Tool help function PSAPI functions (PROCECC STATUS)
1.结构体PROCESSENTRY32
typedef struct tagPROCESSENTRY32 {
DWORD dwSize;
DWORD cntUsage;
DWORD th32ProcessID;
DWORD th32DefaultHeapID;
DWORD th32ModuleID;
DWORD cntThreads;
DWORD th32ParentProcessID;
LONG pcPriClassBase;
DWORD dwFlags;
char szExeFile[MAX_PATH];
} PROCESSENTRY32;
typedef PROCESSENTRY32 * PPROCESSENTRY32;
typedef PROCESSENTRY32 * LPPROCESSENTRY32;
Members
dwSize
Specifies the length, in bytes, of the structure. Before calling the Process32First function, set this member to sizeof(PROCESSENTRY32). If you do not initialize dwSize, Process32First will fail.
cntUsage
Number of references to the process. A process exists as long as its usage count is nonzero. As soon as its usage count becomes zero, a process terminates.
th32ProcessID
Identifier of the process. The contents of this member can be used by Win32 API elements.
th32DefaultHeapID
Identifier of the default heap for the process. The contents of this member has meaning only to the tool help functions. It is not a handle, nor is it usable by Win32 API elements.
th32ModuleID
Module identifier of the process. The contents of this member has meaning only to the tool help functions. It is not a handle, nor is it usable by Win32 API elements.
cntThreads
Number of execution threads started by the process.
th32ParentProcessID
Identifier of the process that created the process being examined. The contents of this member can be used by Win32 API elements.
pcPriClassBase
Base priority of any threads created by this process.
dwFlags
Reserved; do not use.
szExeFile
Path and filename of the executable file for the process.
1.函数 CreateToolhelp3Snapshot(DWORD dwFlags , DWORD th32ProcessID);
用于获取系统中制定进程的快照,也可以获取被这些进程使用的堆,模块和线程的快照。
Parameters
dwFlags
Specifies portions of the system to include in the snapshot. This parameter can be one of the following:
|
Value |
Meaning |
|
TH32CS_INHERIT |
Indicates that the snapshot handle is to be inheritable. |
|
TH32CS_SNAPALL |
Equivalent to specifying TH32CS_SNAPHEAPLIST, TH32CS_SNAPMODULE, TH32CS_SNAPPROCESS, and TH32CS_SNAPTHREAD. |
|
TH32CS_SNAPHEAPLIST |
Includes the heap list of the specified process in the snapshot. |
|
TH32CS_SNAPMODULE |
Includes the module list of the specified process in the snapshot. |
|
TH32CS_SNAPPROCESS |
Includes the process list in the snapshot. |
|
TH32CS_SNAPTHREAD |
Includes the thread list in the snapshot. |
th32ProcessID
Specifies the process identifier. This parameter can be zero to indicate the current process. This parameter is used when the TH32CS_SNAPHEAPLIST or TH32CS_SNAPMODULE value is specified. Otherwise, it is ignored.
源代码:
#include <windows.h>
#include <tlhelp32.h>
#include <stdio.h>
//#pragma comment (lib,"kernel32.lib")
int main(int argc, char* argv[])
{
PROCESSENTRY32 pe32;
pe32.dwSize = sizeof(pe32);
//给系统中所有的进程拍一个快照
HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
if(hProcessSnap == INVALID_HANDLE_VALUE){
printf("CreateToolHelp32Snamshot调用失败!\n");
return -1;
}
//////////////////////////////////////////////////////////////////////////
//遍历进程快照,显示每个进程的信息
BOOL bNext = Process32First(hProcessSnap,&pe32);
while (bNext)
{
printf("ProcessName = %s\t\tProcessId = %u\n",
pe32.szExeFile,pe32.th32ProcessID);
bNext = Process32Next(hProcessSnap,&pe32);
}
CloseHandle(hProcessSnap);
return 0;
}