找了一溜够,实在没办法做了个抓进程的程序,突然想到这个功能能顺便捕获病毒,感觉挺有用的文件 进程 文件夹
解决方案 »
- C# 限制文本框只能输入数字
- 字符串匹配的问题。
- 我的PDA系统是mobile2003 我用vs2005开发的程序不支持,只支持vs2003开发的,请问怎样可以解决?
- 我的问题:此范围定义了“ convertString4 ”的局部变量。在线等!
- C# RelatedObjects 问题?~在线等.万谢.
- 如何生成XP样式的按钮
- 我开发的游戏"赏图历险II"准备发布了,可是网络游戏有时出错!
- 在C#中调用JS中的一个函数,问题好奇怪,急!!
- 怎么在关闭一个子窗口时(点窗口右上的X)不distroy窗口而CLOSE之
- 在C#中调用ORACLE下的自定义函数如何得到返回值?(急急急!!!)
- 自做一个检测机子的CPU、内存、网速、线程的工具
- 如何将form1的值传到form2
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Threading;
using System.Diagnostics;namespace CaptureProcessName
{
public partial class Form进程捕捉 : Form
{
private List<string> OldProcessesNameList = new List<string>();
private Thread thread搜索进程;
private bool start = false; public Form进程捕捉()
{
InitializeComponent();
} private void button退出_Click(object sender, EventArgs e)
{
Close();
} private void Form进程捕捉_Load(object sender, EventArgs e)
{
//遍历电脑中的进程, 并装载到 OldProcessesNameList 中
Process[] processes = Process.GetProcesses(); for (int i = 0; i < processes.GetLength(0); i++)
{
richTextBoxOld.Text += processes[i].ProcessName + "\r\n";
OldProcessesNameList.Add(processes[i].ProcessName);
}
label3.Text = "共计: " + processes.GetLength(0).ToString() + " 个进程";
label4.Text = "共计: 0 个进程";
} private void button开始_Click(object sender, EventArgs e)
{
button开始.Enabled = false;
button开始.Text = "恢 复";
button暂停.Enabled = true;
if (start == false)
{
start = true;
thread搜索进程 = new Thread(new ThreadStart(Run));
thread搜索进程.Priority = ThreadPriority.BelowNormal;
thread搜索进程.Start();
}
else
{
try
{
thread搜索进程.Resume(); button开始.Enabled = false;
button暂停.Enabled = true;
}
catch (ThreadStateException msg)
{
MessageBox.Show(msg.ToString(), "异常");
}
} } public void Run()
{
while (true)
{
int j = 0;
Process[] processes = Process.GetProcesses(); for (int i = 0; i < processes.GetLength(0); i++)
{
if (OldProcessesNameList.Contains(processes[i].ProcessName))
{
processes[i].Dispose();
}
else
{
richTextBoxNew.Text += processes[i].ProcessName + "\r\n";
OldProcessesNameList.Add(processes[i].ProcessName);
j++;
processes[i].Dispose();
}
}
label4.Text = "共计: " + j.ToString() + " 个进程" + processes.GetLength(0).ToString();
}
} private void button暂停_Click(object sender, EventArgs e)
{
try
{
if (thread搜索进程.ThreadState == System.Threading.ThreadState.Running)
{
thread搜索进程.Suspend();//Pause the thread button开始.Text = "继 续";
button开始.Enabled = true;
button暂停.Enabled = false;
}
}
catch(ThreadStateException msg)
{
MessageBox.Show(msg.ToString(),"异常");
}
} private void Form进程捕捉_FormClosing(object sender, FormClosingEventArgs e)
{
try
{
if (thread搜索进程.ThreadState == System.Threading.ThreadState.Running)
{
if (thread搜索进程.Join(1000) == false)
{
thread搜索进程.Abort();
}
}
else
{
thread搜索进程.Resume();
thread搜索进程.Suspend();
thread搜索进程.Abort();
}
}
catch
{ }
} }
}
{
Process p = new Process();
p.StartInfo.FileName = "notepad.exe";
p.Start(); Console.WriteLine(" 进程ID:" + p.Id);
Console.WriteLine("进程名称:" + p.ProcessName);
Console.WriteLine("文件定位:" + p.MainModule.FileName);
Console.ReadKey();
}
可以、拿到进程的MainModule.FileName属性就是了
启动其他无关进程是可以的,但我要启动的是系统开机启动项,按你给的思路做了一个 ,结果要命了:
namespace CaptureProcessName.Class
{
public class ClassProcess
{
private int _ProcessID = -1;//进程ID
private string _ProcessName = "";//进程名称
private string _ProcessFilePath = "";//文件定位 public int ProcessID
{
get { return _ProcessID; }
}
public string ProcessName
{
get { return _ProcessName; }
}
public string ProcessFilePath
{
get { return _ProcessFilePath; }
} public ClassProcess(string FileName)
{
string[] Extension = {".exe",".com",".msi" };
bool err = false; Process process = new Process();
try
{
process.StartInfo.FileName = FileName + Extension[0];
process.Start();
}
catch { err = true; } if (err == true)
{
try
{
process.StartInfo.FileName = FileName + Extension[1];
process.Start();
}
catch { err = true; }
} if (err == true)
{
try
{
process.StartInfo.FileName = FileName + Extension[2];
process.Start();
}
catch { err = true; }
} if (err == false)
{
_ProcessID = process.Id;
_ProcessName = process.ProcessName;
_ProcessFilePath = process.MainModule.FileName;
}
else
_ProcessFilePath = "无知类型";
}
}
}[code=csharp] private void Form进程捕捉_Load(object sender, EventArgs e)
{
//遍历电脑中的进程, 并装载到 OldProcessesNameList 中
Process[] processes = Process.GetProcesses();
for (int i = 0; i < processes.GetLength(0); i++)
{
string s = processes[i].ProcessName;
richTextBoxOld.Text += s + "\r\n";
OldProcessesNameList.Add(s);
ClassProcess p = new ClassProcess(s);
listView1.Items.Add(p.ProcessFilePath);
}
label3.Text = "共计: " + processes.GetLength(0).ToString() + " 个进程";
label4.Text = "共计: 0 个进程";
}[/code]
Task task = taskFactory.StartNew(() => {
this.listBoxControl1.BeginInvoke((MethodInvoker)delegate { this.listBoxControl1.Items.Clear(); Process[] processes = Process.GetProcesses();
foreach (var item in processes)
{
this.listBoxControl1.Items.Add(item.ProcessName);
try
{
this.listBoxControl1.Items.Add( item.MainModule.FileName.Substring(0, item.MainModule.FileName.LastIndexOf("\\")));
}
catch (Win32Exception)
{
continue;
}
} });
});
http://msdn.microsoft.com/zh-cn/library/system.diagnostics.processmodule(v=vs.100).aspxProcessModule.FileName 获取模块的完整路径, 在截取一下就可以了