15,471
社区成员
发帖
与我相关
我的任务
分享如何监测WindowNT内存中所有进程的活动情况?
我需用编程知道WindowNT内存中所有进程的活动情况,如某一进程是否已死.
我现已找到内存中所有进程,但不知道如何监测它们:
void CProcessView::OnGetProcess()
{
DWORD aProcesses[1024], cbNeeded, cProcesses;
unsigned int i;
if ( !(*p_EnumProcesses)( aProcesses, sizeof(aProcesses), &cbNeeded ) )
{
return;
}
// Calculate how many process identifiers were returned.
cProcesses = cbNeeded / sizeof(DWORD);
for ( i = 0; i < cProcesses; i++ ){
ShowProcess(i, aProcesses[i] );
}
}
void CProcessView::ShowProcess(DWORD nItem, DWORD processID)
{
char szProcessName[MAX_PATH] = "unknown";
char szCurDir[MAX_PATH]="UnKnown";
CString msg,msg1;
HMODULE hMod;
PROCESS_MEMORY_COUNTERS pmc;
HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION and PROCESS_VM_READ,
FALSE, processID );
if(hProcess==NULL)
{
msg.Format("Process ID is: %d",processID);
MsgError("OpenProcess Error:",msg);
}
else
{
DWORD cbNeeded;
(*p_EnumProcessModules)( hProcess, &hMod, sizeof(hMod),&cbNeeded) ;
}
//Process Name
(*p_GetModuleBaseName)( hProcess, hMod,szProcessName,sizeof(szProcessName));
msg.Format("%s", szProcessName);
AfxMessageBox(msg);
//Process ID
msg.Format("%u", processID);
AfxMessageBox(msg);
//Process full path
(*p_GetModuleFileNameEx)(hProcess,hMod,szCurDir,sizeof(szCurDir));
m_Process.SetItemText(nItem,2,szCurDir);
msg.Format("%d",hMod);
AfxMessageBox(msg);
CloseHandle( hProcess );
}
我现已找到内存中所有进程,但不知道如何监测它们:
void CProcessView::OnGetProcess()
{
DWORD aProcesses[1024], cbNeeded, cProcesses;
unsigned int i;
if ( !(*p_EnumProcesses)( aProcesses, sizeof(aProcesses), &cbNeeded ) )
{
return;
}
// Calculate how many process identifiers were returned.
cProcesses = cbNeeded / sizeof(DWORD);
for ( i = 0; i < cProcesses; i++ ){
ShowProcess(i, aProcesses[i] );
}
}
void CProcessView::ShowProcess(DWORD nItem, DWORD processID)
{
char szProcessName[MAX_PATH] = "unknown";
char szCurDir[MAX_PATH]="UnKnown";
CString msg,msg1;
HMODULE hMod;
PROCESS_MEMORY_COUNTERS pmc;
HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION and PROCESS_VM_READ,
FALSE, processID );
if(hProcess==NULL)
{
msg.Format("Process ID is: %d",processID);
MsgError("OpenProcess Error:",msg);
}
else
{
DWORD cbNeeded;
(*p_EnumProcessModules)( hProcess, &hMod, sizeof(hMod),&cbNeeded) ;
}
//Process Name
(*p_GetModuleBaseName)( hProcess, hMod,szProcessName,sizeof(szProcessName));
msg.Format("%s", szProcessName);
AfxMessageBox(msg);
//Process ID
msg.Format("%u", processID);
AfxMessageBox(msg);
//Process full path
(*p_GetModuleFileNameEx)(hProcess,hMod,szCurDir,sizeof(szCurDir));
m_Process.SetItemText(nItem,2,szCurDir);
msg.Format("%d",hMod);
AfxMessageBox(msg);
CloseHandle( hProcess );
}
...全文
请发表友善的回复…
发表回复
xubin_sh 2000-01-26
- 打赏
- 举报
或
CreateToolhelp32Snapshot()也可以,它可在95/nt下运行
CreateToolhelp32Snapshot()也可以,它可在95/nt下运行
xubin_sh 2000-01-26
- 打赏
- 举报
在nt下有psapi(Process Status API )
用EnumProcesses,即可,注意只在nt下
用EnumProcesses,即可,注意只在nt下
cottle 2000-01-24
- 打赏
- 举报
使用GetExitCodeProcess就可以检索进程是否终止。
要获得进程的详细信息可以从PDB(进程数据库)中获得。可以通过进程ID取得进程数据库的指针。买本win95系统编程奥秘来看看吧。
要获得进程的详细信息可以从PDB(进程数据库)中获得。可以通过进程ID取得进程数据库的指针。买本win95系统编程奥秘来看看吧。
olo 2000-01-24
- 打赏
- 举报
listen
Fancy 2000-01-22
- 打赏
- 举报
不知你是否有MSDN文檔, 里面有一個PViewer的例子, 一看便知;
Firing_Sky 2000-01-15
- 打赏
- 举报
有了句病,还有什么不能做的?
kxy 2000-01-15
- 打赏
- 举报
一个线程被创建时,Win32子系统把一个THREADINFO(内部未公开的)结构
关联上此线程.
THREADINFO的文档我没有找到.
"window 98/NT 高级编程技术" Jeffrey Richter
清华大学出版社
上好像有,我把这本书弄丢了.:(
关联上此线程.
THREADINFO的文档我没有找到.
"window 98/NT 高级编程技术" Jeffrey Richter
清华大学出版社
上好像有,我把这本书弄丢了.:(
