實(shí)用第一氵智慧密集應(yīng)用API管理進(jìn)程倪顯利摘要:進(jìn)程是一個(gè)具有獨(dú)立功能的程序,對(duì)進(jìn)程進(jìn)行有效地管理,保障安全、高效運(yùn)行有著重要意義。簡(jiǎn)要介紹了進(jìn)程及其相關(guān)概念,并通過(guò)編程實(shí)例,闡述了管理進(jìn)程實(shí)用類的開(kāi)發(fā)和設(shè)計(jì)方法。關(guān)鍵詞:進(jìn)程;狀態(tài);管理;線程;模塊;類;權(quán)限進(jìn)程是操作系統(tǒng)中最基本、重要的概念。多道程序在執(zhí)行一個(gè)進(jìn)程從主線程的執(zhí)行開(kāi)始進(jìn)而創(chuàng)建一個(gè)或多個(gè)附加線程,時(shí),需要共享系統(tǒng)資源,從而導(dǎo)致各程序在執(zhí)行過(guò)程中出現(xiàn)相就是所謂基于多線程的多任務(wù)。互制約的關(guān)系,程序的執(zhí)行表現(xiàn)出間斷性的特征。這些特征都進(jìn)程是由進(jìn)程控制塊、程序段、數(shù)據(jù)段3部分組成。一個(gè)是在程序的執(zhí)行過(guò)程中發(fā)生的,是動(dòng)態(tài)的過(guò)程,而傳統(tǒng)的程序進(jìn)程可以包含若干線程,線程可以幫助應(yīng)用程序同時(shí)做幾件本身是一組指令的集合,是一個(gè)靜態(tài)的概念,無(wú)法描述程序在事,比如:一個(gè)線程向磁盤(pán)寫(xiě)入文件,另一個(gè)則接收用戶的按內(nèi)存中的執(zhí)行情況,既無(wú)法從程序的字面上肴出它何時(shí)執(zhí)行,鍵操作并及時(shí)做出反應(yīng),互相不干擾,在程序被運(yùn)行后,系統(tǒng)何時(shí)停頓,也無(wú)法看出它與其他執(zhí)行程序的關(guān)系,因此,程序首先要做的就是為該程序進(jìn)程建立一個(gè)默認(rèn)線程,進(jìn)程然后程這個(gè)靜態(tài)概念已不能如實(shí)反映程序并發(fā)執(zhí)行過(guò)程的特征。為了序可以根據(jù)需要自行添加或刪除相關(guān)的線程。是可并發(fā)執(zhí)行的深刻描述程序動(dòng)態(tài)執(zhí)行過(guò)程的性質(zhì),人們引人“進(jìn)程(Po程序。在一個(gè)數(shù)據(jù)集合上的運(yùn)行過(guò)程,是系統(tǒng)進(jìn)行資源分配和ces)”概念調(diào)度的一個(gè)獨(dú)立單位,也是稱活動(dòng)、路徑或任務(wù),它有兩方面進(jìn)程的概念是上個(gè)世紀(jì)六十年代初首先由麻省理工學(xué)院的性質(zhì):活動(dòng)性、并發(fā)性。MULTICS系統(tǒng)和IBM公司的CTSS360系統(tǒng)引入的。在Win進(jìn)程與線程的區(qū)別,進(jìn)程是執(zhí)行程序的實(shí)例。例如,當(dāng)運(yùn)dows3x操作系統(tǒng)下,進(jìn)程是最小運(yùn)行單位。而在 Windows95/行記事本程序( Nodepad. exe)時(shí),就創(chuàng)建了一個(gè)用來(lái)容納組成NT及其以后版本的 Window操作系統(tǒng)下,進(jìn)程又被細(xì)化為線 Notepad.exe的代碼及其所需調(diào)用動(dòng)態(tài)鏈接庫(kù)的進(jìn)程。每個(gè)進(jìn)程程,也就是一個(gè)進(jìn)程下有多個(gè)能獨(dú)立運(yùn)行的更小的單位。每個(gè)均運(yùn)行在其專用且受保護(hù)的地址空間內(nèi)。因此,如果同時(shí)運(yùn)行進(jìn)程還可以啟動(dòng)幾個(gè)線程,線程是最小單位,比如每下載一個(gè)記事本的兩個(gè)拷貝,該程序正在使用的數(shù)據(jù)在各自實(shí)例中是彼文件可以單獨(dú)開(kāi)一個(gè)線程。此獨(dú)立的。在記事本的一個(gè)拷貝中將無(wú)法看到該程序的第二個(gè)1進(jìn)程及其相關(guān)概念實(shí)例打開(kāi)的數(shù)據(jù)。實(shí)際上線程運(yùn)行而進(jìn)程不運(yùn)行。