|
发信人: wenbobo(灌了拂衣去) 整理人: wenbobo(2002-11-22 21:04:53), 站内信件 |
| 这个方法不妥当,不是所有进程都创建窗口的,比如某些木马。
下面这个函数是得到所有进程的: #include <windows.h> #include <tlhelp32.h> #include <stdio.h> BOOL GetProcessList () { HANDLE hProcessSnap = NULL; BOOL bRet = FALSE; PROCESSENTRY32 pe32 = {0}; // Take a snapshot of all processes in the system. hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if (hProcessSnap == INVALID_HANDLE_VALUE) return (FALSE); // Fill in the size of the structure before using it. pe32.dwSize = sizeof(PROCESSENTRY32); // Walk the snapshot of the processes, and for each process, // display information. if (Process32First(hProcessSnap, &pe32)) { DWORD dwPriorityClass; BOOL bGotModule = FALSE; MODULEENTRY32 me32 = {0}; do { bGotModule = GetProcessModule(pe32.th32ProcessID, pe32.th32ModuleID, &me32, sizeof(MODULEENTRY32)); if (bGotModule) { HANDLE hProcess; // Get the actual priority class. hProcess = OpenProcess (PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID); dwPriorityClass = GetPriorityClass (hProcess); CloseHandle (hProcess); // Print the process's information. printf( "\nPriority Class Base\t%d\n", pe32.pcPriClassBase); printf( "PID\t\t\t%d\n", pe32.th32ProcessID); printf( "Thread Count\t\t%d\n", pe32.cntThreads); printf( "Module Name\t\t%s\n", me32.szModule); printf( "Full Path\t\t%s\n\n", me32.szExePath); } } while (Process32Next(hProcessSnap, &pe32)); bRet = TRUE; } else bRet = FALSE; // could not walk the list of processes // Do not forget to clean up the snapshot object. CloseHandle (hProcessSnap); return (bRet); } 【 在 alpha_fu 的大作中提到:】 :HWND FindWindow( : LPCTSTR lpClassName, // pointer to class name : LPCTSTR lpWindowName // pointer to window name :); :用这个函数找到窗口 : :...... ---- 掬水月在手 弄花香满身   
|
|
[关闭][返回] |