Delphi进程,模块相关编程

页面导航:首页 > 软件编程 > Delphi > Delphi进程,模块相关编程

Delphi进程,模块相关编程

来源: 作者: 时间:2016-01-21 09:33 【

/*Title:Delphi进程,模块相关编程*Author:Insun*Blog:http://yxmhero1989.blog.163.com*From:www.4safer.com*/个人觉得Delphi进程相关可以按照下面几点来研究,有乱点之处请不吝指正(有点代码写的的确很糟糕

/*Title:Delphi进程,模块相关编程

*Author:Insun

*Blog:http://yxmhero1989.blog.163.com

*From:www.4safer.com

*/

 

个人觉得Delphi进程相关可以按照下面几点来研究,有乱点之处请不吝指正(有点代码写的的确很糟糕,虽然金山和卡巴也有代码临时工嫌疑,style不行就是囧):

我们查看了TLHELP32: 发现有下面5个数据结构
Shapshot function
heap walking
process walking
Thread walking
Module walking

 I.列出进程相关:进程名,PID,父进程ID,模块ID,引用计数,线程计数,优先权,进程默认堆栈,进程文件

路径  <这个操作很简单,网上到处都是,综合一下成最好最厚道最全面的>

 

 function GetPathFileofModule(ModuleName:String):String; // 通过进程名获得文件全路径的函数

var
hProcSnap: THandle;
pProcess: THandle;
pe32: TProcessEntry32;
buf:array[0..MAX_PATH] of char;
hMod:HMODULE;
cbNeeded:DWORD;
begin
hProcSnap := CreateToolHelp32SnapShot(TH32CS_SNAPALL, 0);
if hProcSnap = INVALID_HANDLE_VALUE then Exit;
pe32.dwSize := SizeOf(ProcessEntry32);
if Process32First(hProcSnap, pe32) = True then
while Process32Next(hProcSnap, pe32) = True do
begin
if uppercase(pe32.szExeFile)=uppercase(ModuleName) then
begin
pProcess:=OpenProcess(PROCESS_QUERY_INFORMATION or
PROCESS_VM_READ,
FALSE,
pe32.th32ProcessID);
if pProcess<>0 then
begin
if EnumProcessModules( pProcess,@hMod,sizeof(hMod),cbNeeded) then
begin
ZeroMemory(@buf,MAX_PATH+1);
GetModuleFileNameEx(pProcess, hMod,buf,MAX_PATH+1);//枚举进程文件所在路径
Result:=strpas(buf);
end;
end;
end;
end;
CloseHandle(hProcSnap);
end;

procedure TForm1.ViewProcess;    //关键代码。uses TLHelp32, PsAPI,
var
  hSnap,h     : THandle;
  ProcessEntry : TProcessEntry32;
  Proceed   : Boolean;
  hMod:HMODULE;
  cbNeeded,p:DWORD;
begin
     hSnap := CreateToolhelp32Snapshot( TH32CS_SNAPALL , 0 ); //创建快照
     if HSnap <> -1 then
     begin
          ProcessEntry.dwSize := SizeOf(TProcessEntry32);  //先初始化 FProcessEntry32 的大小
          Proceed := Process32First(hSnap, ProcessEntry);
         // p :=DWORD(ListView1.Items.Objects[ListView1.itemindex]);
          //h := OpenProcess(PROCESS_ALL_ACCESS, false, p);     //p 为 进程ID
         // if h > 0 then
         // begin
         //if EnumProcessModules( h, @hMod, sizeof(hMod), cbNeeded) then //查找第一个进程
          while Proceed do                                            //while 循环
          begin
               with ProcessEntry do
               with listview1.Items.Add do
               begin
                    caption:=szExeFile;
                    subitems.Add(inttostr(Th32ProcessID));
                    subitems.Add(inttostr(th32ParentProcessID));
                    subitems.Add(inttostr(Th32ModuleID));
                    subitems.Add(inttostr(cntUsage));
                    subitems.Add(inttostr(cntThreads));
                    subitems.Add(inttostr(pcPriClassBase));
                    subitems.Add(inttostr(th32DefaultHeapID));
                  // subitems.Add(ProcessEntry.szExePath);
                    subitems.Add(GetPathFileofModule(szExeFile));
                
               end;

               Proceed := Process32Next( hSnap, ProcessEntry);       //查找下一个进程
          end;
          CloseHandle( hSnap );
          CloseHandle(h);
       self.Label1.Caption:=当前系统共有++inttostr(listview1.Items.count)++个进程 ;

     end
      else
     ShowMessage( Oops... + SysErrorMessage(GetLastError));

end;

procedure TForm1.GetModule(pid: integer);
var th32handle:THandle;procstruct:TModuleEntry32;
    finded:boolean;
begin
    th32handle:=CreateToolHelp32Snapshot(TH32CS_SNAPMODULE,pid);
    try
        procstruct.dwSize:=sizeof(procstruct);
        ListView2.Clear;
        finded:=Module32First(th32handle,procstruct);
        while finded do
        begin
            with ListView2.Items.Add do
      &nb

Tags:

相关文章

    文章评论

    
    <