遍历进程名的几种方法

方法一：使用EnumProcessModule

使用EnummProcessModule
 1
 2/**//*
 3 *    ShowProcessPath 2.0
 4 *    版权所有 (C) 2005 赵春生
 5 *    2005.09.02
 6 *    http://timw.yeah.net
 7 *    http://timw.126.com
 8 *    本程序适用于:WinNT
 9 *    代码在Win2000P+SP4 + VC6+SP6测试通过
10*/
11
12#include <stdio.h>
13#include <windows.h>
14#include "PSAPI.H"
15#pragma comment( lib, "PSAPI.LIB" )
16
17//自定义函数：赋予指定特权。这里用来提升程序权限。
18BOOL EnablePrivilege(HANDLE hToken,LPCSTR szPrivName);
19
20int main(void)
21{
22    
23    DWORD processid[1024],needed,processcount,i;
24    HANDLE hProcess;
25    HMODULE hModule;
26    char path[MAX_PATH] = "",temp[256];
27    
28    HANDLE hToken;
29    
30    printf("ShowProcessPath 2.0 with [Process Status API]/n/n");
31    
32    if ( OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&hToken) )
33    {
34        if (EnablePrivilege(hToken,SE_DEBUG_NAME))
35        {
36            
37            EnumProcesses(processid, sizeof(processid), &needed);
38            processcount=needed/sizeof(DWORD);
39            
40            for (i=0;i<processcount;i++)
41            {
42                hProcess=OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,false,processid[i]);
43                if (hProcess)
44                {
45                    EnumProcessModules(hProcess, &hModule, sizeof(hModule), &needed);
46                    GetModuleFileNameEx(hProcess, hModule, path, sizeof(path));
47                    GetShortPathName(path,path,256);
48                    itoa(processid[i],temp,10);
49                    printf("%s --- %s/n",path,temp);
50                }
51                else
52                    printf("Failed!!!/n");
53            }
54        }
55    }
56    
57    CloseHandle(hProcess);
58    CloseHandle(hModule);
59    
60    itoa(processcount,temp,10);
61    printf("/nProcess Count:%s/n/n",temp);
62    
63    return 0;
64}
65
66/**///
67
68BOOL EnablePrivilege(HANDLE hToken,LPCSTR szPrivName)
69{
70    
71    TOKEN_PRIVILEGES tkp;
72    
73    LookupPrivilegeValue( NULL,szPrivName,&tkp.Privileges[0].Luid );//修改进程权限
74    tkp.PrivilegeCount=1;
75    tkp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
76    AdjustTokenPrivileges( hToken,FALSE,&tkp,sizeof tkp,NULL,NULL );//通知系统修改进程权限
77    
78    return( (GetLastError()==ERROR_SUCCESS) );
79    
80}
81
82/**///
83
84

方案二：区分操作系统

  1/**/////
  2// EnumWin32Proc.c
  3// 编译方法：
  4// 1、运行 C:/Program Files/Microsoft Visual Studio/VC98/Bin/VCVARS32.BAT.
  5// 2、运行 bldexe.bat.
  6//
  7/**/////
  8#include <windows.h>
  9#include <stdio.h>
 10#include <tlhelp32.h>
 11#include <vdmdbg.h>
 12
 13typedef BOOL (CALLBACK *PROCENUMPROC)(DWORD, WORD, LPSTR, LPARAM);
 14
 15typedef struct {
 16    DWORD dwPID;
 17    PROCENUMPROC lpProc;
 18    DWORD lParam;
 19    BOOL bEnd;
 20} EnumInfoStruct;
 21
 22BOOL WINAPI EnumProcs(PROCENUMPROC lpProc, LPARAM lParam);
 23
 24BOOL WINAPI Enum16(DWORD dwThreadId, WORD hMod16, WORD hTask16,
 25                   PSZ pszModName, PSZ pszFileName, LPARAM lpUserDefined);
 26
 27//
 28// The EnumProcs function takes a pointer to a callback function
 29// that will be called once per process with the process filename
 30// and process ID.
 31//
 32// lpProc -- Address of callback routine.
 33//
 34// lParam -- A user-defined LPARAM value to be passed to
 35// the callback routine.