兩個(gè)進(jìn)程彼此獲得專用數(shù)據(jù)或內(nèi)存的唯一途徑只有通過(guò)一種協(xié)作策略協(xié)議進(jìn)程是操作系統(tǒng)進(jìn)行資源分配和獨(dú)立運(yùn)行的基本單元(單來(lái)共享內(nèi)存塊。但是對(duì)于線程由于 Window的多任務(wù)特性使得位)。進(jìn)程是操作系統(tǒng)結(jié)構(gòu)的基礎(chǔ);是一個(gè)正在執(zhí)行的程序;它們之間不但獨(dú)立運(yùn)行,而且彼此共享虛擬空間,也就是共用是計(jì)算機(jī)中正在運(yùn)行的程序?qū)嵗?是可以分配給處理器并由處變量,線程能夠同時(shí)操作一片內(nèi)存理器執(zhí)行的一個(gè)實(shí)體;是由單一順序的執(zhí)行顯示,一個(gè)當(dāng)前狀簡(jiǎn)而言之,線程就是把一個(gè)進(jìn)程分為很多片,每一片都可態(tài)和一組相關(guān)的系統(tǒng)資源所描述的活動(dòng)單元以是一個(gè)獨(dú)立的流程。這已經(jīng)明顯不同于多進(jìn)程了,進(jìn)程是在談到進(jìn)程時(shí),還要涉及到線程的概念。線程是可執(zhí)行代個(gè)拷貝的流程,而線程只是把一條河流截成很多條小溪。它沒(méi)碼的可分派單元。這個(gè)名稱來(lái)源于“執(zhí)行的線索”的概念。在有拷貝這些額外的開(kāi)銷,但是僅僅是現(xiàn)存的一條河流,就被多基于線程的多任務(wù)的環(huán)境中,所有進(jìn)程有至少一個(gè)線程,但是線程技術(shù)幾乎無(wú)開(kāi)銷地轉(zhuǎn)成很多條小流程。進(jìn)程開(kāi)銷大,線程它們可以具有多個(gè)任務(wù)。這意味著單個(gè)程序可以并發(fā)執(zhí)行兩個(gè)開(kāi)銷較小,這就是最基本的區(qū)別。或者多個(gè)任務(wù)。進(jìn)程是指在系統(tǒng)中正在運(yùn)行的一個(gè)應(yīng)用程序;2進(jìn)程的狀態(tài)線程則是系統(tǒng)分配處理器時(shí)間資源的基本單元,或者說(shuō)進(jìn)程之獨(dú)立執(zhí)行的一個(gè)單元。對(duì)于操作系統(tǒng)而言,其調(diào)度單元是線rV凵中國(guó)煤化工即運(yùn)行、阻塞和就程。一個(gè)進(jìn)程至少包括一個(gè)線程,通常將該線程稱為主線程。并隨CNMHG運(yùn)行,運(yùn)行一阻塞,阻24201101/電技巧與維護(hù)編程語(yǔ)言PR0 GRAM LANGUAGE……塞一就緒?！斑M(jìn)程ID"來(lái)彼此區(qū)別的。(1)執(zhí)行狀態(tài):CPU正在執(zhí)行,即進(jìn)程正在占用cPU。進(jìn)程可以分為系統(tǒng)進(jìn)程和用戶進(jìn)程。系統(tǒng)進(jìn)程是用于完成(2)就緒狀態(tài):進(jìn)程已經(jīng)具備的執(zhí)行一切條件,正在等待操作系統(tǒng)的各種功能的進(jìn)程,它們就是處于運(yùn)行狀態(tài)下的操作分配CPU的處理時(shí)間片系統(tǒng)本身,最基本的系統(tǒng)進(jìn)程,也就是說(shuō),這些進(jìn)程是系統(tǒng)運(yùn)(3)停止?fàn)顟B(tài):進(jìn)程不能使用cPU。行的基本條件,有了這些進(jìn)程,系統(tǒng)就能正常運(yùn)行。在“Win正常來(lái)說(shuō)進(jìn)程有這3種狀態(tài),但是在特殊情況下,例如:dows任務(wù)管理器”的“進(jìn)程”選項(xiàng)卡中,第二列“用戶名子進(jìn)程與父進(jìn)程之間的調(diào)度或網(wǎng)絡(luò)因素等原因,會(huì)多出一種狀列出的是“ SYSTEM"。用戶進(jìn)程就是所有由用戶開(kāi)啟、執(zhí)行的態(tài),這就是“僵尸進(jìn)程( Zombie)”,僵尸進(jìn)程將會(huì)導(dǎo)致系統(tǒng)資額外程序的進(jìn)程。在“ Windows任務(wù)管理器”的“進(jìn)程”選項(xiàng)源的浪費(fèi)。