C++扫描系统进程代码
自己一直想做一个和windows资源管理器一样的程序,所以看了一下如何列举系统的所有进程。主要用到几个函数
CreateToolhelp32Snapshot,Process32First,Process32Next和一个结构体PROCESSENTRY32。其中用法可以看百度百科或MSDN
#include <windows.h> #include <tlhelp32.h> #include <tchar.h> #include <stdio.h> #include<iostream> using namespace std; int main() { HANDLE hProcessSnap; HANDLE hProcess; PROCESSENTRY32 pe32;//用来存储进程的相关信息 DWORD dwPriorityClass;// //建立进程快照 hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0);//获得系统进程的快照 if(hProcessSnap == INVALID_HANDLE_VALUE) { cout<<"快照创建失败"<<endl; return 0; } pe32.dwSize = sizeof(PROCESSENTRY32); if(Process32First( hProcessSnap, &pe32) == NULL) { cout<<"error"<<endl; CloseHandle(hProcessSnap); } int i = 0; do{ cout<<"------------"<<i++<<"个进程------------------------"<<endl; //cout<<" name : "<<pe32.szExeFile<<endl; _tprintf( TEXT("\nPROCESS NAME: %s"), pe32.szExeFile ); cout<<endl; cout<< "Process ID = "<< pe32.th32ProcessID <<endl; cout<< "Thread count = "<<pe32.cntThreads <<endl; cout<< "Parent process ID = "<< pe32.th32ParentProcessID <<endl;; cout<< "Priority base = "<< pe32.pcPriClassBase <<endl; }while( Process32Next( hProcessSnap, &pe32) ); return 0; } 当然,上面程序是我从一个程序中摘出来的,这是源程序,忘了引用的哪了,如果作者看到,请告知引用地址。
这个程序实现了对系统进程,单个进程和线程的快照,主要还是拿几个函数,有时间的话做一个可视化的,和大家分享
#include <windows.h> #include <tlhelp32.h> #include <tchar.h> #include <stdio.h> // Forward declarations: BOOL GetProcessList( ); BOOL ListProcessModules( DWORD dwPID ); BOOL ListProcessThreads( DWORD dwOwnerPID ); void printError( TCHAR* msg ); void main( ) { GetProcessList( ); } BOOL GetProcessList( ) { HANDLE hProcessSnap; HANDLE hProcess; PROCESSENTRY32 pe32; //用来存放快照进程信息的一个结构体 DWORD dwPriorityClass; // Take a snapshot of all processes in the system. hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 ); /* CreateToolhelp32Snapshot函数为指定的进程、进程使用的堆[HEAP]、模块[MODULE]、线程[THREAD])建立一个快照[snapshot]。 HANDLE WINAPI CreateToolhelp32Snapshot( DWORD dwFlags, //用来指定“快照”中需要返回的对象,可以是TH32CS_SNAPPROCESS等 DWORD th32ProcessID //一个进程ID号,用来指定要获取哪一个进程的快照,当获取系统进程列表或获取当前进程快照时可以设为0 ); */ if( hProcessSnap == INVALID_HANDLE_VALUE ) { printError( TEXT("CreateToolhelp32Snapshot (of processes)") ); return( FALSE ); } // Set the size of the structure before using it. pe32.dwSize = sizeof( PROCESSENTRY32 ); // Retrieve information about the first process, // and exit if unsuccessful if( !Process32First( hProcessSnap, &pe32 ) ) { printError( TEXT("Process32First") ); // show cause of failure CloseHandle( hProcessSnap ); // clean the snapshot object ( FALSE ); } // Now walk the snapshot of processes, and // display information about each process in turn do { printf( "\n\n=====================================================" ); _tprintf( TEXT("\nPROCESS NAME: %s"), pe32.szExeFile ); printf( "\n-----------------------------------------------------" ); // Retrieve the priority class. dwPriorityClass = 0; hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID ); /* OpenProcess 函数用来打开一个已存在的进程对象,并返回进程的句柄。 1.