返回顶部

收藏

C++扫描系统进程代码

更多
#include <windows.h>  
#include <tlhelp32.h>  
#include <tchar.h>  
#include <stdio.h>  
#include<iostream>  
using namespace std;  
int main()  
{  
    HANDLE hProcessSnap;  
    HANDLE hProcess;  
    PROCESSENTRY32 pe32;//用来存储进程的相关信息  
    DWORD dwPriorityClass;//  

    //建立进程快照  
    hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0);//获得系统进程的快照  

    if(hProcessSnap == INVALID_HANDLE_VALUE)  
    {  
        cout<<"快照创建失败"<<endl;  
        return 0;  
    }  
    pe32.dwSize = sizeof(PROCESSENTRY32);  
    if(Process32First( hProcessSnap, &pe32) == NULL)  
    {  
        cout<<"error"<<endl;  
        CloseHandle(hProcessSnap);  

    }  
    int i = 0;  
    do{  
        cout<<"------------"<<i++<<"个进程------------------------"<<endl;  
        //cout<<" name : "<<pe32.szExeFile<<endl;  
        _tprintf( TEXT("\nPROCESS NAME: %s"), pe32.szExeFile );  
        cout<<endl;  
        cout<< "Process ID = "<< pe32.th32ProcessID <<endl;  
        cout<< "Thread count = "<<pe32.cntThreads <<endl;   
        cout<< "Parent process ID = "<< pe32.th32ParentProcessID <<endl;;   
        cout<< "Priority base = "<< pe32.pcPriClassBase <<endl;   
    }while( Process32Next( hProcessSnap, &pe32) );  
    return 0;  

