请问怎么样遍历的保存进程快照?(50分)

  • 主题发起人 主题发起人 qbtxx
  • 开始时间 开始时间
Q

qbtxx

Unregistered / Unconfirmed
GUEST, unregistred user!
最好保存的格式像如下这样的:
--------------------------
排序 1. xxx.exe 1.xxx.dll
2. xxx.exe 2.xxx.dll
3. xxx.exe 3.xxx.dll
..... ......
最好还能有保存记录电脑现在调用的所有DLL信息~!
要是只能保存EXE信息的也可以~急!
--------------------------
谁帮我改一改~???如下保存不了进程
unit jckz;

interface

uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs,tlhelp32, StdCtrls,StrUtils;

type
TForm1 = class(TForm)
Button1: TButton;
Memo1: TMemo;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;

var
Form1: TForm1;

implementation

{$R *.dfm}

procedure TForm1.Button1Click(Sender: TObject);
var
found: Bool;
ProcessListHandle: THandle;
ProcessStruct: TProcessEntry32;
creeper:TextFile;
Filename:string;
ik:Integer;
begin
ProcessListHandle := CreateToolHelp32Snapshot(TH32CS_SNAPPROCESS, 0);
ProcessStruct.dwSize := Sizeof(ProcessStruct);
found := Process32First(ProcessListHandle, ProcessStruct);
Memo1.clear;
while found do
begin
Memo1.Lines.Add(ProcessStruct.szExeFile);
Filename:=ExtractFilePath(Application.ExeName);
AssignFile(Creeper, Filename+'Erosxp.txt');
for ik:=0 to ComponentCount-1 do
Rewrite(creeper);
Writeln(creeper,ProcessStruct.szExeFile);
CloseFile(Creeper);
found := Process32Next(ProcessListHandle, ProcessStruct);
end;
CloseHandle(ProcessListHandle);
end;

end.
 
这位同学,你写的程序没有其他问题,只是每次连接文件都使用rewrite是不行的,使用rewrite的同时是会清除原来文件的内容的,自然会无法保存了,只要把那个rewrite移出for循环应该就可以了
 
把那个rewrite移出好像不行吧~! 要出错的,能帮我改改吗?我现在又发现一个新问题上面的进程快照好像不能把系统里的所有进程都捕捉到也~?有没有更好的方法?给一下例程看看?
 
不能写是 因为你写文件的方式不对 和列出进程没关系
如果要简单点 你可以在循环完了 用Memo去写文件 Memo1.Lines.SaveToFile(FileName)
 
{********************************************************
* *
* Get proccess's information *
* copyright 2006.11.19 by wp *
{********************************************************}

unit untEnumProc;


interface
uses Windows, Messages, SysUtils,StrUtils, Variants, Classes,Dialogs,TLHelp32;


//据说是windows未公开的函数(网上找的,呵~)
Procedure SwitchToThisWindow(hwnd:HWND;bRestore:Integer);stdcall;

type TEnumProc=class
private
FProcCount:Integer; //系统进程总数
FProcList:TList; //系统进程列表
public
constructor Create;
destructor Destroy;

procedure AllProcs; //枚举所有进程(结果放入FProcList)
function GetParentProcID(hProc:THandle):THandle; //根据 子进程ID 获取 父进程ID
function GetNameFromID(hProcName:THandle):string; //根据 进程ID 获得 进程名
function GetParentProcName(hProc:THandle):string; //根据 子进程ID 获取 父进程名
Function GetIDFromName(ProcName:String):THandle; //根据进程名 获取 进程ID.
function GetPrior(hProc:THandle):LongInt; //根据进程ID 获得进程优先级

//激活窗体(变成前台窗体).
function ActWindow(sWinName:string):Boolean;overload;//指定窗口名
procedure ActWindow(hFrmHandle:THandle);overload;//指定窗口句柄

published
{只读属性}
property ProcCount:Integer read FProcCount; //进程总数
property ProcInfo:TList read FProcList; //所有进程的信息列表.

end;

implementation

Procedure SwitchToThisWindow(hwnd:HWND;bRestore:Integer);external 'user32.dll' name 'SwitchToThisWindow';stdcall;

{ TEnumProc }
function TEnumProc.ActWindow(sWinName: string):Boolean;
var
hHandle:THandle;
begin
Result:=False;
hHandle:=FindWindow(nil,PAnsiChar(sWinName));
if hHandle=0 then Exit; //没有名称为sWinName的窗体,则退出

