检测除了FindWindow()之外,还可以通过寻找进程的方法来进行,后者更可靠。代码示例如下:The following example obtains a list of running processes. First, the GetProcessList function takes a snapshot of the currently executing processes in the system using the CreateToolhelp32Snapshot function, then it walks through the list recorded in the snapshot, using the Process32First and Process32Next functions. For each process, the function calls GetProcessModule, which is defined in Traversing the module list. #include <windows.h> #include <tlhelp32.h> #include <stdio.h>BOOL GetProcessList () { HANDLE hProcessSnap = NULL; BOOL bRet = FALSE; PROCESSENTRY32 pe32 = {0};
// Take a snapshot of all processes in the system. hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if (hProcessSnap == INVALID_HANDLE_VALUE) return (FALSE);
// Fill in the size of the structure before using it. pe32.dwSize = sizeof(PROCESSENTRY32);
// Walk the snapshot of the processes, and for each process, // display information. if (Process32First(hProcessSnap, &pe32)) { DWORD dwPriorityClass; BOOL bGotModule = FALSE; MODULEENTRY32 me32 = {0};
do { bGotModule = GetProcessModule(pe32.th32ProcessID, pe32.th32ModuleID, &me32, sizeof(MODULEENTRY32)); if (bGotModule) { HANDLE hProcess;
// Get the actual priority class. hProcess = OpenProcess (PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID); dwPriorityClass = GetPriorityClass (hProcess); CloseHandle (hProcess); // Print the process's information. printf( "\nPriority Class Base\t%d\n", pe32.pcPriClassBase); printf( "PID\t\t\t%d\n", pe32.th32ProcessID); printf( "Thread Count\t\t%d\n", pe32.cntThreads); printf( "Module Name\t\t%s\n", me32.szModule); printf( "Full Path\t\t%s\n\n", me32.szExePath); } } while (Process32Next(hProcessSnap, &pe32)); bRet = TRUE; } else bRet = FALSE; // could not walk the list of processes
// Do not forget to clean up the snapshot object. CloseHandle (hProcessSnap); return (bRet); } Process32First Retrieves information about the first process encountered in a system snapshot. BOOL WINAPI Process32First( HANDLE hSnapshot, LPPROCESSENTRY32 lppe ); Parameters hSnapshot [in] Handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function. lppe [in/out] Pointer to a PROCESSENTRY32 structure. Return Values Returns TRUE if the first entry of the process list has been copied to the buffer or FALSE otherwise. The ERROR_NO_MORE_FILES error value is returned by the GetLastError function if no processes exist or the snapshot does not contain process information.Res The calling application must set the dwSize member of PROCESSENTRY32 to the size, in bytes, of the structure. Process32First changes dwSize to the number of bytes written to the structure. This will never be greater than the initial value of dwSize, but it may be smaller. If the value is smaller, do not rely on the values of any members whose offsets are greater than this value. To retrieve information about other processes recorded in the same snapshot, use the Process32Next function.For an example, see Taking a Snapshot and Viewing Processes. Requirements Windows NT/2000 or later: Requires Windows 2000 or later. Windows 95/98/Me: Requires Windows 95 or later. Header: Declared in Tlhelp32.h. Library: Use Kernel32.lib.
#include <tlhelp32.h>
#include <stdio.h>BOOL GetProcessList ()
{
HANDLE hProcessSnap = NULL;
BOOL bRet = FALSE;
PROCESSENTRY32 pe32 = {0};
// Take a snapshot of all processes in the system. hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if (hProcessSnap == INVALID_HANDLE_VALUE)
return (FALSE);
// Fill in the size of the structure before using it. pe32.dwSize = sizeof(PROCESSENTRY32);
// Walk the snapshot of the processes, and for each process,
// display information. if (Process32First(hProcessSnap, &pe32))
{
DWORD dwPriorityClass;
BOOL bGotModule = FALSE;
MODULEENTRY32 me32 = {0};
do
{
bGotModule = GetProcessModule(pe32.th32ProcessID,
pe32.th32ModuleID, &me32, sizeof(MODULEENTRY32)); if (bGotModule)
{
HANDLE hProcess;
// Get the actual priority class.
hProcess = OpenProcess (PROCESS_ALL_ACCESS,
FALSE, pe32.th32ProcessID);
dwPriorityClass = GetPriorityClass (hProcess);
CloseHandle (hProcess); // Print the process's information.
printf( "\nPriority Class Base\t%d\n",
pe32.pcPriClassBase);
printf( "PID\t\t\t%d\n", pe32.th32ProcessID);
printf( "Thread Count\t\t%d\n", pe32.cntThreads);
printf( "Module Name\t\t%s\n", me32.szModule);
printf( "Full Path\t\t%s\n\n", me32.szExePath);
}
}
while (Process32Next(hProcessSnap, &pe32));
bRet = TRUE;
}
else
bRet = FALSE; // could not walk the list of processes
// Do not forget to clean up the snapshot object. CloseHandle (hProcessSnap);
return (bRet);
} Process32First
Retrieves information about the first process encountered in a system snapshot. BOOL WINAPI Process32First(
HANDLE hSnapshot,
LPPROCESSENTRY32 lppe
);
Parameters
hSnapshot
[in] Handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function.
lppe
[in/out] Pointer to a PROCESSENTRY32 structure.
Return Values
Returns TRUE if the first entry of the process list has been copied to the buffer or FALSE otherwise. The ERROR_NO_MORE_FILES error value is returned by the GetLastError function if no processes exist or the snapshot does not contain process information.Res
The calling application must set the dwSize member of PROCESSENTRY32 to the size, in bytes, of the structure. Process32First changes dwSize to the number of bytes written to the structure. This will never be greater than the initial value of dwSize, but it may be smaller. If the value is smaller, do not rely on the values of any members whose offsets are greater than this value. To retrieve information about other processes recorded in the same snapshot, use the Process32Next function.For an example, see Taking a Snapshot and Viewing Processes. Requirements
Windows NT/2000 or later: Requires Windows 2000 or later.
Windows 95/98/Me: Requires Windows 95 or later.
Header: Declared in Tlhelp32.h.
Library: Use Kernel32.lib.
2、做一个病毒防火墙一样的程序监控windows系统的文件操作
下有个filesrc.zip