列举进程、线程、堆、模块等

列举进程、线程、堆、模块等。


一、列出进程


//列出所有进程
HANDLE snapshothandle=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
PROCESSENTRY32 processentry;
processentry.dwSize=sizeof(PROCESSENTRY32);
BOOL finded=Process32First(snapshothandle,&processentry);
while(finded!=NULL)
{
//processentry中返回进程信息
finded=Process32Next(snapshothandle,&processentry);
}
CloseHandle(snapshothandle);


二、列出线程


//列出所有线程
HANDLE snapshothandle=CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD,0);
THREADENTRY32 threadentry;
threadentry.dwSize=sizeof(THREADENTRY32);
BOOL finded=Thread32First(snapshothandle,&threadentry);
while(finded!=NULL)
{
//threadentry中返回线程信息
finded=Thread32Next(snapshothandle,&threadentry);
}
CloseHandle(snapshothandle);


三、列出模块


//列出指定进程调用到的DLL等。
//pid为进程ID
HANDLE snapshothandle=CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,pid);
MODULEENTRY32 moduleentry;
moduleentry.dwSize=sizeof(MODULEENTRY32);
finded=Module32First(snapshothandle,&moduleentry);
while(finded!=NULL)
{
//moduleentry中返回模块信息
finded=Module32Next(snapshothandle,&moduleentry);
}
CloseHandle(snapshothandle);


三、列出进程分配的内存(堆)


//先得到堆表
//再列出堆
//pid为进程ID
HANDLE snapshothandle=CreateToolhelp32Snapshot(TH32CS_SNAPHEAPLIST,pid);
HEAPLIST32 heaplistentry;
heaplistentry.dwSize=sizeof(HEAPLIST32);
finded=Heap32ListFirst(snapshothandle,&heaplistentry);
while(finded!=NULL)
{
//heaplistentry中返回了堆表的信息


//列出堆表中的的堆
HEAPENTRY32 heapentry;
heapentry.dwSize=sizeof(HEAPENTRY32);
//heaplistentry.th32HeapID为堆ID
BOOL finded2=Heap32First(&heapentry,pid,heaplistentry.th32HeapID);
while(finded2!=NULL)
{
//heapentry中返回堆信息
finded2=Heap32Next(&heapentry);
}

finded=Heap32ListNext(snapshothandle,&heaplistentry);
}
CloseHandle(snapshothandle);



枚举特定进程的所有线程列表作者:cooldog 日期:2005-02-04
字体大小: 小 中 大
The following example obtains a list of running threads for the specified process. First, the RefreshThreadList function takes a snapshot of the currently executing threads in the system using the CreateToolhelp32Snapshot function, then it walks through the list recorded in the snapshot, using the Thread32First and Thread32Next functions. The parameter for RefreshThreadList is the identifier of the process whose threads will be listed.

#include
#include
#include

BOOL RefreshThreadList (DWORD dwOwnerPID)
{
HANDLE hThreadSnap = NULL;
BOOL bRet = FALSE;
THREADENTRY32 te32 = {0};

// Take a snapshot of all threads currently in the system.

hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);

if (hThreadSnap == INVALID_HANDLE_VALUE)
return (FALSE);

// Fill in the size of the structure before using it.

te32.dwSize = sizeof(THREADENTRY32);

// Walk the thread snapshot to find all threads of the process.
// If the thread belongs to the process, add its information
// to the display list.

if (Thread32First(hThreadSnap, &te32))
{
do
{
if (te32.th32OwnerProcessID == dwOwnerPID)
{
printf( "\nTID\t\t%d\n", te32.th32ThreadID);
printf( "Owner PID\t%d\n", te32.th32OwnerProcessID);
printf( "Delta Priority\t%d\n", te32.tpDeltaPri);
printf( "Base Priority\t%d\n", te32.tpBasePri);
}
}
while (Thread32Next(hThreadSnap, &te32));
bRet = TRUE;
}
else
bRet = FALSE; // could not walk the list of threads

// Do not forget to clean up the snapshot object.

CloseHandle (hThreadSnap);

return (bRet);
}