在Microsoft Visual Studio中提供了一个可以查看当前运行的程序的工具Process Viewer
可以查看系统中当前运行的程序,下面我来介绍在你的程序中如何实现这种功能。
Windows提供了一系列的API函数可以建立当前的程序、模块、线程的“快照”(SnapShot)
利用这些“快照”函数就可以获得当前的程序、模块等的信息。
下面实现的步骤:
1、在Form1中加入一个CommandButton控件、两个ListBox控件
2、在Form1中加入如下代码:
Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" _
(ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long
Private Declare Function Process32First Lib "kernel32" _
(ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib "kernel32" _
(ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long
Private Declare Function Module32First Lib "kernel32" _
(ByVal hSnapshot As Long, lppe As MODULEENTRY32) As Long
Private Declare Function Module32Next Lib "kernel32" _
(ByVal hSnapshot As Long, lppe As MODULEENTRY32) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal _
hObject As Long) As Long
Private Declare Function SendMessage Lib "user32" Alias _
"SendMessageA" (ByVal hwnd As Long, ByVal wMsg As _
Long, ByVal wParam As Long, lParam As Any) As Long
Private Type PROCESSENTRY32
dwSize As Long
cntUsage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
dwFlags As Long
szExeFile As String * 1024
End Type
Private Type MODULEENTRY32
dwSize As Long
th32ModuleID As Long
th32ProcessID As Long
GlblcntUsage As Long
ProccntUsage As Long
modBaseAddr As Byte
modBaseSize As Long
hModule As Long
szModule As String * 256
szExePath As String * 1024
End Type
Const LB_SETHORIZONTALEXTENT = &H194
Const TH32CS_SNAPHEAPLIST = &H1
Const TH32CS_SNAPPROCESS = &H2
Const TH32CS_SNAPTHREAD = &H4
Const TH32CS_SNAPMODULE = &H8
Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS _
Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE)
Const TH32CS_INHERIT = &H80000000
Dim MyEntry(100) As PROCESSENTRY32
Private Sub Command1_Click()
Dim my As PROCESSENTRY32
Dim l As Long
List1.Clear
l = SendMessage(List1.hwnd, &H194, 640, 0)
’建立当前程序快照
l = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
If l Then
my.dwSize = 1060
If (Process32First(l, my)) Then ’遍历第一个程序
’遍历所有程序直到返回值为False
Do
List1.AddItem (Trim$(my.szExeFile))
MyEntry(List1.ListCount - 1) = my
Loop Until (Process32Next(l, my) < 1)
End If
’关闭快照句柄
CloseHandle l
End If
End Sub
Private Sub Form_Load()
Command1_Click
End Sub
Private Sub List1_Click()
Dim l As Long
Dim mm As MODULEENTRY32
Dim lm As Long
Dim astr As String
If MyEntry(List1.ListIndex).th32ProcessID <> 0 Then
l = SendMessage(List2.hwnd, &H194, 640, 0)
List2.Clear
’根据程序快照句柄建立程序的模块句柄
lm = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, _
MyEntry(List1.ListIndex).th32ProcessID)
If lm > 0 Then
mm.dwSize = Len(mm)
’获得第一个模块
If Module32First(lm, mm) Then
’遍历所有模块知道返回值为False
Do
If MyEntry(List1.ListIndex).th32ProcessID = _
mm.th32ProcessID Then
astr = Left$(mm.szModule, (InStr(1, _
mm.szModule, Chr(0)) - 1))
List2.AddItem astr
End If
Loop Until (Module32Next(lm, mm) < 1)
End If
CloseHandle (lm)
End If
End If
End Sub
运行程序,List1中就列出当前运行的所有的程序的名称及路径,点击其中任一个列表,
在List2中就会列出这个程序所使用的DLL的文件名。按下Command1重新获得系统中运行的程序。
上面只是通过简单的程序介绍了“快照”的建立和使用,只要稍加改造,就可以获得诸如
程序的线程数、模块尺寸、模块在内存的基地址等信息。
以上程序在Windows95、VB5.0下运行通过。
