想弱弱的请教下关于进程的问题，请高手赐教！谢谢 - C语言论坛

楼主

已结贴√ 问题点数：20 回复次数：13

想弱弱的请教下关于进程的问题，请高手赐教！谢谢

现在碰到一个问题，在任务管理器中的进程，我需要监视CF的（一个应用程序）进程，一直扫描，当这个进程结束了，然后电脑马上shutdown -s。请大虾们赐教。谢谢！

搜索更多相关主题的帖子: 进程　

第 2 楼

得分:10

思路写个计时器没当一段时间去枚举一次系统进程如未发现该进程则启动关机

收到的鲜花

lhacker 于 2010-11-25 16:59 送鲜花 3朵附言：能多点注释么？我没学过进程。不懂进程！

第 3 楼

得分:0

#include <windows.h>
#include <stdio.h>
#include "psapi.h"
#pragma comment( lib, "psapi" )
void PrintModules(DWORD processID)
{
    HMODULE hMods[1024];
    HANDLE hProcess;
    DWORD cbNeeded;
    unsigned int i;
    // Print the process identifier
    printf( "\nProcess ID: %u\n", processID );
    // Get a list of all the modules in this process.
    hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,FALSE,processID );
    if(NULL == hProcess)
        return;
    if(EnumProcessModules(hProcess,hMods,sizeof(hMods),&cbNeeded))
    {
        for(i=0;i<(cbNeeded/sizeof(HMODULE));i++)
        {
            char szModName[MAX_PATH];
            // Get the full path to the module's file.
            if(GetModuleFileNameEx( hProcess,hMods[0],szModName,sizeof(szModName)))
            {// Print the module name and handle value.
                printf("\t%s(0x%08X)\n",szModName,hMods);
            }
        }
    }
    CloseHandle(hProcess);
}
void main()
{// Get the list of process identifiers.
    DWORD aProcesses[1024],cbNeeded,cProcesses;
    unsigned int i;
    if(!EnumProcesses(aProcesses,sizeof(aProcesses),&cbNeeded))//一参存放进程的ID
        return;
    // Calculate how many process identifiers were returned.
    cProcesses=cbNeeded/sizeof(DWORD);
    printf("cbNeed=%d\n",cbNeeded);
    // Print the name of the modules for each process.
    for(i=0;i<cProcesses;i++)
        PrintModules(aProcesses[i]);
}

枚举进程以及dll调用的代码

#include   <windows.h>
#include   <stdio.h>
#include   <conio.h>
unsigned   long  WINAPI   Thread(PVOID   pvoid);
void   main()
{
    DWORD   dwThreadId;
    HANDLE   hThread   =   CreateThread( NULL,0,Thread,0,0,&dwThreadId);
    WaitForSingleObject(hThread,INFINITE);
    CloseHandle(hThread);
}
unsigned   long   WINAPI   Thread(PVOID   pvoid)
{
    MSG   msg;
    PeekMessage(&msg,NULL,WM_USER,WM_USER,PM_NOREMOVE);
    UINT   timerid=SetTimer(NULL,1,100,NULL);
    while(true)
    {
        GetMessage(&msg,NULL,0,0);
        if(msg.message==WM_TIMER)
            printf("WM_TIMER   in   work   thread \n");
        else
        {
            TranslateMessage(&msg);
            DispatchMessage(&msg);
        }
    }
    KillTimer(NULL,timerid);
    return   0;
}

一个简单的计时器

最后分给我！

收到的鲜花

lhacker 于 2010-11-25 16:52 送鲜花 3朵附言：好文章

第 4 楼

得分:0

貌似还有更简单的直接注入一个dll 在响应DLL_PROCESS_DETACH 时关闭电脑！

第 5 楼

得分:0

回复 4楼 hahayezhe

我看看！！先谢谢你

第 6 楼

得分:0

回复 4楼 hahayezhe

多给点注释额，

第 7 楼

得分:0

我汗这点代码而已一个一个的查 MSDN啊纠结！

收到的鲜花

lhacker 于 2010-11-25 17:51 送鲜花 3朵附言：非常的感谢，传道售货戒刀也

第 8 楼

得分:0

程序代码：

#include <windows.h>
#include <stdio.h>
#include "psapi.h"
#pragma comment( lib, "psapi" )
int main()
{
    DWORD aProcesses[1024],cbNeeded,cbMNeeded;
    HMODULE hMods[1024];
    HANDLE hProcess;
    char szProcessName[128];
    if(!EnumProcesses(aProcesses,sizeof(aProcesses),&cbNeeded))//枚举进程ID
        printf("Enumprocess error\n");
    int j = (int) (cbNeeded / sizeof(DWORD));
    for(int i=0; i< j; i++)
    {
        ZeroMemory(szProcessName,128);
        hProcess = OpenProcess(  PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, aProcesses[i]);//获取进程实例
        EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbMNeeded);//枚举该进程中所有的模块ID
        GetModuleFileNameEx( hProcess, hMods[0], szProcessName,128);//获取该模块的名字  0 为可执行PE文件的名字
        printf("%d\t%s\n",aProcesses[i], szProcessName);
        CloseHandle(hProcess);
    }
    return 0;
}

