Enumerating All Modules For a Process
来源:互联网 发布:161,162端口 编辑:程序博客网 时间:2024/05/16 19:51
To determine which processes have loaded a particular DLL, you must enumerate the modules for each process. The following sample code uses the EnumProcessModules function to enumerate the modules of current processes in the system.
#include <windows.h>
#include <tchar.h>
#include <stdio.h>
#include <psapi.h>
void PrintModules( DWORD processID )
{
HMODULE hMods[1024];
HANDLE hProcess;
DWORD cbNeeded;
unsigned int i;
// Print the process identifier.
printf( "/nProcess ID: %u/n", processID );
// Get a list of all the modules in this process.
hProcess = OpenProcess( PROCESS_QUERY_INFORMATION |
PROCESS_VM_READ,
FALSE, processID );
if (NULL == hProcess)
return;
if( EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbNeeded))
{
for ( i = 0; i < (cbNeeded / sizeof(HMODULE)); i++ )
{
TCHAR szModName[MAX_PATH];
// Get the full path to the module's file.
if ( GetModuleFileNameEx(hProcess, hMods[i], szModName,
sizeof(szModName)/sizeof(TCHAR)))
{
// Print the module name and handle value.
_tprintf(TEXT("/t%s (0x%08X)/n"),
szModName, hMods[i]);
}
}
}
CloseHandle( hProcess );
}
void main( )
{
// Get the list of process identifiers.
DWORD aProcesses[1024], cbNeeded, cProcesses;
unsigned int i;
if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) )
return;
// Calculate how many process identifiers were returned.
cProcesses = cbNeeded / sizeof(DWORD);
// Print the name of the modules for each process.
for ( i = 0; i < cProcesses; i++ )
PrintModules( aProcesses[i] );
}
The main function obtains a list of processes by using the EnumProcesses function. For each process, the main function calls the PrintModules function, passing it the process identifier. PrintModules in turn calls the OpenProcess function to obtain the process handle. If OpenProcess fails, the output shows only the process identifier. For example, OpenProcess fails for the Idle and CSRSS processes because their access restrictions prevent user-level code from opening them. Next, PrintModules calls the EnumProcessModules function to obtain the module handles function. Finally, PrintModules calls the GetModuleFileNameEx function, once for each module, to obtain the module names
- Enumerating All Modules For a Process
- Enumerating All Modules For a Process
- Enumerating All Modules For a Process
- 1.20OpenCV-- a list of all modules
- Enumerating All Device Drivers in the System
- check all threads in a process
- Building modules for a precompiled kernel
- test process for a project
- Enumerating Child Devices of a Display Adapter
- Qt All Modules
- "Unable to process Jar entry" for all javassist classes
- Eclipse Process Framework: a new tool for porject process management
- A Scrum Process Template for TFS
- Collecting Memory Usage Information For a Process
- list all process in remote computer ,kill a process by terminate command
- set a font for all child windows
- A Single Breadcrumb for All SharePoint Pages
- share a bibtex for all paper tex
- LZW数据压缩算法的原理分析 - jillzhang - 博客园
- 我们需要更团结 希望大家奔走先告!
- Thread的wait sleep join yield suspend notify区别
- Hiberante删除错误
- Flash的压缩算法 - 秀策坊
- Enumerating All Modules For a Process
- Gzip Zlib PNG 压缩算法 Gzip源码详解 - jiurl的专栏 - CSDNBlog
- 工作中无小事
- TerminateProcess Function
- 投资被套是否值得同情?
- 小波变换与傅里叶变换--机器视觉之旅
- 最后阶段
- Hibernate HQL
- vim中'/'同"/"的区别(从水木vim版看来的)