函数原型 HANDLE OpenProcess( DWORD dwDesiredAccess, //渴望得到的访问权限(标志) BOOL bInheritHandle, // 是否继承句柄 DWORD dwProcessId// 进程标示符 ); */ if( hProcess == NULL ) printError( TEXT("OpenProcess") ); else { dwPriorityClass = GetPriorityClass( hProcess ); if( !dwPriorityClass ) printError( TEXT("GetPriorityClass") ); CloseHandle( hProcess ); } printf( "\n Process ID = 0x%08X", pe32.th32ProcessID ); printf( "\n Thread count = %d", pe32.cntThreads ); printf( "\n Parent process ID = 0x%08X", pe32.th32ParentProcessID ); printf( "\n Priority base = %d", pe32.pcPriClassBase ); if( dwPriorityClass ) printf( "\n Priority class = %d", dwPriorityClass ); // List the modules and threads associated with this process //ListProcessModules( pe32.th32ProcessID ); //ListProcessThreads( pe32.th32ProcessID ); } while( Process32Next( hProcessSnap, &pe32 ) ); CloseHandle( hProcessSnap ); return( TRUE ); } BOOL ListProcessModules( DWORD dwPID ) { HANDLE hModuleSnap = INVALID_HANDLE_VALUE; MODULEENTRY32 me32; // Take a snapshot of all modules in the specified process. hModuleSnap = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID ); if( hModuleSnap == INVALID_HANDLE_VALUE ) { printError( TEXT("CreateToolhelp32Snapshot (of modules)") ); return( FALSE ); } // Set the size of the structure before using it. me32.dwSize = sizeof( MODULEENTRY32 ); // Retrieve information about the first module, // and exit if unsuccessful if( !Module32First( hModuleSnap, &me32 ) ) { printError( TEXT("Module32First") ); // show cause of failure CloseHandle( hModuleSnap ); // clean the snapshot object return( FALSE ); } // Now walk the module list of the process, // and display information about each module do { _tprintf( TEXT("\n\n MODULE NAME: %s"), me32.szModule ); _tprintf( TEXT("\n Executable = %s"), me32.szExePath ); printf( "\n Process ID = 0x%08X", me32.th32ProcessID ); printf( "\n Ref count (g) = 0x%04X", me32.GlblcntUsage ); printf( "\n Ref count (p) = 0x%04X", me32.ProccntUsage ); printf( "\n Base address = 0x%08X", (DWORD) me32.modBaseAddr ); printf( "\n Base size = %d", me32.modBaseSize ); } while( Module32Next( hModuleSnap, &me32 ) ); CloseHandle( hModuleSnap ); return( TRUE ); } BOOL ListProcessThreads( DWORD dwOwnerPID ) { HANDLE hThreadSnap = INVALID_HANDLE_VALUE; THREADENTRY32 te32; // Take a snapshot of all running threads hThreadSnap = CreateToolhelp32Snapshot( TH32CS_SNAPTHREAD, 0 ); if( hThreadSnap == INVALID_HANDLE_VALUE ) return( FALSE ); // Fill in the size of the structure before using it. te32.dwSize = sizeof(THREADENTRY32 ); // Retrieve information about the first thread, // and exit if unsuccessful if( !Thread32First( hThreadSnap, &te32 ) ) { printError( TEXT("Thread32First") ); // show cause of failure CloseHandle( hThreadSnap ); // clean the snapshot object return( FALSE ); } // Now walk the thread list of the system, // and display information about each thread // associated with the specified process do { if( te32.th32OwnerProcessID == dwOwnerPID ) { printf( "\n\n THREAD ID = 0x%08X", te32.th32ThreadID ); printf( "\n Base priority = %d", te32.tpBasePri ); printf( "\n Delta priority = %d", te32.tpDeltaPri ); } } while( Thread32Next(hThreadSnap, &te32 ) ); CloseHandle( hThreadSnap ); return( TRUE ); } void printError( TCHAR* msg ) { DWORD eNum; TCHAR sysMsg[256]; TCHAR* p; eNum = GetLastError( ); FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, eNum, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language sysMsg,256, NULL ); // Trim the end of the line and terminate it with a null p = sysMsg; while( ( *p > 31 ) || ( *p == 9 ) ) ++p; do { *p-- = 0; } while( ( p >= sysMsg ) && ( ( *p == '.' ) || ( *p < 33 ) ) ); // Display the message _tprintf( TEXT("\n WARNING: %s failed with error %d (%s)"), msg, eNum, sysMsg ); }