<title>Get system process information and DLL information dependent on process</title> #include "stdafx.h"
#include <Windows.h>
#include <TlHelp32.h>
#include <stdio.h>
#include <psapi.h>
#pragma comment (lib, "PSAPI.lib")
int _tmain (int argc, _tchar* argv[])
{
PROCESSENTRY32 pe32;//Process Structure
pe32.dwsize = sizeof (PE32); Before using this structure, set its size first
Take a snapshot of all the processes in the system
HANDLE Hprocesssnap =:: CreateToolhelp32Snapshot (th32cs_snapprocess, 0);
All DLL snapshot handles for a process
HANDLE hmodulesnap = NULL;
if (Hprocesssnap = = INVALID_HANDLE_VALUE)
{
printf ("Createtollhelp32snapshot error!! \ n ");
return-1;
}
BOOL bmore =::P Rocess32first (Hprocesssnap, &pe32);
HANDLE hprocess = 0;
WCHAR procpath[_max_path]={0};
MODULEENTRY32 Lpme; DLL structure
lpme.dwsize = sizeof (MODULEENTRY32);//Before using this structure, set its size first
BOOL bRet = FALSE;
Traverse a process snapshot to display information for each process
while (bmore)
{
Opens a Process object that already exists and returns a handle to the process
hprocess = OpenProcess (PROCESS_ALL_ACCESS,FALSE,PE32.TH32PROCESSID);
Get the full path of the process
Getmodulefilenameex (Hprocess,null,procpath, _max_path);
wprintf (_t ("procpath:%s\nprocname:%s\t\tprocid:%d\n\n"), Procpath, Pe32.szexefile, Pe32.th32processid);
Take a snapshot of all DLLs in an existing process
Hmodulesnap =:: CreateToolhelp32Snapshot (Th32cs_snapmodule, Pe32.th32processid);
BRet =:: Module32first (Hmodulesnap, &LPME);
Traverse the DLL snapshot to display the DLL information that the process is adding
while (BRet)
{
wprintf (_t ("\t\tmodual:%s\tbase:%2x\n"), Lpme.szexepath, lpme.modbaseaddr);
BRet =:: Module32next (Hmodulesnap, &LPME);
}
Close the Snapshot object
:: CloseHandle (HMODULESNAP);
Bmore =::P rocess32next (Hprocesssnap, &pe32);
}
Close the Snapshot object
:: CloseHandle (HPROCESSSNAP);
return 0;
}
From for notes (Wiz)
Get system process information and DLL information dependent on process
