Process32First
Retrieves information about the first process encountered in a system snapshot. BOOL WINAPI Process32First(
HANDLE hSnapshot,
LPPROCESSENTRY32 lppe
);
Parameters
hSnapshot
Handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function.
lppe
Pointer to a PROCESSENTRY32 structure.
Return Value
Returns TRUE if the first entry of the process list has been copied to the buffer or FALSE otherwise. The ERROR_NO_MORE_FILES error value is returned by the GetLastError function if no processes exist or the snapshot does not contain process informationCreateToolhelp32Snapshot
Takes a snapshot of the processes and the heaps, modules, and threads used by the processes.HANDLE WINAPI CreateToolhelp32Snapshot(
DWORD dwFlags,
DWORD th32ProcessID
);Parameters
dwFlags
Specifies portions of the system to include in the snapshot. This parameter can be one of the following: Value Meaning
TH32CS_INHERIT Indicates that the snapshot handle is to be inheritable.
TH32CS_SNAPALL Equivalent to specifying TH32CS_SNAPHEAPLIST, TH32CS_SNAPMODULE, TH32CS_SNAPPROCESS, and TH32CS_SNAPTHREAD.
TH32CS_SNAPHEAPLIST Includes the heap list of the specified process in the snapshot.
TH32CS_SNAPMODULE Includes the module list of the specified process in the snapshot.
TH32CS_SNAPPROCESS Includes the process list in the snapshot.
TH32CS_SNAPTHREAD Includes the thread list in the snapshot.
th32ProcessID
Specifies the process identifier. This parameter can be zero to indicate the current process. This parameter is used when the TH32CS_SNAPHEAPLIST or TH32CS_SNAPMODULE value is specified. Otherwise, it is ignored.
Return Value
Returns an open handle to the specified snapshot if successful or – 1 otherwiseProcess32Next
Retrieves information about the next process recorded in a system snapshot. BOOL WINAPI Process32Next(
HANDLE hSnapshot,
LPPROCESSENTRY32 lppe
);
Parameters
hSnapshot
Handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function.
lppe
Pointer to a PROCESSENTRY32 structure.
Return Value
Returns TRUE if the next entry of the process list has been copied to the buffer or FALSE otherwise. The ERROR_NO_MORE_FILES error value is returned by the GetLastError function if no processes exist or the snapshot does not contain process information.Module32First
Retrieves information about the first module associated with a process.BOOL WINAPI Module32First(
HANDLE hSnapshot,
LPMODULEENTRY32 lpme
);
Parameters
hSnapshot
Handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function.
lpme
Pointer to a MODULEENTRY32 structure.
Return Value
Returns TRUE if the first entry of the module list has been copied to the buffer or FALSE otherwise. The ERROR_NO_MORE_FILES error value is returned by the GetLastError function if no modules exist or the snapshot does not contain module information.
Module32Next
Retrieves information about the next module associated with a process or thread.BOOL WINAPI Module32Next(
HANDLE hSnapshot,
LPMODULEENTRY32 lpme
);
Parameters
hSnapshot
Handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function.
lpme
Pointer to a MODULEENTRY32 structure.
Return Value
Returns TRUE if the next entry of the module list has been copied to the buffer or FALSE otherwise. The ERROR_NO_MORE_FILES error value is returned by the GetLastError function if no more modules existThe OpenProcess function returns a handle to an existing process object. HANDLE OpenProcess(
DWORD dwDesiredAccess, // access flag
BOOL bInheritHandle, // handle inheritance flag
DWORD dwProcessId // process identifier
);
Parameters
dwDesiredAccess
Specifies the access to the process object. For operating systems that support security checking, this access is checked against any security descriptor for the target process. Any combination of the following access flags can be specified in addition to the STANDARD_RIGHTS_REQUIRED access flags: Access Description
PROCESS_ALL_ACCESS Specifies all possible access flags for the process object.
PROCESS_CREATE_PROCESS Used internally.
PROCESS_CREATE_THREAD Enables using the process handle in the CreateRemoteThread function to create a thread in the process.
