void printprocessnameandid( dword processid )
tchar szprocessname[max_path] = text("");
// get a handle to the process.
handle hprocess = openprocess( process_query_information |
process_vm_read,
false, processid );
// get the process name.
if (null != hprocess )
hmodule hmod;
dword cbneeded;
if ( enumprocessmodules( hprocess, &hmod, sizeof(hmod),
&cbneeded) )
getmodulebasename( hprocess, hmod, szprocessname,
sizeof(szprocessname)/sizeof(tchar) );
// print the process name and identifier.
// _tprintf( text("%s (pid: %u)/n"), szprocessname, processid );
closehandle( hprocess );
void cmy123dlg::onbnclickedbutton2()
// todo: 在此新增控制項通知處理程式**
dword aprocesses[1024], cbneeded, cprocesses;
unsigned int i;
if ( !enumprocesses( aprocesses, sizeof(aprocesses), &cbneeded ) )
return;
// calculate how many process identifiers were returned.
cprocesses = cbneeded / sizeof(dword);
// print the name and process identifier for each process.
for ( i = 0; i < cprocesses; i++ )
if( aprocesses[i] != 0 )
printprocessnameandid( aprocesses[i] );
注意:該函式需要包含#include 標頭檔案,還要包含psapi.lib
根據以上內容,下列**,為殺死指定程序12.exe 的函式
void cmy123dlg::onbnclickedbutton3()
// todo: 在此新增控制項通知處理程式**
tchar szprocessname[max_path] = text("");
int lpexitcode=0;
dword aprocesses[1024], cbneeded, cprocesses;
unsigned int i;
if ( !enumprocesses( aprocesses, sizeof(aprocesses), &cbneeded ) )
return;
// calculate how many process identifiers were returned.
cprocesses = cbneeded / sizeof(dword);
// print the name and process identifier for each process.
for ( i = 0; i < cprocesses; i++ )
if( aprocesses[i] != 0 )
// get a handle to the process.
handle hprocess = openprocess( process_query_information |
process_vm_read,
false, aprocesses[i] );
// get the process name.
if (null != hprocess )
hmodule hmod;
dword cbneeded;
if ( enumprocessmodules( hprocess, &hmod, sizeof(hmod),
&cbneeded) )
getmodulebasename( hprocess, hmod, szprocessname,
sizeof(szprocessname)/sizeof(tchar) );
// if(szprocessname == _t("12.exe"))
if(wcscmp(szprocessname,_t("12.exe"))==0)
hprocess = openprocess( process_terminate |
process_vm_read,
false, aprocesses[i] );
terminateprocess(hprocess,(uint)lpexitcode);
printprocessnameandid( aprocesses[i] );
兩種方法實現列舉windows下執行程序
最近在做乙個跨平台專案,要取關於當前使用者資訊所有的程序資訊。由於不太熟悉windows下的api 所以也摸索了一下。在這裡就整理下實現方法第一種方法 typedef pidlist vector bool processinfo enumcurrentuserprocess pidlist pid...
獲取系統執行程序資訊 PSAPI介紹使用
網上資料顯示,有這麼三種方法可以用來獲取系統執行程序資訊 方法平台 備註psapi windows nt,windows2000,windows xp 獲取程序,驅動器,模組,記憶體和工作集資訊 效能計數器 windows nt,windows2000,windows xp 提供除程序清單以外的關於...
通過PEB的Ldr列舉程序內所有已載入的模組
一 幾個重要的資料結構,可以通過windbg的dt命令檢視其詳細資訊 peb peb ldr data ldr data table entry 二 技術原理 1 通過fs 30h 獲取當前程序的 peb結構 2 通過 peb的ldr成員獲取 peb ldr data結構 3 通過 peb ldr ...