19,502
社区成员
发帖
与我相关
我的任务
分享怎样获得进程加载了哪些模块(dll)?
怎样获得进程加载了哪些模块(dll)?有没有相关的API或者例子程序?
请知道的朋友说一下,非常紧急!
谢谢!
请知道的朋友说一下,非常紧急!
谢谢!
...全文
请发表友善的回复…
发表回复
love514425 2009-03-15
- 打赏
- 举报
> 推荐LZ看看 <<windows核心编程 (五)>> 里面有很详细的解释跟Demo
zhujinqiang 2009-03-12
- 打赏
- 举报
记号。
jw212 2009-03-12
- 打赏
- 举报
MSDN上的sample code:
void PrintModules( DWORD processID )
{
HMODULE hMods[1024];
HANDLE hProcess;
DWORD cbNeeded;
unsigned int i;
// Print the process identifier.
printf( "\nProcess ID: %u\n", processID );
// Get a list of all the modules in this process.
hProcess = OpenProcess( PROCESS_QUERY_INFORMATION |
PROCESS_VM_READ,
FALSE, processID );
if (NULL == hProcess)
return;
if( EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbNeeded))
{
for ( i = 0; i < (cbNeeded / sizeof(HMODULE)); i++ )
{
TCHAR szModName[MAX_PATH];
// Get the full path to the module's file.
if ( GetModuleFileNameEx( hProcess, hMods[i], szModName,
sizeof(szModName) / sizeof(TCHAR)))
{
// Print the module name and handle value.
_tprintf( TEXT("\t%s (0x%08X)\n"), szModName, hMods[i] );
}
}
}
CloseHandle( hProcess );
}
void PrintModules( DWORD processID )
{
HMODULE hMods[1024];
HANDLE hProcess;
DWORD cbNeeded;
unsigned int i;
// Print the process identifier.
printf( "\nProcess ID: %u\n", processID );
// Get a list of all the modules in this process.
hProcess = OpenProcess( PROCESS_QUERY_INFORMATION |
PROCESS_VM_READ,
FALSE, processID );
if (NULL == hProcess)
return;
if( EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbNeeded))
{
for ( i = 0; i < (cbNeeded / sizeof(HMODULE)); i++ )
{
TCHAR szModName[MAX_PATH];
// Get the full path to the module's file.
if ( GetModuleFileNameEx( hProcess, hMods[i], szModName,
sizeof(szModName) / sizeof(TCHAR)))
{
// Print the module name and handle value.
_tprintf( TEXT("\t%s (0x%08X)\n"), szModName, hMods[i] );
}
}
}
CloseHandle( hProcess );
}
jw212 2009-03-12
- 打赏
- 举报
用这个吧:EnumProcessModules
Retrieves a handle for each module in the specified process.
Retrieves a handle for each module in the specified process.
ziamhitler 2009-03-12
- 打赏
- 举报
非常感谢各位,马上写代码测试一下!
儿大不由爷 2009-03-12
- 打赏
- 举报
ToolHelp API
Module32First
Retrieves information about the first module associated with a process.
Module32Next
Retrieves information about the next module associated with a process or thread.
Process32First
Retrieves information about the first process encountered in a system snapshot.
Process32Next
Retrieves information about the next process recorded in a system snapshot.
CloseToolhelp32Snapshot
Closes a handle to a snapshot.
CreateToolhelp32Snapshot
Takes a snapshot of the processes, heaps, modules, and threads used by the processes.
Module32First
Retrieves information about the first module associated with a process.
Module32Next
Retrieves information about the next module associated with a process or thread.
Process32First
Retrieves information about the first process encountered in a system snapshot.
Process32Next
Retrieves information about the next process recorded in a system snapshot.
CloseToolhelp32Snapshot
Closes a handle to a snapshot.
CreateToolhelp32Snapshot
Takes a snapshot of the processes, heaps, modules, and threads used by the processes.
beyondma 2009-03-12
- 打赏
- 举报
VS2005自带的远程RPOCESS VIEWER就是一个例子。用的的API,应该是ENUMMODULUR吧。
xqhrs232 2009-03-12
- 打赏
- 举报
做个标记
