获得系统中运行的程序及使用的DLL文件发布时间:2008-04-03 10:47:02 来源:编程爱好者网站 作者:编程爱好者网站 点击:258 在Microsoft Visual Studio中提供了一个可以查看当前运行的程序的工具Process Viewer
可以查看系统中当前运行的程序,下面我来介绍在你的程序中如何实现这种功能。 Windows提供了一系列的API函数可以建立当前的程序、模块、线程的“快照”(SnapShot) 利用这些“快照”函数就可以获得当前的程序、模块等的信息。 下面实现的步骤: 1、在Form1中加入一个CommandButton控件、两个ListBox控件 2、在Form1中加入如下代码: Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" _ (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long Private Declare Function Process32First Lib "kernel32" _ (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long Private Declare Function Process32Next Lib "kernel32" _ (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long Private Declare Function Module32First Lib "kernel32" _ (ByVal hSnapshot As Long, lppe As MODULEENTRY32) As Long Private Declare Function Module32Next Lib "kernel32" _ (ByVal hSnapshot As Long, lppe As MODULEENTRY32) As Long Private Declare Function CloseHandle Lib "kernel32" (ByVal _ hObject As Long) As Long Private Declare Function SendMessage Lib "user32" Alias _ "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As _ Long, ByVal wParam As Long, lParam As Any) As Long Private Type PROCESSENTRY32 dwSize As Long cntUsage As Long th32ProcessID As Long th32DefaultHeapID As Long th32ModuleID As Long cntThreads As Long th32ParentProcessID As Long pcPriClassBase As Long dwFlags As Long szExeFile As String * 1024 End Type Private Type MODULEENTRY32 dwSize As Long th32ModuleID As Long th32ProcessID As Long GlblcntUsage As Long ProccntUsage As Long modBaseAddr As Byte modBaseSize As Long hModule As Long szModule As String * 256 szExePath As String * 1024 End Type Const LB_SETHORIZONTALEXTENT = &H1Array4 Const TH32CS_SNAPHEAPLIST = &H1 Const TH32CS_SNAPPROCESS = &H2 Const TH32CS_SNAPTHREAD = &H4 Const TH32CS_SNAPMODULE = &H8 Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS _ Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE) Const TH32CS_INHERIT = &H80000000 Dim MyEntry(100) As PROCESSENTRY32 Private Sub Command1_Click() Dim my As PROCESSENTRY32 Dim l As Long List1.Clear l = SendMessage(List1.hwnd, &H1Array4, 640, 0) ’建立当前程序快照 l = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0) If l Then my.dwSize = 1060 If (Process32First(l, my)) Then ’遍历第一个程序 ’遍历所有程序直到返回值为False Do List1.AddItem (Trim$(my.szExeFile)) MyEntry(List1.ListCount - 1) = my Loop Until (Process32Next(l, my) < 1) End If ’关闭快照句柄 CloseHandle l End If End Sub Private Sub Form_Load() Command1_Click End Sub Private Sub List1_Click() Dim l As Long Dim mm As MODULEENTRY32 Dim lm As Long Dim astr As String If MyEntry(List1.ListIndex).th32ProcessID <> 0 Then l = SendMessage(List2.hwnd, &H1Array4, 640, 0) List2.Clear ’根据程序快照句柄建立程序的模块句柄 lm = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, _ MyEntry(List1.ListIndex).th32ProcessID) If lm > 0 Then mm.dwSize = Len(mm) ’获得第一个模块 If Module32First(lm, mm) Then ’遍历所有模块知道返回值为False Do If MyEntry(List1.ListIndex).th32ProcessID = _ mm.th32ProcessID Then astr = Left$(mm.szModule, (InStr(1, _ mm.szModule, Chr(0)) - 1)) List2.AddItem astr End If Loop Until (Module32Next(lm, mm) < 1) End If CloseHandle (lm) End If End If End Sub 运行程序,List1中就列出当前运行的所有的程序的名称及路径,点击其中任一个列表, 在List2中就会列出这个程序所使用的DLL的文件名。按下Command1重新获得系统中运行的程序。 上面只是通过简单的程序介绍了“快照”的建立和使用,只要稍加改造,就可以获得诸如 程序的线程数、模块尺寸、模块在内存的基地址等信息。 以上程序在WindowsArray5、VB5.0下运行通过。 |
|
|
