesses( lpdwPIDs, dwbSize2, &dwbSize ) ) { HeapFree( GetProcessHeap(), 0, lpdwPIDs ) ; return FALSE ; } }while( dwbSize == dwbSize2 ) ; ULONG ulCount = dwbSize / sizeof( DWORD ); //如果为询问数量,则返回实际数量 if ( NULL == lpPsInfo && 0 == ulSize ) { *pulNeeded = ulCount; return TRUE; } ASSERT( lpPsInfo ); if ( NULL == lpPsInfo ) { return FALSE; } if ( ulSize <= ulCount ) { *pulNeeded = ulSize; } else { *pulNeeded = ulCount; } //获得进程信息 HANDLE hProcess; HMODULE hModule; DWORD dwSize; char path_buffer[_MAX_PATH]; char drive[_MAX_DRIVE]; char dir[_MAX_DIR]; char fname[_MAX_FNAME]; char ext[_MAX_EXT]; // Loop through each ProcID. for( ULONG ulIndex = 0 ; ulIndex < (*pulNeeded) ; ulIndex++ ) { // Open the process (if we can... security does not // permit every process in the system). // TRACE("PID To Open:%d\r\n", lpdwPIDs[ulIndex] ); lpPsInfo[ulIndex].dwPID = lpdwPIDs[ulIndex]; lpPsInfo[ulIndex].strPath[0] = 0; lpPsInfo[ulIndex].strName[0] = 0; // Because Can't Open 0 And 8 Process, // Mark Them At There if ( 0 == lpdwPIDs[ulIndex] ) { strcpy( lpPsInfo[ulIndex].strName, "System Idle Process" ); continue; } else if ( 8 == lpdwPIDs[ulIndex] ) { strcpy( lpPsInfo[ulIndex].strName, "System" ); continue; } // Open Process And Get Process Infomation hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, lpPsInfo[ulIndex].dwPID ); if( hProcess != NULL ) { // Here we call EnumProcessModules to get only the // first module in the process this is important, // because this will be the .EXE module for which we // will retrieve the full path name in a second. if( EnumProcessModules( hProcess, &hModule, sizeof(hModule), &dwSize ) ) { // Get Full pathname: if( GetModuleFileNameEx( hProcess, hModule, path_buffer, sizeof(path_buffer) ) ) { _tsplitpath( path_buffer, drive, dir, fname, ext ); strcpy( lpPsInfo[ulIndex].strPath, path_buffer ); sprintf( lpPsInfo[ulIndex].strName, "%s%s", fname, ext ); // TRACE( "ModuleFileName:%s\r\n", path_buffer ); } } CloseHandle( hProcess ) ; } } return TRUE; }
|