Result:=True;
ActWindow(hHandle);
end;

procedure TEnumProc.ActWindow(hFrmHandle: THandle);
var
i:Integer;
begin
SwitchToThisWindow(hFrmHandle,1);
for i:=0 to 5 do
begin
FlashWindow(hFrmHandle,LongBool(True));
Sleep(300);
end;

end;

{ TPROCESSENTRY32的结构. 下面是VB里的声明~ }
{Private Type PROCESSENTRY32
dwSize As Long '结构大小
cntUsage As Long '自身引用记数
th32ProcessID As Long '此进程ID
th32DefaultHeapID As Long '进程默认堆ID
th32ModuleID As Long '进程模块ID。DLL的模块ID与进程ID相同
cntThreads As Long '开启的线程计数
th32ParentProcessID As Long '父进程ID
pcPriClassBase As Long '线程优先权
dwFlags As Long 'preserve
szExeFile As String * MAX_PATH 'full name
End Type}
procedure TEnumProc.AllProcs;
var
hSnapShot:THandle;
bExist:Boolean;
curProcName:String;
pProcess :PPROCESSENTRY32;

i:Integer;
begin
if Assigned(FProcList) then {释放以前分配的内存}
if FProcList.count>0 then
for i:=FProcList.count-1 downto 0 do
begin
FreeMem(PPROCESSENTRY32(FProcList.Items));
FProcList.Delete(i);
end;

hSnapShot := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); //创建进程快照
If hSnapShot = 0 Then Exit;
GetMem(pProcess,SizeOf(TProcessEntry32));
//FillChar(pProcess,SizeOf(TProcessEntry32),0);
//ShowMessage(IntToStr(SizeOf(TProcessEntry32)));
pProcess^.dwSize := SizeOf(TProcessEntry32);
bExist:=Process32First(hSnapShot, pProcess^);
if (not bExist) then FreeMem(pProcess);
While (bExist) do
begin
FProcList.Add(pProcess); //找到的进程的信息加进列表

GetMem(pProcess,SizeOf(TProcessEntry32)); //getMem必须用freeMem释放
//FillChar(pProcess,SizeOf(TProcessEntry32),0);
pProcess^.dwSize := SizeOf(TProcessEntry32);
bExist:=Process32Next(hSnapShot, pProcess^);
end;
CloseHandle(hSnapShot);

FProcCount:=FProcList.Count;
end;

constructor TEnumProc.Create;
begin

FProcList:=TList.Create;
FProcCount:=-1; {为表示没有调用AllProcs函数,设FProcCount为-1 .
请务必保证在使用ProcCount属性前,间接或直接调用AllProcs函数. }
end;

destructor TEnumProc.Destroy;
var
i:Integer;
begin
for i:=FProcList.count-1 downto 0 do
FreeMem(PPROCESSENTRY32(FProcList.Items));
FProcList.Free;
inherited;
end;

function TEnumProc.GetIDFromName(ProcName: String): THandle;
var
i:Integer;
curProcName:string;
pProcess:PPROCESSENTRY32;
begin
Result:=0; //没有找到
AllProcs;

for i:=0 to FProcList.Count-1 do
begin
pProcess:=PPROCESSENTRY32(FProcList.Items);
curProcName:= pProcess.szExeFile;
if Pos('.',curProcName)>0 then
curProcName:= LeftStr(curProcName,Pos('.',curProcName)-1); //smss.exe-->smss

If LowerCase(curProcName) = LowerCase(Trim(ProcName)) Then
begin
Result:= pProcess^.th32ProcessID;
break;
end;
end;

end;

function TEnumProc.GetNameFromID(hProcName: THandle):string ;
var
i:Integer;
pProcess:PPROCESSENTRY32;
begin
Result:=''; //没有找到
AllProcs;

for i:=0 to FProcList.Count-1 do
begin
pProcess:=PPROCESSENTRY32(FProcList.Items);
if pProcess.th32ProcessID=hProcName then
begin
Result:=pProcess.szExeFile;
Exit;
end;
end;
end;

function TEnumProc.GetParentProcID(hProc: THandle): THandle;
var
i:Integer;
pProcess:PPROCESSENTRY32;
begin
Result:=0;
AllProcs;