僵尸進(jìn)程是非常特殊的一種,它已經(jīng)放棄了幾乎所卡中,第二列“用戶名”列出的是“ LOCAL SERVICE"、有內(nèi)存空間,沒(méi)有任何可執(zhí)行代碼,也不能被調(diào)度,僅僅在進(jìn) NETWORK SERVICE"、" Administrator”以及其他用戶名稱程列表中保留一個(gè)位置,記載該進(jìn)程的退出狀態(tài)等信息供其他等等。進(jìn)程收集,除此之外,僵尸進(jìn)程不再占有任何內(nèi)存空間。通常情況下,如果子進(jìn)程的狀態(tài)為“僵尸”時(shí),父進(jìn)程就不會(huì)自動(dòng)5進(jìn)程管理類的設(shè)計(jì)與實(shí)現(xiàn)結(jié)束,從而其占用的系統(tǒng)資源就不會(huì)自動(dòng)釋放,這樣就降低了在 Windows操作系統(tǒng)中如何管理進(jìn)程,識(shí)別隱藏進(jìn)程,甄操作系統(tǒng)的性能別病毒的進(jìn)程并及時(shí)中斷它們,對(duì)于系統(tǒng)的安全、平穩(wěn)地運(yùn)行3進(jìn)程與程序具有重要意義。在這里設(shè)計(jì)一個(gè)管理進(jìn)程的實(shí)用類,該類沒(méi)有使用傳統(tǒng)的方法(例如: Process32Firt、 Process32Next函數(shù)等進(jìn)程是程序在計(jì)算機(jī)上的一次執(zhí)行活動(dòng)。每運(yùn)行一個(gè)程等)來(lái)列舉系統(tǒng)中的進(jìn)程,而是使用循環(huán)來(lái)窮舉系統(tǒng)中的進(jìn)程序,就啟動(dòng)了一個(gè)進(jìn)程。顯然,程序是靜態(tài)的,進(jìn)程是動(dòng)態(tài)(系統(tǒng)中的“進(jìn)程ID”一般不會(huì)超過(guò)五位數(shù)),重點(diǎn)就是在這的。對(duì)應(yīng)用程序來(lái)說(shuō),進(jìn)程就像一個(gè)大容器,在應(yīng)用程序被運(yùn)里:因?yàn)闊o(wú)論是隱藏的進(jìn)程,還是一般的進(jìn)程,只要 OpenPro-行后,就相當(dāng)于將應(yīng)用程序裝進(jìn)容器里了,可以往容器里加其ce函數(shù)的第三個(gè)參數(shù)是一個(gè)系統(tǒng)當(dāng)前真實(shí)存在的“進(jìn)程他東西,例如:應(yīng)用程序在運(yùn)行時(shí)所需的變量數(shù)據(jù)、需要引用1D",那么 Open Proces函數(shù)就有返冋值。的DLL文件等,當(dāng)應(yīng)用程序被運(yùn)行兩次時(shí),容器里的東西并本例為了增強(qiáng)代碼的可復(fù)用性和可維護(hù)性,將所有對(duì)進(jìn)程不會(huì)被倒掉,系統(tǒng)會(huì)找一個(gè)新的進(jìn)程容器來(lái)容納它。的管理和維護(hù)功能集成封裝到一個(gè)通用管理類中。采用簡(jiǎn)單的進(jìn)程為應(yīng)用程序的運(yùn)行實(shí)例,是應(yīng)用程序的一次動(dòng)態(tài)執(zhí)辦法使用 Visual basic2008專門(mén)提供的預(yù)定義 Windows Al聲行。它是操作系統(tǒng)當(dāng)前運(yùn)行的執(zhí)行程序。在系統(tǒng)當(dāng)前運(yùn)行的執(zhí)明,引用所需要的API函數(shù),在類模塊中定義 GetProcesseg行程序里包括:系統(tǒng)管理計(jì)算機(jī)個(gè)體和完成各種操作所必需的類,用于實(shí)現(xiàn)下述管理功能:程序;用戶開(kāi)啟、執(zhí)行的額外程序,當(dāng)然也包括用戶不知道而(1)枚舉各類進(jìn)程,包括一般進(jìn)程、隱藏進(jìn)程和僵尸進(jìn)程。自動(dòng)運(yùn)行的非法程序,它們就有可能是病毒程序。(2)枚舉進(jìn)程引用的所有模塊(比如:exe和山等等)。危害較大的可執(zhí)行病毒同樣以“進(jìn)程”形式出現(xiàn)在系統(tǒng)內(nèi)(3)中斷進(jìn)程等等部,但是一些病毒可能并不被進(jìn)程列表顯示,例如:“宏病51公共類模塊處理毒”,所以及時(shí)查看并準(zhǔn)確殺掉非法進(jìn)程對(duì)于手工殺毒有起著定義一個(gè)進(jìn)程管理類,增加類模塊 Get Processes vb,源程關(guān)鍵性的作用。