如何监测WindowNT内存中所有进程的活动情况?
Storm 2000-01-15 01:40:00 我需用编程知道WindowNT内存中所有进程的活动情况,如某一进程是否已死.
我现已找到内存中所有进程,但不知道如何监测它们:
void CProcessView::OnGetProcess()
{
DWORD aProcesses[1024], cbNeeded, cProcesses;
unsigned int i;
if ( !(*p_EnumProcesses)( aProcesses, sizeof(aProcesses), &cbNeeded ) )
{
return;
}
// Calculate how many process identifiers were returned.
cProcesses = cbNeeded / sizeof(DWORD);
for ( i = 0; i < cProcesses; i++ ){
ShowProcess(i, aProcesses[i] );
}
}
void CProcessView::ShowProcess(DWORD nItem, DWORD processID)
{
char szProcessName[MAX_PATH] = "unknown";
char szCurDir[MAX_PATH]="UnKnown";
CString msg,msg1;
HMODULE hMod;
PROCESS_MEMORY_COUNTERS pmc;
HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION and PROCESS_VM_READ,
FALSE, processID );
if(hProcess==NULL)
{
msg.Format("Process ID is: %d",processID);
MsgError("OpenProcess Error:",msg);
}
else
{
DWORD cbNeeded;
(*p_EnumProcessModules)( hProcess, &hMod, sizeof(hMod),&cbNeeded) ;
}
//Process Name
(*p_GetModuleBaseName)( hProcess, hMod,szProcessName,sizeof(szProcessName));
msg.Format("%s", szProcessName);
AfxMessageBox(msg);
//Process ID
msg.Format("%u", processID);
AfxMessageBox(msg);
//Process full path
(*p_GetModuleFileNameEx)(hProcess,hMod,szCurDir,sizeof(szCurDir));
m_Process.SetItemText(nItem,2,szCurDir);
msg.Format("%d",hMod);
AfxMessageBox(msg);
CloseHandle( hProcess );
}