}  

当然,上面程序是我从一个程序中摘出来的,这是源程序,忘了引用的哪了,如果作者看到,请告知引用地址。

这个程序实现了对系统进程,单个进程和线程的快照,主要还是拿几个函数,有时间的话做一个可视化的,和大家分享

#include <windows.h>  
#include <tlhelp32.h>  
#include <tchar.h>  
#include <stdio.h>  
// Forward declarations:  
BOOL GetProcessList( );  
BOOL ListProcessModules( DWORD dwPID );  
BOOL ListProcessThreads( DWORD dwOwnerPID );  
void printError( TCHAR* msg );  
void main( )  
{   
    GetProcessList( );  
}  
BOOL GetProcessList( )  
{   
    HANDLE hProcessSnap;   
    HANDLE hProcess;   
    PROCESSENTRY32 pe32; //用来存放快照进程信息的一个结构体  
    DWORD dwPriorityClass; // Take a snapshot of all processes in the system.   
    hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );   
    /* 
    CreateToolhelp32Snapshot函数为指定的进程、进程使用的堆[HEAP]、模块[MODULE]、线程[THREAD])建立一个快照[snapshot]。    
    HANDLE WINAPI CreateToolhelp32Snapshot(   DWORD dwFlags, //用来指定“快照”中需要返回的对象,可以是TH32CS_SNAPPROCESS等    
                                  DWORD th32ProcessID //一个进程ID号,用来指定要获取哪一个进程的快照,当获取系统进程列表或获取当前进程快照时可以设为0   );  
    */  
    if( hProcessSnap == INVALID_HANDLE_VALUE )   
    {   
        printError( TEXT("CreateToolhelp32Snapshot (of processes)") );   
        return( FALSE );   
    } // Set the size of the structure before using it.   
    pe32.dwSize = sizeof( PROCESSENTRY32 ); // Retrieve information about the first process,   
    // and exit if unsuccessful  
    if( !Process32First( hProcessSnap, &pe32 ) )   
    {   
        printError( TEXT("Process32First") ); // show cause of failure   
        CloseHandle( hProcessSnap ); // clean the snapshot object   
        ( FALSE );   
    } // Now walk the snapshot of processes, and   
    // display information about each process in turn   
    do {  
        printf( "\n\n=====================================================" );   
        _tprintf( TEXT("\nPROCESS NAME: %s"), pe32.szExeFile );   
        printf( "\n-----------------------------------------------------" ); // Retrieve the priority class.   
        dwPriorityClass = 0;   
        hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID );   
        /* 
        OpenProcess 函数用来打开一个已存在的进程对象,并返回进程的句柄。   
        1.函数原型   HANDLE OpenProcess(   DWORD dwDesiredAccess, //渴望得到的访问权限(标志)    
                                         BOOL bInheritHandle, // 是否继承句柄    
                                         DWORD dwProcessId// 进程标示符   );  
        */  
        if( hProcess == NULL )  
            printError( TEXT("OpenProcess") );   
        else {   
            dwPriorityClass = GetPriorityClass( hProcess );   
            if( !dwPriorityClass )   
                printError( TEXT("GetPriorityClass") );   
            CloseHandle( hProcess );   
        }   
        printf( "\n Process ID = 0x%08X", pe32.th32ProcessID );   
        printf( "\n Thread count = %d", pe32.cntThreads );   
        printf( "\n Parent process ID = 0x%08X", pe32.th32ParentProcessID );   
        printf( "\n Priority base = %d", pe32.pcPriClassBase );   
        if( dwPriorityClass )   
            printf( "\n Priority class = %d", dwPriorityClass ); // List the modules and threads associated with this process   
        //ListProcessModules( pe32.th32ProcessID );   
        //ListProcessThreads( pe32.th32ProcessID );  
    } while( Process32Next( hProcessSnap, &pe32 ) );  
    CloseHandle( hProcessSnap );   
    return( TRUE );  
}  
BOOL ListProcessModules( DWORD dwPID )  
{  
    HANDLE hModuleSnap = INVALID_HANDLE_VALUE;   
    MODULEENTRY32 me32; // Take a snapshot of all modules in the specified process.   
    hModuleSnap = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID );  
    if( hModuleSnap == INVALID_HANDLE_VALUE )   
    {  
        printError( TEXT("CreateToolhelp32Snapshot (of modules)") );   
        return( FALSE );  
    } // Set the size of the structure before using it.  
    me32.dwSize = sizeof( MODULEENTRY32 ); // Retrieve information about the first module,   
    // and exit if unsuccessful   
    if( !Module32First( hModuleSnap, &me32 ) )   
    {  
        printError( TEXT("Module32First") ); // show cause of failure   
        CloseHandle( hModuleSnap ); // clean the snapshot object   
        return( FALSE );  
    } // Now walk the module list of the process,   
    // and display information about each module   
    do {  
        _tprintf( TEXT("\n\n MODULE NAME: %s"), me32.szModule );  
        _tprintf( TEXT("\n Executable = %s"), me32.szExePath );  
        printf( "\n Process ID = 0x%08X", me32.th32ProcessID );  
        printf( "\n Ref count (g) = 0x%04X", me32.GlblcntUsage );  
        printf( "\n Ref count (p) = 0x%04X", me32.ProccntUsage );  
        printf( "\n Base address = 0x%08X", (DWORD) me32.modBaseAddr );   
        printf( "\n Base size = %d", me32.modBaseSize );  
    } while( Module32Next( hModuleSnap, &me32 ) );   
    CloseHandle( hModuleSnap );   
    return( TRUE );  
}  
BOOL ListProcessThreads( DWORD dwOwnerPID )   
{   
    HANDLE hThreadSnap = INVALID_HANDLE_VALUE;   
    THREADENTRY32 te32; // Take a snapshot of all running threads   
    hThreadSnap = CreateToolhelp32Snapshot( TH32CS_SNAPTHREAD, 0 );   
    if( hThreadSnap == INVALID_HANDLE_VALUE )   
        return( FALSE ); // Fill in the size of the structure before using it.   
    te32.dwSize = sizeof(THREADENTRY32 ); // Retrieve information about the first thread,   
    // and exit if unsuccessful   
    if( !Thread32First( hThreadSnap, &te32 ) )   
    {  
        printError( TEXT("Thread32First") ); // show cause of failure   
        CloseHandle( hThreadSnap ); // clean the snapshot object   
        return( FALSE );  
    } // Now walk the thread list of the system,  
    // and display information about each thread   
    // associated with the specified process   
    do {   
        if( te32.th32OwnerProcessID == dwOwnerPID )   
        {   
            printf( "\n\n THREAD ID = 0x%08X", te32.th32ThreadID );   
            printf( "\n Base priority = %d", te32.tpBasePri );  
            printf( "\n Delta priority = %d", te32.tpDeltaPri );   
        }   
    } while( Thread32Next(hThreadSnap, &te32 ) );   
    CloseHandle( hThreadSnap );   
    return( TRUE );  
}  
void printError( TCHAR* msg )  
{   
    DWORD eNum;   
    TCHAR sysMsg[256];   
    TCHAR* p;   
    eNum = GetLastError( );   
    FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, eNum, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language   
        sysMsg,256, NULL ); // Trim the end of the line and terminate it with a null   
    p = sysMsg;  
    while( ( *p > 31 ) || ( *p == 9 ) )   
        ++p;   
    do {  
        *p-- = 0;  
    } while( ( p >= sysMsg ) && ( ( *p == '.' ) || ( *p < 33 ) ) ); // Display the message   
    _tprintf( TEXT("\n WARNING: %s failed with error %d (%s)"), msg, eNum, sysMsg );  
}   

标签:系统进程,进程扫描,C++

收藏

0人收藏

支持

0

反对

0

相关聚客文章
  1. coder4 发表 2013-02-02 15:15:20 c++ tr1和Boost中,tuple、tie的用法。
  2. Dave Abrahams 发表 2011-11-04 08:16:16 Having it all: Pythy syntax for C++
  3. Herb Sutter 发表 2012-04-30 23:19:59 C++ Libraries: Casablanca
  4. Herb Sutter 发表 2012-09-18 20:53:01 C&B 2012 panel posted: Ask Us Anything!
  5. Herb Sutter 发表 2013-01-16 00:20:29 Videos: Panel, and C++ Concurrency
  6. Eric Battalio 发表 2013-03-11 18:34:00 Advanced Developers Conference 2013: C++
  7. alex 发表 2013-04-13 08:23:26 Dynamic C++ in a nutshell
  8. 博主 发表 2009-12-30 16:00:00 C++如何判断声明为基类的对象,是否某子类型的实例?
  9. maipianshuo 发表 2013-06-11 04:14:53 [C++技巧篇1]enable_if,lambda
  10. admin 发表 2012-09-28 07:50:16 基于XMPP协议IM技术选型
  11. mortoray 发表 2013-08-13 04:09:26 We don’t need a string type
  12. Jennifer Leaf [MSFT] 发表 2013-09-30 15:09:00 Visual C++ Libraries Survey

发表评论