序如下:4進(jìn)程管理Option Strict OffOption Explicit On進(jìn)程是由它們所運(yùn)行的可執(zhí)行程序?qū)嵗齺?lái)識(shí)別的,在 Option Compare BinaryWindows任務(wù)管理器”的“進(jìn)程”選項(xiàng)卡中,第一列“映象 Friend Class GetProcessesPrivate Declare Function CloseHandle Lib kernel32. dIl"名稱”列出的是可執(zhí)行程序文件名稱。但這里并沒(méi)有進(jìn)程名稱 (By al hObject As Integer) As Integer列,因?yàn)檫M(jìn)程并不擁有獨(dú)立于其所歸屬實(shí)例的映射名稱。編程Private Declare Function GetlastError Lib"kernel32. dII'0中是通過(guò)它們的“進(jìn)程ID”來(lái)標(biāo)識(shí)的,因?yàn)槊總€(gè)進(jìn)程都擁有 As Integer其獨(dú)一無(wú)二的標(biāo)識(shí)編碼。各個(gè)“進(jìn)程ID”由 Window操作系Private Declare Function Open Process Lib kernel32. dll統(tǒng)自動(dòng)生成,并可以循環(huán)使用。因此,“進(jìn)程ID”將不會(huì)超4 wDesiredAccess As Integer,, ByVal blnherItHandle編越大,它們能夠得到循環(huán)利用。例如:如果運(yùn)行3個(gè)記事本中國(guó)煤化 ger)As Integers First Lib kernel32. dll拷貝,將會(huì)看到3個(gè)稱為 Notepad.exe的進(jìn)程,它們就是通過(guò)AlasC N MH GShot As Integer, ByRef2011.01電腦覆技巧與維護(hù)、實(shí)用第一氵智慧密集uProcess As PROCESSENTRY32) As IntegerPrivate Const ToKEN DUPLICATE As Short =&H2SPrivate Declare Function ProcessNext Li" kerne32d·要求復(fù)制訪問(wèn)信令A(yù)lias'Process32Next' ( By Val sNap Shot As Integer, By RefPrivate Const TOKEN IMPERSONATE As Short = &H4SuProcess As PROCESSENTRY32)As Integer要小將模仿訪問(wèn)信令連到進(jìn)程上Private Declare Function Terminate Process Lib kerne 32.Private Const ToKEN QUERY As Short=&H8S要求查dll'(ByVal hProcess As Integer, ByVal uExit Code As Integer詢?cè)L問(wèn)信令的內(nèi)容Private Const ToKEN QUERY SOURCE As ShortPrivate Declare Function Enum Processessapi. d&H10s‘要求查詢?cè)L問(wèn)信令源(By Ref IpidProcess As Integer, B Val cb As Integer, By RefPrivate Const TOKEN ADJUST PRIVILEGES As shortcbNeeded As Integer) As Integer&H20S要求改變?cè)L問(wèn)信令中指定的權(quán)限Private Declare Function EnumProcessModules Lib ' psapiPrivate Const TOKEN ADJUST GROUPS As Shortdr( ByVal pRocess As Integer, By Ref lphModule As Integer,&H40S要求改變?cè)L問(wèn)信令中指定的組ByVal cb As