扫描系统进程

自己一直想做一个和windows资源管理器一样的程序，所以看了一下如何列举系统的所有进程。主要用到几个函数

CreateToolhelp32Snapshot，Process32First，Process32Next和一个结构体PROCESSENTRY32。其中用法可以看百度百科或MSDN

这里是代码

#include <windows.h>
#include <tlhelp32.h>
#include <tchar.h>
#include <stdio.h>
#include<iostream>
using namespace std;
int main()
{
	HANDLE hProcessSnap;
	HANDLE hProcess;
	PROCESSENTRY32 pe32;//用来存储进程的相关信息
	DWORD dwPriorityClass;//

	//建立进程快照
	hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0);//获得系统进程的快照

	if(hProcessSnap == INVALID_HANDLE_VALUE)
	{
		cout<<"快照创建失败"<<endl;
		return 0;
	}
	pe32.dwSize = sizeof(PROCESSENTRY32);
	if(Process32First( hProcessSnap, &pe32) == NULL)
	{
		cout<<"error"<<endl;
		CloseHandle(hProcessSnap);

	}
	int i = 0;
	do{
		cout<<"------------"<<i++<<"个进程------------------------"<<endl;
		//cout<<" name : "<<pe32.szExeFile<<endl;
		_tprintf( TEXT("\nPROCESS NAME: %s"), pe32.szExeFile );
		cout<<endl;
		cout<< "Process ID = "<< pe32.th32ProcessID <<endl;
		cout<< "Thread count = "<<pe32.cntThreads <<endl; 
		cout<< "Parent process ID = "<< pe32.th32ParentProcessID <<endl;; 
		cout<< "Priority base = "<< pe32.pcPriClassBase <<endl; 
	}while( Process32Next( hProcessSnap, &pe32) );
	return 0;

}

 

