利用WTSEnumerateProcesses枚举进程
利用WTSEnumerateProcesses枚举进程
const
wtsapi=’Wtsapi32.dll’;
WTS_CURRENT_SERVER_HANDLE=0;
//定义数据结构
type
_WTS_PROCESS_INFO =record //进程信息
SessionId:DWORD ;
ProcessId:DWORD ;
pProcessName:LPTSTR ;
pUserSid:PSID;
end;
WTS_PROCESS_INFO=_WTS_PROCESS_INFO;
PWTS_PROCESS_INFO=^WTS_PROCESS_INFO;
type //定义 WTSEnumerateProcesses函数
TWTSEnumerateProcesses=function(
hServer:THANDLE ;
Reserved:DWORD;
Version:DWORD;
ppProcessInfo:PWTS_PROCESS_INFO;
pCount:PDWORD):bool;stdcall;
TWTSFreeMemory=procedure(pMemory:Pointer);stdcall;
var
HWtsApi:Thandle;
WTSEnumerateProcesses:TWTSEnumerateProcesses;
WTSFreeMemory:TWTSFreeMemory;
pProcessInfo,cProcessInfo:PWTS_PROCESS_INFO ;
ProcessCount:dword;
i:integer;
function LoadWtsApi: LongBool; //动态加载WTSEnumerateProcessesA和WTSFreeMemory
begin
if HWtsApi = 0 then
begin
HWtsApi := LoadLibrary(WtsApi);
if HWtsApi<> 0 then
begin
WTSEnumerateProcesses:= GetProcAddress(HWtsApi, ’WTSEnumerateProcessesA’);
WTSFreeMemory := GetProcAddress(HWtsApi, ’WTSFreeMemory’);
end;
end;
Result := Assigned(WTSEnumerateProcesses) and Assigned(WTSFreeMemory);
end;
procedure showPL;
begin
LoadWtsApi;
if WTSEnumerateProcesses(WTS_CURRENT_SERVER_HANDLE, 0, 1, @pProcessInfo, @ProcessCount) then
begin
CProcessInfo:=pProcessInfo;
for i:=0 to ProcessCount-1 do
begin
PPID:=inttostr(cProcessInfo.ProcessId );
ImageName:=cProcessInfo.pProcessName;
if cProcessInfo.ProcessId<>0 then
writeln(’PID:’+PPID+’ 进程名:’+ImageName)
else
writeln(’PID:’+PPID+’ 进程名:System Idle Process’);
CProcessInfo:=PWTS_PROCESS_INFO(pointer(dword(cProcessInfo)+sizeof(WTS_PROCESS_INFO)));//程序关键处
end;
end;
end;