PROCESS_DUP_HANDLE Enables using the process handle as either the source or target process in the DuplicateHandle function to duplicate a handle.
PROCESS_QUERY_INFORMATION Enables using the process handle in the GetExitCodeProcess and GetPriorityClass functions to read information from the process object.
PROCESS_SET_INFORMATION Enables using the process handle in the SetPriorityClass function to set the priority class of the process.
PROCESS_TERMINATE Enables using the process handle in the TerminateProcess function to terminate the process.
PROCESS_VM_OPERATION Enables using the process handle in the VirtualProtectEx and WriteProcessMemory functions to modify the virtual memory of the process.
PROCESS_VM_READ Enables using the process handle in the ReadProcessMemory function to read from the virtual memory of the process.
PROCESS_VM_WRITE Enables using the process handle in the WriteProcessMemory function to write to the virtual memory of the process.
SYNCHRONIZE Windows NT: Enables using the process handle in any of the wait functions to wait for the process to terminate.
bInheritHandle
Specifies whether the returned handle can be inherited by a new process created by the current process. If TRUE, the handle is inheritable.
dwProcessId
Specifies the process identifier of the process to open.
Return Values
If the function succeeds, the return value is an open handle to the specified process.If the function fails, the return value is NULL. To get extended error information, call GetLastError.
TerminateProcess
The TerminateProcess function terminates the specified process and all of its threads. BOOL TerminateProcess(
HANDLE hProcess, // handle to the process
UINT uExitCode // exit code for the process
);
Parameters
hProcess
Handle to the process to terminate.
Windows NT: The handle must have PROCESS_TERMINATE access. uExitCode
Specifies the exit code for the process and for all threads terminated as a result of this call. Use the GetExitCodeProcess function to retrieve the process's exit value. Use the GetExitCodeThread function to retrieve a thread's exit value.
Return Values
If the function succeeds, the return value is nonzero.If the function fails, the return value is zero. To get extended error information, call GetLastError.
Retrieves information about the first process encountered in a system snapshot. BOOL WINAPI Process32First(
HANDLE hSnapshot,
LPPROCESSENTRY32 lppe
);
Parameters
hSnapshot
Handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function.
lppe
Pointer to a PROCESSENTRY32 structure.
Return Value
Returns TRUE if the first entry of the process list has been copied to the buffer or FALSE otherwise. The ERROR_NO_MORE_FILES error value is returned by the GetLastError function if no processes exist or the snapshot does not contain process informationCreateToolhelp32Snapshot
Takes a snapshot of the processes and the heaps, modules, and threads used by the processes.HANDLE WINAPI CreateToolhelp32Snapshot(
DWORD dwFlags,
DWORD th32ProcessID
);Parameters
dwFlags
Specifies portions of the system to include in the snapshot. This parameter can be one of the following: Value Meaning
TH32CS_INHERIT Indicates that the snapshot handle is to be inheritable.
TH32CS_SNAPALL Equivalent to specifying TH32CS_SNAPHEAPLIST, TH32CS_SNAPMODULE, TH32CS_SNAPPROCESS, and TH32CS_SNAPTHREAD.
TH32CS_SNAPHEAPLIST Includes the heap list of the specified process in the snapshot.
TH32CS_SNAPMODULE Includes the module list of the specified process in the snapshot.
TH32CS_SNAPPROCESS Includes the process list in the snapshot.
TH32CS_SNAPTHREAD Includes the thread list in the snapshot.
th32ProcessID
Specifies the process identifier. This parameter can be zero to indicate the current process. This parameter is used when the TH32CS_SNAPHEAPLIST or TH32CS_SNAPMODULE value is specified. Otherwise, it is ignored.
Return Value
Returns an open handle to the specified snapshot if successful or – 1 otherwiseProcess32Next
Retrieves information about the next process recorded in a system snapshot. BOOL WINAPI Process32Next(
HANDLE hSnapshot,
LPPROCESSENTRY32 lppe
);
Parameters
hSnapshot
Handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function.
lppe
Pointer to a PROCESSENTRY32 structure.