 36//
 37// Callback function definition:
 38// BOOL CALLBACK Proc(DWORD dw, WORD w, LPCSTR lpstr, LPARAM lParam);
 39//
 40BOOL WINAPI EnumProcs(PROCENUMPROC lpProc, LPARAM lParam) {
 41    
 42    OSVERSIONINFO osver;
 43    HINSTANCE hInstLib = NULL;
 44    HINSTANCE hInstLib2 = NULL;
 45    HANDLE hSnapShot = NULL;
 46    LPDWORD lpdwPIDs = NULL;
 47    PROCESSENTRY32 procentry;
 48    BOOL bFlag;
 49    DWORD dwSize;
 50    DWORD dwSize2;
 51    DWORD dwIndex;
 52    HMODULE hMod;
 53    HANDLE hProcess;
 54    char szFileName[MAX_PATH];
 55    EnumInfoStruct sInfo;
 56    
 57    // ToolHelp Function Pointers.
 58    HANDLE (WINAPI *lpfCreateToolhelp32Snapshot)(DWORD, DWORD);
 59    BOOL (WINAPI *lpfProcess32First)(HANDLE, LPPROCESSENTRY32);
 60    BOOL (WINAPI *lpfProcess32Next)(HANDLE, LPPROCESSENTRY32);
 61    
 62    // PSAPI Function Pointers.
 63    BOOL (WINAPI *lpfEnumProcesses)(DWORD *, DWORD, DWORD *);
 64    BOOL (WINAPI *lpfEnumProcessModules)(HANDLE, HMODULE *, DWORD,
 65        LPDWORD);
 66    DWORD (WINAPI *lpfGetModuleBaseName)(HANDLE, HMODULE, LPTSTR, DWORD);
 67    
 68    // VDMDBG Function Pointers.
 69    INT (WINAPI *lpfVDMEnumTaskWOWEx)(DWORD, TASKENUMPROCEX, LPARAM);
 70    
 71    // Retrieve the OS version
 72    osver.dwOSVersionInfoSize = sizeof(osver);
 73    if (!GetVersionEx(&osver))
 74        return FALSE;
 75    
 76    // If Windows NT 4.0
 77    if (osver.dwPlatformId == VER_PLATFORM_WIN32_NT
 78        && osver.dwMajorVersion == 4) {
 79        
 80        __try {
 81            
 82            // Get the procedure addresses explicitly. We do
 83            // this so we don't have to worry about modules
 84            // failing to load under OSes other than Windows NT 4.0
 85            // because references to PSAPI.DLL can't be resolved.
 86            hInstLib = LoadLibraryA("PSAPI.DLL");
 87            if (hInstLib == NULL)
 88                __leave;
 89            
 90            hInstLib2 = LoadLibraryA("VDMDBG.DLL");
 91            if (hInstLib2 == NULL)
 92                __leave;
 93            
 94            // Get procedure addresses.
 95            lpfEnumProcesses = (BOOL (WINAPI *)(DWORD *, DWORD, DWORD*))
 96                GetProcAddress(hInstLib, "EnumProcesses");
 97            
 98            lpfEnumProcessModules = (BOOL (WINAPI *)(HANDLE, HMODULE *,
 99                DWORD, LPDWORD)) GetProcAddress(hInstLib,
100                "EnumProcessModules");
101            
102            lpfGetModuleBaseName = (DWORD (WINAPI *)(HANDLE, HMODULE,
103                LPTSTR, DWORD)) GetProcAddress(hInstLib,
104                "GetModuleBaseNameA");
105            
106            lpfVDMEnumTaskWOWEx = (INT (WINAPI *)(DWORD, TASKENUMPROCEX,
107                LPARAM)) GetProcAddress(hInstLib2, "VDMEnumTaskWOWEx");
108            
109            if (lpfEnumProcesses == NULL
110                || lpfEnumProcessModules == NULL
111                || lpfGetModuleBaseName == NULL
112                || lpfVDMEnumTaskWOWEx == NULL)
113                __leave;
114            
115            //
116            // Call the PSAPI function EnumProcesses to get all of the
117            // ProcID's currently in the system.
118            //
119            // NOTE: In the documentation, the third parameter of
120            // EnumProcesses is named cbNeeded, which implies that you
121            // can call the function once to find out how much space to
122            // allocate for a buffer and again to fill the buffer.
123            // This is not the case. The cbNeeded parameter returns
124            // the number of PIDs returned, so if your buffer size is
125            // zero cbNeeded returns zero.
126            //
127            // NOTE: The "HeapAlloc" loop here ensures that we
128            // actually allocate a buffer large enough for all the
129            // PIDs in the system.
