//进程描述信息
typedef struct _tagPROCESSINFO
{
DWORD dwPID;
TCHAR strPath[_MAX_PATH];
TCHAR strName[_MAX_FNAME];
} PROCESSINFO, *LPPROCESSINFO;
//获取进程信息列表
BOOL EnumProcessesInfo( PROCESSINFO* lpPsInfo, ULONG ulSize, ULONG* pulNeeded )
// lpPsInfo [out] : 指向PROCESSINFO结构数组的指针
// nSize [in] : lpPsInfo中的元素个数
// nNeeded [out] : 实际的元素个数
// 返回值 : TRUE : 成功; FALSE : 失败
{
ASSERT( pulNeeded );
LPDWORD lpdwPIDs ; //存储进程ID数组
DWORD dwbSize, dwbSize2;
dwbSize2 = 256 * sizeof( DWORD );
lpdwPIDs = NULL;
do {
if( lpdwPIDs ) {
HeapFree( GetProcessHeap(), 0, lpdwPIDs );
dwbSize2 *= 2;
}
lpdwPIDs = (LPDWORD)HeapAlloc( GetProcessHeap(), 0, dwbSize2 );
if( lpdwPIDs == NULL ) {
return FALSE ;
}
if( ! ::EnumProcesses( lpdwPIDs, dwbSize2, &dwbSize ) ) {
HeapFree( GetProcessHeap(), 0, lpdwPIDs ) ;
return FALSE ;
}
}while( dwbSize == dwbSize2 ) ;
ULONG ulCount = dwbSize / sizeof( DWORD );
//如果为询问数量,则返回实际数量
if ( NULL == lpPsInfo && 0 == ulSize ) {
*pulNeeded = ulCount;
return TRUE;
}
ASSERT( lpPsInfo );
if ( NULL == lpPsInfo ) {
return FALSE;
}
if ( ulSize <= ulCount ) {
*pulNeeded = ulSize;
}
else {
*pulNeeded = ulCount;
}
//获得进程信息
HANDLE hProcess;
HMODULE hModule;
DWORD dwSize;
char path_buffer[_MAX_PATH];
char drive[_MAX_DRIVE];
char dir[_MAX_DIR];
char fname[_MAX_FNAME];
char ext[_MAX_EXT];
// Loop through each ProcID.
for( ULONG ulIndex = 0 ; ulIndex < (*pulNeeded) ; ulIndex++ )
{
// Open the process (if we can... security does not
// permit every process in the system).
// TRACE("PID To Open:%d ", lpdwPIDs[ulIndex] );
lpPsInfo[ulIndex].dwPID = lpdwPIDs[ulIndex];
lpPsInfo[ulIndex].strPath[0] = 0;
lpPsInfo[ulIndex].strName[0] = 0;
// Because Can't Open 0 And 8 Process,
// Mark Them At There
if ( 0 == lpdwPIDs[ulIndex] ) {
strcpy( lpPsInfo[ulIndex].strName, "System Idle Process" );
continue;
}
else if ( 8 == lpdwPIDs[ulIndex] ) {
strcpy( lpPsInfo[ulIndex].strName, "System" );
continue;
}
// Open Process And Get Process Infomation
hProcess = OpenProcess(
PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE, lpPsInfo[ulIndex].dwPID );
if( hProcess != NULL )
{
// Here we call EnumProcessModules to get only the
// first module in the process this is important,
// because this will be the .EXE module for which we
// will retrieve the full path name in a second.
if( EnumProcessModules( hProcess, &hModule,
sizeof(hModule), &dwSize ) ) {
// Get Full pathname:
if( GetModuleFileNameEx( hProcess, hModule,
path_buffer, sizeof(path_buffer) ) ) {
_tsplitpath( path_buffer, drive, dir, fname, ext );
strcpy( lpPsInfo[ulIndex].strPath, path_buffer );
sprintf( lpPsInfo[ulIndex].strName, "%s%s", fname, ext );
// TRACE( "ModuleFileName:%s ", path_buffer );
}
}
CloseHandle( hProcess ) ;
}
}
参考帖子:
本文地址:http://com.8s8s.com/it/it32099.htm