这个简单些不用枚举dll模块！

第 9 楼

得分:0

程序代码：

#include <windows.h>
#include <stdio.h>
#include "psapi.h"
#pragma comment( lib, "psapi" )
bool FindProcess(const char* m_Processname){
    DWORD aProcesses[1024],cbNeeded,cbMNeeded;
    HMODULE hMods[1024];
    HANDLE hProcess;
    char szProcessName[128];
    if(!EnumProcesses(aProcesses,sizeof(aProcesses),&cbNeeded))//枚举进程ID
        printf("Enumprocess error\n");
    int j = (int) (cbNeeded / sizeof(DWORD));
    for(int i=0; i< j; i++)
    {
        ZeroMemory(szProcessName,128);
        hProcess = OpenProcess(  PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, aProcesses[i]);//获取进程实例
        EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbMNeeded);//枚举该进程中所有的模块ID
        GetModuleFileNameEx( hProcess, hMods[0], szProcessName,128);//获取该模块的名字  0 为可执行PE文件的名字
        if(strstr(szProcessName,m_Processname)){
            CloseHandle(hProcess);
            return 1;
        }
        //printf("%d\t%s\n",aProcesses[i], szProcessName);
        CloseHandle(hProcess);
    }
    return 0;
}
int main()
{
    if(FindProcess("explorer.exe")){
        printf("explorer.exe is existed");
    }
    else
        printf("explorer.exe isn't existed");
    return 0;
}

写成函数！其实只需要其进程句柄就可以了！也就是说枚举一次就可以了然后保留ID进行判断

第 10 楼

得分:0

程序代码：

#include <windows.h>
#include <stdio.h>
#include "psapi.h"
#include <conio.h>
#pragma comment( lib, "psapi" )
unsigned   long  WINAPI   Thread(PVOID   pvoid);
bool FindProcess(const char* m_Processname){
    DWORD aProcesses[1024],cbNeeded,cbMNeeded;
    HMODULE hMods[1024];
    HANDLE hProcess;
    char szProcessName[128];
    if(!EnumProcesses(aProcesses,sizeof(aProcesses),&cbNeeded))//枚举进程ID
        printf("Enumprocess error\n");
    int j = (int) (cbNeeded / sizeof(DWORD));
    for(int i=0; i< j; i++)
    {
        ZeroMemory(szProcessName,128);
        hProcess = OpenProcess(  PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, aProcesses[i]);//获取进程实例
        EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbMNeeded);//枚举该进程中所有的模块ID
        GetModuleFileNameEx( hProcess, hMods[0], szProcessName,128);//获取该模块的名字  0 为可执行PE文件的名字
        if(strstr(szProcessName,m_Processname)){
            CloseHandle(hProcess);
            return 1;
        }
        //printf("%d\t%s\n",aProcesses[i], szProcessName);
        CloseHandle(hProcess);
    }
    return 0;
}
int main()
{
    DWORD   dwThreadId;  
    HANDLE   hThread   =   CreateThread( NULL,0,Thread,0,0,&dwThreadId);    
    WaitForSingleObject(hThread,INFINITE);
    return 0;
}
unsigned   long   WINAPI   Thread(PVOID   pvoid)  
{  
    MSG   msg;  
    PeekMessage(&msg,NULL,WM_USER,WM_USER,PM_NOREMOVE);  
    UINT   timerid=SetTimer(NULL,1,1000,NULL); //一秒触发一次的计时器   
    while(true)  
    {  
        GetMessage(&msg,NULL,0,0);
        if(msg.message==WM_TIMER){
            if(FindProcess("explorer.exe")){
                printf("explorer.exe is existed\n");
            }
            else{
                printf("explorer.exe isn't existed\n");
                system("shutdown -s");
            }
        }          
        else  
        {  
            TranslateMessage(&msg);    
            DispatchMessage(&msg);    
        }  
    }  
    KillTimer(NULL,timerid);  
    return   0;  
}

完全的粘贴加复制多简单！