windows进程信息查看 终止指定进程

The CreateToolhelp32Snapshot function takes a snapshot of the specified processes, as well as the heaps, modules, and threads used by these processes.

CreateToolhelp32Snapshot 函数可以得到一个指定进程的快照，比如这个进程所使用的堆，模块，线程的等信息

HANDLE WINAPI CreateToolhelp32Snapshot(
  DWORD dwFlags,
  DWORD th32ProcessID
);
dwFlags 可取下列值：

TH32CS_INHERIT / TH32CS_SNAPALL / TH32CS_SNAPHEAPLIST / TH32CS_SNAPMODULE / TH32CS_SNAPPROCESS / TH32CS_SNAPTHREAD

th32ProcessID 表示要包含进快照的进程的标识符，即PID,当该值为0时，表示当前进程；当且仅当dwFlags值被指定为：

 TH32CS_SNAPHEAPLIST, TH32CS_SNAPMODULE, 或TH32CS_SNAPALL时才起作用；否则该参数将会被忽略且所有进程都会包含到创建的快照中。

查找一个指定的进程(如：QQ.exe)，并终止该进程

#include "windows.h" 
#include 
#include "tchar.h" 
#include 
using namespace std; 

int _tmain(int argc, _TCHAR* argv[]) 
{ 
    //扫描进程 
    HANDLE handle = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); 
    PROCESSENTRY32 * info = new PROCESSENTRY32; 
    info->dwSize = sizeof(PROCESSENTRY32); 

    BOOL bSuccess = TRUE;//保存关闭进程的结果 
    if(Process32First(handle,info)) 
    { 
        if(GetLastError() == ERROR_NO_MORE_FILES ) 
        { 
            //此处提示可以去掉 
            cout<<"no more process!"<        } 
        else 
        { 
            int num = 0; 
            while(Process32Next(handle,info) != FALSE) 
            { 
                //查找名为QQ.exe的进程，并将其终止 
                LPCTSTR lpctStr = info->szExeFile; 

                if (strcmp(lpctStr,_T("QQ.exe")) == 0) 
                { 
                    //获取进程ID 
                    DWORD dwID = info->th32ProcessID; 
                    printf("进程标识符:%d/n",dwID); 
                    HANDLE handlTC = OpenProcess(PROCESS_TERMINATE,FALSE,dwID); 
                    bSuccess = TerminateProcess(handlTC,0); 
                    DWORD dw  =  GetLastError(); 
                    CloseHandle(handlTC); 
                } 
                num++; 
            } 
            printf("系统中当前的进程数目为：%d/n",num); 
        } 
    } 
    info = NULL; 
    CloseHandle(handle); 

    return bSuccess; 
    return 0; 
}