R3层枚举进程主要有两种方法,使用ToolHelp库及PsApi库
ToolHelp库:
点击查看代码
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hSnapshot == INVALID_HANDLE_VALUE)
{
_tprintf(_T("CreateToolhelp32Snapshot Error\r\n"));
return;
}
PROCESSENTRY32 processEntry;
processEntry.dwSize = sizeof(processEntry);
int count = 0;
if (Process32First(hSnapshot, &processEntry))
{
while (Process32Next(hSnapshot, &processEntry))
{
count++;
_tprintf(_T("第%d个进程 进程ID:%d 进程名:%s\r\n"), count, processEntry.th32ProcessID, processEntry.szExeFile);
}
CloseHandle(hSnapshot);
}
PsApi库:
点击查看代码
DWORD dwProcessId[0x1000];
DWORD dwNeeded = 0;
DWORD dwProcessCount = 0;
TCHAR strProcessName[260];
if (!EnumProcesses(dwProcessId, sizeof(dwProcessId), &dwNeeded))
{
DWORD Error = GetLastError();
_tprintf(_T("EnumProcesses fail! Error:%d\r\n"),Error);
}
dwProcessCount = dwNeeded / sizeof(DWORD);
for (int i = 0; i < dwProcessCount; i++)
{
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwProcessId[i]);
if (hProcess != NULL)
{
GetProcessImageFileName(hProcess, strProcessName, sizeof(strProcessName));
_tprintf(_T("进程%d的名称为:%s\r\n"),i, strProcessName);
}
}