当然，上面程序是我从一个程序中摘出来的，这是源程序，忘了引用的哪了，如果作者看到，请告知引用地址。

这个程序实现了对系统进程，单个进程和线程的快照，主要还是拿几个函数，有时间的话做一个可视化的，和大家分享

#include <windows.h>
#include <tlhelp32.h>
#include <tchar.h>
#include <stdio.h>
// Forward declarations:
BOOL GetProcessList( );
BOOL ListProcessModules( DWORD dwPID );
BOOL ListProcessThreads( DWORD dwOwnerPID );
void printError( TCHAR* msg );
void main( )
{ 
	GetProcessList( );
}
BOOL GetProcessList( )
{ 
	HANDLE hProcessSnap; 
	HANDLE hProcess; 
	PROCESSENTRY32 pe32; //用来存放快照进程信息的一个结构体
	DWORD dwPriorityClass; // Take a snapshot of all processes in the system. 
	hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 ); 
	/*
	CreateToolhelp32Snapshot函数为指定的进程、进程使用的堆[HEAP]、模块[MODULE]、线程[THREAD]）建立一个快照[snapshot]。 　　
	HANDLE WINAPI CreateToolhelp32Snapshot( 　　DWORD dwFlags, //用来指定“快照”中需要返回的对象，可以是TH32CS_SNAPPROCESS等 　　
	                              DWORD th32ProcessID //一个进程ID号，用来指定要获取哪一个进程的快照，当获取系统进程列表或获取当前进程快照时可以设为0 　　); 
	*/
	if( hProcessSnap == INVALID_HANDLE_VALUE ) 
	{ 
		printError( TEXT("CreateToolhelp32Snapshot (of processes)") ); 
		return( FALSE ); 
	} // Set the size of the structure before using it. 
	pe32.dwSize = sizeof( PROCESSENTRY32 ); // Retrieve information about the first process, 
	// and exit if unsuccessful
	if( !Process32First( hProcessSnap, &pe32 ) ) 
	{ 
		printError( TEXT("Process32First") ); // show cause of failure 
		CloseHandle( hProcessSnap ); // clean the snapshot object 
		( FALSE ); 
	} // Now walk the snapshot of processes, and 
	// display information about each process in turn 
	do {
		printf( "\n\n=====================================================" ); 
		_tprintf( TEXT("\nPROCESS NAME: %s"), pe32.szExeFile ); 
		printf( "\n-----------------------------------------------------" ); // Retrieve the priority class. 
		dwPriorityClass = 0; 
		hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID ); 
		/*
		OpenProcess 函数用来打开一个已存在的进程对象,并返回进程的句柄。　　
		1.函数原型 　　HANDLE OpenProcess( 　　DWORD dwDesiredAccess, //渴望得到的访问权限(标志) 　　
		                                 BOOL bInheritHandle, // 是否继承句柄 　　
										 DWORD dwProcessId// 进程标示符 　　); 
		*/
		if( hProcess == NULL )
			printError( TEXT("OpenProcess") ); 
		else { 
			dwPriorityClass = GetPriorityClass( hProcess ); 
			if( !dwPriorityClass ) 
				printError( TEXT("GetPriorityClass") ); 
			CloseHandle( hProcess ); 
		} 
		printf( "\n Process ID = 0x%08X", pe32.th32ProcessID ); 
		printf( "\n Thread count = %d", pe32.cntThreads ); 
		printf( "\n Parent process ID = 0x%08X", pe32.th32ParentProcessID ); 
		printf( "\n Priority base = %d", pe32.pcPriClassBase ); 
		if( dwPriorityClass ) 
			printf( "\n Priority class = %d", dwPriorityClass ); // List the modules and threads associated with this process 
		//ListProcessModules( pe32.th32ProcessID ); 
		//ListProcessThreads( pe32.th32ProcessID );
	} while( Process32Next( hProcessSnap, &pe32 ) );
	CloseHandle( hProcessSnap ); 
	return( TRUE );
}
BOOL ListProcessModules( DWORD dwPID )
{
	HANDLE hModuleSnap = INVALID_HANDLE_VALUE; 
	MODULEENTRY32 me32; // Take a snapshot of all modules in the specified process. 
	hModuleSnap = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID );
	if( hModuleSnap == INVALID_HANDLE_VALUE ) 
	{
		printError( TEXT("CreateToolhelp32Snapshot (of modules)") ); 
		return( FALSE );
	} // Set the size of the structure before using it.
	me32.dwSize = sizeof( MODULEENTRY32 ); // Retrieve information about the first module, 
	// and exit if unsuccessful 
	if( !Module32First( hModuleSnap, &me32 ) ) 
	{
		printError( TEXT("Module32First") ); // show cause of failure 
		CloseHandle( hModuleSnap ); // clean the snapshot object 
		return( FALSE );
	} // Now walk the module list of the process, 
	// and display information about each module 
	do {
		_tprintf( TEXT("\n\n MODULE NAME: %s"), me32.szModule );
		_tprintf( TEXT("\n Executable = %s"), me32.szExePath );
		printf( "\n Process ID = 0x%08X", me32.th32ProcessID );
		printf( "\n Ref count (g) = 0x%04X", me32.GlblcntUsage );
		printf( "\n Ref count (p) = 0x%04X", me32.ProccntUsage );
		printf( "\n Base address = 0x%08X", (DWORD) me32.modBaseAddr ); 
		printf( "\n Base size = %d", me32.modBaseSize );
	} while( Module32Next( hModuleSnap, &me32 ) ); 
	CloseHandle( hModuleSnap ); 
	return( TRUE );
}
BOOL ListProcessThreads( DWORD dwOwnerPID ) 
{ 
	HANDLE hThreadSnap = INVALID_HANDLE_VALUE; 
	THREADENTRY32 te32; // Take a snapshot of all running threads 
	hThreadSnap = CreateToolhelp32Snapshot( TH32CS_SNAPTHREAD, 0 ); 
	if( hThreadSnap == INVALID_HANDLE_VALUE ) 
		return( FALSE ); // Fill in the size of the structure before using it. 
	te32.dwSize = sizeof(THREADENTRY32 ); // Retrieve information about the first thread, 
	// and exit if unsuccessful 
	if( !Thread32First( hThreadSnap, &te32 ) ) 
	{
		printError( TEXT("Thread32First") ); // show cause of failure 
		CloseHandle( hThreadSnap ); // clean the snapshot object 
		return( FALSE );
	} // Now walk the thread list of the system,
	// and display information about each thread 
	// associated with the specified process 
	do { 
		if( te32.th32OwnerProcessID == dwOwnerPID ) 
		{ 
			printf( "\n\n THREAD ID = 0x%08X", te32.th32ThreadID ); 
			printf( "\n Base priority = %d", te32.tpBasePri );
			printf( "\n Delta priority = %d", te32.tpDeltaPri ); 
		} 
	} while( Thread32Next(hThreadSnap, &te32 ) ); 
	CloseHandle( hThreadSnap ); 
	return( TRUE );
}
void printError( TCHAR* msg )
{ 
	DWORD eNum; 
	TCHAR sysMsg[256]; 
	TCHAR* p; 
	eNum = GetLastError( ); 
	FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, eNum, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language 
		sysMsg,256, NULL ); // Trim the end of the line and terminate it with a null 
	p = sysMsg;
	while( ( *p > 31 ) || ( *p == 9 ) ) 
		++p; 
	do {
		*p-- = 0;
	} while( ( p >= sysMsg ) && ( ( *p == '.' ) || ( *p < 33 ) ) ); // Display the message 
	_tprintf( TEXT("\n WARNING: %s failed with error %d (%s)"), msg, eNum, sysMsg );
}