Home > Others

Two methods for obtaining the explorer process ID

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Obtain
Explorer

Process
ID

Two Methods

Processes
ID

Use
OpenProcess

Function obtaining handle

 

1.



By using the desktop class and name


. Data?

Szw.topclass
DB
'Signature', 0
;

Desktop window

Szw.topwindow
DB
'Program Manager', 0
;

Desktop window name

Dwprocessid
Dd
?
;

Save Process
ID

Dwthreadid
Dd
?
;

Save thread
ID


. Code

Invoke
Findwindow, ADDR sz1_topclass, ADDR sz1_topwindow
;

Obtain the desktop window handle

Invoke
Getwindowthreadprocessid, eax, offset dwprocessid
;

Obtain Process
ID

MoV

Dwthreadid, eax
;

Thread
ID

2.



Process snapshot method, compare executable file names


. Data?

Szexplorer
DB
'Explorer. EXE ', 0
;

Executable File Name

Dwexplorerid
Dd
?
;

Retained
Explorer

Process
ID


. Code

_ Proctest
Proc


Local
@ Stprocess: processentry32
;

Information about each process


Local
@ Hsnapshot
;

Snapshot handle




Pushad



Invoke
Rtlzeromemory, ADDR @ stprocess, sizeof @ stprocess
; 0

Initialize Process Structure


MoV
@ Stprocess. dwsize, sizeof @ stprocess
;

Manually enter

Structure Size


Invoke
Createconlhelp32snapshot, th32cs_snapprocess, 0
;

Obtain process snapshots


MoV
@ Hsnapshot, eax
;

Snapshot handle


Invoke
Process32first, @ hsnapshot, ADDR @ stprocess
;

First Process


. While
Eax






Invoke
Lstrcmp, ADDR @ stprocess. szexefile, ADDR szexplorer;

Compare file names





. If
Eax = 0
;

Is
0

, Indicating that the process name is the same





MoV eax, @ stprocess. th32processid



MoV dwexplorerid, eax



. Endif




Invoke
Process32next, @ hsnapshot, ADDR @ stprocess;

Next Process


. Endw


Invoke
Closehandle, @ hsnapshot
;

Disable snapshots

Popad

_ Proctest endp

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More