130            //
131            dwSize2 = 256 * sizeof(DWORD);
132            do {
133                
134                if (lpdwPIDs) {
135                    HeapFree(GetProcessHeap(), 0, lpdwPIDs);
136                    dwSize2 *= 2;
137                }
138                
139                lpdwPIDs = (LPDWORD) HeapAlloc(GetProcessHeap(), 0,
140                    dwSize2);
141                if (lpdwPIDs == NULL)
142                    __leave;
143                
144                if (!lpfEnumProcesses(lpdwPIDs, dwSize2, &dwSize))
145                    __leave;
146                
147            } while (dwSize == dwSize2);
148            
149            // How many ProcID's did we get?
150            dwSize /= sizeof(DWORD);
151            
152            // Loop through each ProcID.
153            for (dwIndex = 0; dwIndex < dwSize; dwIndex++) {
154                
155                szFileName[0] = 0;
156                
157                // Open the process (if we can security does not
158                // permit every process in the system to be opened).
159                hProcess = OpenProcess(
160                    PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
161                    FALSE, lpdwPIDs[dwIndex]);
162                if (hProcess != NULL) {
163                    
164                    // Here we call EnumProcessModules to get only the
165                    // first module in the process. This will be the
166                    // EXE module for which we will retrieve the name.
167                    if (lpfEnumProcessModules(hProcess, &hMod,
168                        sizeof(hMod), &dwSize2)) {
169                        
170                        // Get the module name
171                        if (!lpfGetModuleBaseName(hProcess, hMod,
172                            szFileName, sizeof(szFileName)))
173                            szFileName[0] = 0;
174                    }
175                    CloseHandle(hProcess);
176                }
177                // Regardless of OpenProcess success or failure, we
178                // still call the enum func with the ProcID.
179                if (!lpProc(lpdwPIDs[dwIndex], 0, szFileName, lParam))
180                    break;
181                
182                // Did we just bump into an NTVDM?
183                if (_stricmp(szFileName, "NTVDM.EXE") == 0) {
184                    
185                    // Fill in some info for the 16-bit enum proc.
186                    sInfo.dwPID = lpdwPIDs[dwIndex];
187                    sInfo.lpProc = lpProc;
188                    sInfo.lParam = (DWORD) lParam;
189                    sInfo.bEnd = FALSE;
190                    
191                    // Enum the 16-bit stuff.
192                    lpfVDMEnumTaskWOWEx(lpdwPIDs[dwIndex],
193                        (TASKENUMPROCEX) Enum16, (LPARAM) &sInfo);
194                    
195                    // Did our main enum func say quit?
196                    if (sInfo.bEnd)
197                        break;
198                }
199            }
200            
201} __finally {
202    
203    if (hInstLib)
204        FreeLibrary(hInstLib);
205    
206    if (hInstLib2)
207        FreeLibrary(hInstLib2);
208    
209    if (lpdwPIDs)
210        HeapFree(GetProcessHeap(), 0, lpdwPIDs);
211}
212
213// If any OS other than Windows NT 4.0.
214} else if (osver.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS
215           || (osver.dwPlatformId == VER_PLATFORM_WIN32_NT
216           && osver.dwMajorVersion > 4)) {
217    
218    __try {
219        
220        hInstLib = LoadLibraryA("Kernel32.DLL");
221        if (hInstLib == NULL)
222            __leave;
223        
224        // If NT-based OS, load VDMDBG.DLL.
225        if (osver.dwPlatformId == VER_PLATFORM_WIN32_NT) {
226            hInstLib2 = LoadLibraryA("VDMDBG.DLL");
227            if (hInstLib2 == NULL)
228                __leave;
229        }
230        
231        // Get procedure addresses. We are linking to
232        // these functions explicitly, because a module using
233        // this code would fail to load under Windows NT,
234        // which does not have the Toolhelp32
235        // functions in KERNEL32.DLL.
236        lpfCreateToolhelp32Snapshot =
237            (HANDLE (WINAPI *)(DWORD,DWORD))
238            GetProcAddress(hInstLib, "CreateToolhelp32Snapshot");
239        
240        lpfProcess32First =
241            (BOOL (WINAPI *)(HANDLE,LPPROCESSENTRY32))
242            GetProcAddress(hInstLib, "Process32First");
243        
244        lpfProcess32Next =
245            (BOOL (WINAPI *)(HANDLE,LPPROCESSENTRY32))
246            GetProcAddress(hInstLib, "Process32Next");
247        
248        if (lpfProcess32Next == NULL
249            || lpfProcess32First == NULL
250            || lpfCreateToolhelp32Snapshot == NULL)
251            __leave;
252        
253        if (osver.dwPlatformId == VER_PLATFORM_WIN32_NT) {
254            lpfVDMEnumTaskWOWEx = (INT (WINAPI *)(DWORD, TASKENUMPROCEX,
255                LPARAM)) GetProcAddress(hInstLib2, "VDMEnumTaskWOWEx");
256            if (lpfVDMEnumTaskWOWEx == NULL)
257                __leave;
258        }
259        
260        // Get a handle to a Toolhelp snapshot of all processes.