for i:=0 to FProcList.Count-1 do
begin
pProcess:=PPROCESSENTRY32(FProcList.Items);
if pProcess.th32ProcessID=hProc then
begin
Result:=pProcess.th32ParentProcessID;
Exit;
end;
end;

end;

function TEnumProc.GetParentProcName(hProc: THandle): string;
var
hHandle:THandle;
begin
hHandle:=GetParentProcID(hProc);
Result:=GetNameFromID(hHandle);
end;

function TEnumProc.GetPrior(hProc: THandle): LongInt;
var
i:Integer;
pProcess:PPROCESSENTRY32;
begin
Result:=0;
AllProcs;

for i:=0 to FProcList.Count-1 do
begin
pProcess:=PPROCESSENTRY32(FProcList.Items);
if pProcess.th32ProcessID=hProc then
begin
Result:=pProcess.pcPriClassBase;
Exit;
end;
end;
end;

end.
 
我的天~!头痛了,还是简单一点吧~就算上面注解了也要看一会儿才能懂也~,哈哈
 
给个简单的例程呀~!怎么只有看没有回答的???晕~
 
不能查到所有进程的问题建议你去看雪论坛,应为这已经是黑客技术了,如果不想去的话,我现在没时间,以后有时间再具体和你说说方法。
 
晕~!自我解决~如下:大家一起学习~其实这个问题也太幼稚了,所以那些大哥级的都看都不看也~怎么会回答呢~还是靠自己研究吧!
如下有两个实例:

第一个是原来的那个代码:
unit jckz;

interface

uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs,tlhelp32, StdCtrls,StrUtils;

type
TForm1 = class(TForm)
Button1: TButton;
Memo1: TMemo;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;

var
Form1: TForm1;

implementation

{$R *.dfm}

procedure TForm1.Button1Click(Sender: TObject);
var
found: Bool;
ProcessListHandle: THandle;
ProcessStruct: TProcessEntry32;
creeper:TextFile;
Filename:string;
ik:Integer;
begin
ProcessListHandle := CreateToolHelp32Snapshot(TH32CS_SNAPPROCESS, 0);
ProcessStruct.dwSize := Sizeof(ProcessStruct);
found := Process32First(ProcessListHandle, ProcessStruct);
Memo1.clear;
while found do
begin
Memo1.Lines.Add(ProcessStruct.szExeFile);
Filename:=ExtractFilePath(Application.ExeName);//指定自己可执行目录路径
Memo1.Items.SaveToFile(Filename+'ABC.txt');//这一段代码就是保存为ABC.TXT文本文件[是不是很简单原来就这段代码~晕也~//哈哈哈
found := Process32Next(ProcessListHandle, ProcessStruct);
end;
CloseHandle(ProcessListHandle);
end;
end.
=============================================================
第二段程序代码:
procedure TForm1.FormCreate(Sender: TObject);
var p: pProcessInfo;
ContinueLoop: BOOL;
var
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin
l := TList.Create;
l.Clear;
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize := Sizeof(FProcessEntry32);
ContinueLoop := Process32First(FSnapshotHandle, FProcessEntry32);
while integer(ContinueLoop) <> 0 do
begin
New(p);
p.ExeFile := FProcessEntry32.szExeFile;
p.ProcessID := FProcessEntry32.th32ProcessID;
listbox1.Items.Add(p.ExeFile +' [ '+ inttostr(p.processid)+' ] ');
Filename:=ExtractFilePath(Application.ExeName);
l.Add(p);
listbox1.Items.SaveToFile(Filename+'abc.txt');//同样的原理~哈哈哈
ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
end;

procedure TForm1.FormDestroy(Sender: TObject);
var p: pProcessInfo;
i: integer;
begin
with l do
for i := Count - 1 downto 0 do
begin p := items; Dispose(p); Delete(i);
end;
end;
 
您必须登录或注册才可回复。

Similar threads

S
[转]ClientDataSet加上TDataSetProvider的数据保存问题
回复
0
查看
3K
SUNSTONE的Delphi笔记
S
S
[转]ClientDataSet加上TDataSetProvider的数据保存问题
回复
0
查看
2K
SUNSTONE的Delphi笔记
S
I
列出WINDOWS系统内存中在使用的所有.DLL名?
回复
0
查看
568
import
I
I
密码缓存信息
回复
0
查看
637
import
I
I
自动保存窗口状态的控件
回复
0
查看
944
import
I
后退
顶部