get the process' path by its pid
-
Ive tried the following codes in win32 console environment
DWORD dwPIDLst\[1024\]; // the array to store the PIDs DWORD dwBytesWritten; // employed to calculate the number of PIDs HANDLE hProc; HMODULE hMod; char strPath\[MAX\_PATH\]; int nPIDNum; // enumerate all the processes that are executing EnumProcesses( dwPIDLst, sizeof( dwPIDLst ), &dwBytesWritten ); // get the number of the processes // this algorithm is suggested in the MSDN nPIDNum = dwBytesWritten / sizeof( DWORD ); for( int i = 0; i < nPIDNum; i++ ) { ZeroMemory( strPath, sizeof( strPath ) ); // i'm not sure whether this line is needed hProc = OpenProcess( PROCESS\_QUERY\_INFORMATION | PROCESS\_VM\_READ, FALSE, dwPIDLst\[i\] ); EnumProcessModules( hProc, &hMod, sizeof( hMod ), &dwBytesWritten ); GetModuleFileNameEx( hProc, hMod, strPath, sizeof( strPath ) ); CloseHandle( hProc ); }But there come probs: 1.cannot convert char[260] to LPTSTR ( strPath ) 2.cannot convert HANDLE to HMODULE ( hMod ) All of these occur in the function GetModuleFileNameEx() Can anyone help? Really thanx!
-
Ive tried the following codes in win32 console environment
DWORD dwPIDLst\[1024\]; // the array to store the PIDs DWORD dwBytesWritten; // employed to calculate the number of PIDs HANDLE hProc; HMODULE hMod; char strPath\[MAX\_PATH\]; int nPIDNum; // enumerate all the processes that are executing EnumProcesses( dwPIDLst, sizeof( dwPIDLst ), &dwBytesWritten ); // get the number of the processes // this algorithm is suggested in the MSDN nPIDNum = dwBytesWritten / sizeof( DWORD ); for( int i = 0; i < nPIDNum; i++ ) { ZeroMemory( strPath, sizeof( strPath ) ); // i'm not sure whether this line is needed hProc = OpenProcess( PROCESS\_QUERY\_INFORMATION | PROCESS\_VM\_READ, FALSE, dwPIDLst\[i\] ); EnumProcessModules( hProc, &hMod, sizeof( hMod ), &dwBytesWritten ); GetModuleFileNameEx( hProc, hMod, strPath, sizeof( strPath ) ); CloseHandle( hProc ); }But there come probs: 1.cannot convert char[260] to LPTSTR ( strPath ) 2.cannot convert HANDLE to HMODULE ( hMod ) All of these occur in the function GetModuleFileNameEx() Can anyone help? Really thanx!
Krauze wrote:
1.cannot convert char[260] to LPTSTR ( strPath )
Change from:
Krauze wrote:
char strPath[MAX_PATH];
To:
TCHAR strPath[MAX_PATH];
Krauze wrote:
2.cannot convert HANDLE to HMODULE ( hMod )
This is bit strange, since you're passing an
HMODULE... :)If the Lord God Almighty had consulted me before embarking upon the Creation, I would have recommended something simpler. -- Alfonso the Wise, 13th Century King of Castile.
This is going on my arrogant assumptions. You may have a superb reason why I'm completely wrong. -- Iain Clarke
[My articles] -
Ive tried the following codes in win32 console environment
DWORD dwPIDLst\[1024\]; // the array to store the PIDs DWORD dwBytesWritten; // employed to calculate the number of PIDs HANDLE hProc; HMODULE hMod; char strPath\[MAX\_PATH\]; int nPIDNum; // enumerate all the processes that are executing EnumProcesses( dwPIDLst, sizeof( dwPIDLst ), &dwBytesWritten ); // get the number of the processes // this algorithm is suggested in the MSDN nPIDNum = dwBytesWritten / sizeof( DWORD ); for( int i = 0; i < nPIDNum; i++ ) { ZeroMemory( strPath, sizeof( strPath ) ); // i'm not sure whether this line is needed hProc = OpenProcess( PROCESS\_QUERY\_INFORMATION | PROCESS\_VM\_READ, FALSE, dwPIDLst\[i\] ); EnumProcessModules( hProc, &hMod, sizeof( hMod ), &dwBytesWritten ); GetModuleFileNameEx( hProc, hMod, strPath, sizeof( strPath ) ); CloseHandle( hProc ); }But there come probs: 1.cannot convert char[260] to LPTSTR ( strPath ) 2.cannot convert HANDLE to HMODULE ( hMod ) All of these occur in the function GetModuleFileNameEx() Can anyone help? Really thanx!
-
Krauze wrote:
1.cannot convert char[260] to LPTSTR ( strPath )
Change from:
Krauze wrote:
char strPath[MAX_PATH];
To:
TCHAR strPath[MAX_PATH];
Krauze wrote:
2.cannot convert HANDLE to HMODULE ( hMod )
This is bit strange, since you're passing an
HMODULE... :)If the Lord God Almighty had consulted me before embarking upon the Creation, I would have recommended something simpler. -- Alfonso the Wise, 13th Century King of Castile.
This is going on my arrogant assumptions. You may have a superb reason why I'm completely wrong. -- Iain Clarke
[My articles]Ive changed strPath from char to TCHAR. And the codes can be successfully compiled. However, another prob occurs that the program aborts because of potential memory abuse ( DEP has noticed it ). As for the 2nd prob, it may be caused by the 1st one. As the former is solved, the compiler doesnt warn it any more.
-
I just compiled the above and did not see message number 2. Are you sure that is the exact message your compiler produced?
It's time for a new signature.
-
It may be caused by the 1st one. As the former is solved, the compiler doesnt warn it any more.
-
Ive tried the following codes in win32 console environment
DWORD dwPIDLst\[1024\]; // the array to store the PIDs DWORD dwBytesWritten; // employed to calculate the number of PIDs HANDLE hProc; HMODULE hMod; char strPath\[MAX\_PATH\]; int nPIDNum; // enumerate all the processes that are executing EnumProcesses( dwPIDLst, sizeof( dwPIDLst ), &dwBytesWritten ); // get the number of the processes // this algorithm is suggested in the MSDN nPIDNum = dwBytesWritten / sizeof( DWORD ); for( int i = 0; i < nPIDNum; i++ ) { ZeroMemory( strPath, sizeof( strPath ) ); // i'm not sure whether this line is needed hProc = OpenProcess( PROCESS\_QUERY\_INFORMATION | PROCESS\_VM\_READ, FALSE, dwPIDLst\[i\] ); EnumProcessModules( hProc, &hMod, sizeof( hMod ), &dwBytesWritten ); GetModuleFileNameEx( hProc, hMod, strPath, sizeof( strPath ) ); CloseHandle( hProc ); }But there come probs: 1.cannot convert char[260] to LPTSTR ( strPath ) 2.cannot convert HANDLE to HMODULE ( hMod ) All of these occur in the function GetModuleFileNameEx() Can anyone help? Really thanx!
-
One question.
DWORD dwPIDLst[1024];
nPIDNum = dwBytesWritten / sizeof( DWORD );
Was it ok? In other words, nPIDNum is under 1024?