261        hSnapShot = lpfCreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
262        if (hSnapShot == INVALID_HANDLE_VALUE) {
263            FreeLibrary(hInstLib);
264            return FALSE;
265        }
266        
267        // Get the first process' information.
268        procentry.dwSize = sizeof(PROCESSENTRY32);
269        bFlag = lpfProcess32First(hSnapShot, &procentry);
270        
271        // While there are processes, keep looping.
272        while (bFlag) {
273            
274            // Call the enum func with the filename and ProcID.
275            if (lpProc(procentry.th32ProcessID, 0,
276                procentry.szExeFile, lParam)) {
277                
278                // Did we just bump into an NTVDM?
279                if (_stricmp(procentry.szExeFile, "NTVDM.EXE") == 0) {
280                    
281                    // Fill in some info for the 16-bit enum proc.
282                    sInfo.dwPID = procentry.th32ProcessID;
283                    sInfo.lpProc = lpProc;
284                    sInfo.lParam = (DWORD) lParam;
285                    sInfo.bEnd = FALSE;
286                    
287                    // Enum the 16-bit stuff.
288                    lpfVDMEnumTaskWOWEx(procentry.th32ProcessID,
289                        (TASKENUMPROCEX) Enum16, (LPARAM) &sInfo);
290                    
291                    // Did our main enum func say quit?
292                    if (sInfo.bEnd)
293                        break;
294                }
295                
296                procentry.dwSize = sizeof(PROCESSENTRY32);
297                bFlag = lpfProcess32Next(hSnapShot, &procentry);
298                
299            } else
300                bFlag = FALSE;
301        }
302        
303    } __finally {
304        
305        if (hInstLib)
306            FreeLibrary(hInstLib);
307        
308        if (hInstLib2)
309            FreeLibrary(hInstLib2);
310    }
311    
312} else
313return FALSE;
314
315// Free the library.
316FreeLibrary(hInstLib);
317
318return TRUE;
319}
320
321
322BOOL WINAPI Enum16(DWORD dwThreadId, WORD hMod16, WORD hTask16,
323                   PSZ pszModName, PSZ pszFileName, LPARAM lpUserDefined) {
324    
325    BOOL bRet;
326    
327    EnumInfoStruct *psInfo = (EnumInfoStruct *)lpUserDefined;
328    
329    bRet = psInfo->lpProc(psInfo->dwPID, hTask16, pszFileName,
330        psInfo->lParam);
331    
332    if (!bRet)
333        psInfo->bEnd = TRUE;
334    
335    return !bRet;
336}
337
338
339BOOL CALLBACK MyProcessEnumerator(DWORD dwPID, WORD wTask,
340                                  LPCSTR szProcess, LPARAM lParam) {
341    
342    if (wTask == 0)
343        printf("%5u %s/n", dwPID, szProcess);
344    else
345        printf(" %5u %s/n", wTask, szProcess);
346    
347    return TRUE;
348}
349
350
351void main() {
352    EnumProcs((PROCENUMPROC) MyProcessEnumerator, 0);
353}

源码三

 1nt ProcessList()
 2{
 3       PROCESSENTRY32 pe32;
 4       pe32.dwSize=sizeof(pe32);
 5       int count=0;
 6 
 7       HANDLE hProcessSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
 8 
 9       if(hProcessSnap==INVALID_HANDLE_VALUE)
10       {
11              printf("CreateToolhelp32Snapshot调用失败!");
12              return -1;
13       }
14 
15       BOOL bMore=::Process32First(hProcessSnap,&pe32);
16      
17       printf("%20s/t%10s/n","进程名","PID");
18       printf("====================================/n");
19       while(bMore)
20       {
21              count++;
22              printf("%20s/t%10d/n",pe32.szExeFile,pe32.th32ProcessID);
23              bMore=::Process32Next(hProcessSnap,&pe32);
24       }
25 
26       ::CloseHandle(hProcessSnap);
27 
28       printf("====================================/n");
29       printf("/n当前系统进程数为:%d/n",count);
30 
31       return 0;
32}