Return Value
Returns TRUE if the next entry of the process list has been copied to the buffer or FALSE otherwise. The ERROR_NO_MORE_FILES error value is returned by the GetLastError function if no processes exist or the snapshot does not contain process information.Module32First
Retrieves information about the first module associated with a process.BOOL WINAPI Module32First(
HANDLE hSnapshot,
LPMODULEENTRY32 lpme
);
Parameters
hSnapshot
Handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function.
lpme
Pointer to a MODULEENTRY32 structure.
Return Value
Returns TRUE if the first entry of the module list has been copied to the buffer or FALSE otherwise. The ERROR_NO_MORE_FILES error value is returned by the GetLastError function if no modules exist or the snapshot does not contain module information.
Module32Next
Retrieves information about the next module associated with a process or thread.BOOL WINAPI Module32Next(
HANDLE hSnapshot,
LPMODULEENTRY32 lpme
);
Parameters
hSnapshot
Handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function.
lpme
Pointer to a MODULEENTRY32 structure.
Return Value
Returns TRUE if the next entry of the module list has been copied to the buffer or FALSE otherwise. The ERROR_NO_MORE_FILES error value is returned by the GetLastError function if no more modules existThe OpenProcess function returns a handle to an existing process object. HANDLE OpenProcess(
DWORD dwDesiredAccess, // access flag
BOOL bInheritHandle, // handle inheritance flag
DWORD dwProcessId // process identifier
);
Parameters
dwDesiredAccess
Specifies the access to the process object. For operating systems that support security checking, this access is checked against any security descriptor for the target process. Any combination of the following access flags can be specified in addition to the STANDARD_RIGHTS_REQUIRED access flags: Access Description
PROCESS_ALL_ACCESS Specifies all possible access flags for the process object.
PROCESS_CREATE_PROCESS Used internally.
PROCESS_CREATE_THREAD Enables using the process handle in the CreateRemoteThread function to create a thread in the process.
PROCESS_DUP_HANDLE Enables using the process handle as either the source or target process in the DuplicateHandle function to duplicate a handle.
PROCESS_QUERY_INFORMATION Enables using the process handle in the GetExitCodeProcess and GetPriorityClass functions to read information from the process object.
PROCESS_SET_INFORMATION Enables using the process handle in the SetPriorityClass function to set the priority class of the process.
PROCESS_TERMINATE Enables using the process handle in the TerminateProcess function to terminate the process.
PROCESS_VM_OPERATION Enables using the process handle in the VirtualProtectEx and WriteProcessMemory functions to modify the virtual memory of the process.
PROCESS_VM_READ Enables using the process handle in the ReadProcessMemory function to read from the virtual memory of the process.
PROCESS_VM_WRITE Enables using the process handle in the WriteProcessMemory function to write to the virtual memory of the process.
SYNCHRONIZE Windows NT: Enables using the process handle in any of the wait functions to wait for the process to terminate.
bInheritHandle
Specifies whether the returned handle can be inherited by a new process created by the current process. If TRUE, the handle is inheritable.
dwProcessId
Specifies the process identifier of the process to open.
Return Values
If the function succeeds, the return value is an open handle to the specified process.If the function fails, the return value is NULL. To get extended error information, call GetLastError.
TerminateProcess
The TerminateProcess function terminates the specified process and all of its threads. BOOL TerminateProcess(
HANDLE hProcess, // handle to the process
UINT uExitCode // exit code for the process
);
Parameters
hProcess
Handle to the process to terminate.
Windows NT: The handle must have PROCESS_TERMINATE access. uExitCode
Specifies the exit code for the process and for all threads terminated as a result of this call. Use the GetExitCodeProcess function to retrieve the process's exit value. Use the GetExitCodeThread function to retrieve a thread's exit value.
Return Values
If the function succeeds, the return value is nonzero.If the function fails, the return value is zero. To get extended error information, call GetLastError.
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货