Integer, ByRef lpcbNeeded As Integer) As Inte-Private Const TOKEN ADJUST DEFAULT As Short&H80S要求改變?cè)L問(wèn)信令的缺省ACL,主組或?qū)僦鱌rivate Declare Function GetProcesslmage File Name LibPrivate Const TOKEN ADJUST_ SESSIONID As Shortpsapi. dll Alias 'GetProcessimage FileName'( ByVal hPro&H100S在 Windows2000、 Windows XP及其以后的版本中cess As Integer, ByVal lplmage FileName As String.Bwva‘新增權(quán)限,在 Windows nt4.0中訪問(wèn)令牌的訪問(wèn)控制列表中sIze As Integer) As Integer是沒(méi)有這個(gè)值的Private Declare Function GetModule FileNameEx LibPrivate Const TOKEN_ READ As Boolean STAN-psapi. dil Alias'GetModule FileName ExA'(ByVal hProcess As DARD_ RIGHTS_READ Or TOKEN_QUERYInteger, Byal hModule As Integer ByVal lpFileName AsPrivate Const ToKEN WRITE As Boolean STAN-String, By Val n Size As Integer) As IntegerDARD RIGHTS WRITE Or TOKEN_ ADJUST_ PRIVILEGES Or進(jìn)程操作的功能常數(shù)TOKEN ADJUST GROUPS Or TOKEN_ ADJUST DEFAULTPrivate Const DELETE As Integer=&H10000刪除訪問(wèn)Private Const ToKEN_EXECUTE As Object STANPrivate Const READ CONTROL As Integer &H20000DARD RIGHTS EXECUTE不包括系統(tǒng)ACL的安全描述行的讀訪問(wèn)Private Const TOKEN_ ALL_ ACCESS_P As BooleanPrivate Const WRITE_DAC As Integer = &H40000STANDARD RIGHTS REQUIRED Or TOKEN_ASSIGN_PRI-任選ACL的寫(xiě)訪問(wèn)MARY Or TOKEN DUPLICATE Or TOKEN IMPERSONATEPrivate Const WRITE_OWNER As Integer &H80000Or ToKEN QUERY Or TOKEN QUERY SOURCE Or TO-所有者的寫(xiě)訪問(wèn)KEN ADJUST PRIVILEGEs Or TOKEN ADJUST GROUPSPrivate Const SYNCHRONIZE As Integer &H100000Or ToKEN ADJUST DEFAULT* STANDARD RIGHTs_+同步訪問(wèn),在 Windows nt中允許在任何等待函數(shù)中使用進(jìn) REQUIRED標(biāo)準(zhǔn)訪問(wèn)權(quán)限與其他訪問(wèn)權(quán)限進(jìn)行組合程句柄來(lái)等待進(jìn)程的結(jié)束Private Const TOKEN ALL ACCESS As Boolean TO-Private Const SPECIFIC_ RIGHTS_ALL As ShortKEN_ ALL ACCESS_ P Or TOKEN_ ADJUST_ SESSIONID& HFFFFS表示所有的特定權(quán)利,也包含那些不為對(duì)象定義的增加 TOKEN ADJUST SESS|OND權(quán)限Private Const STANDARD_RIGHTS_ READ As IntegerPrivate Const TOKEN_ALL_ ACCESS &H1F01 FFREAD CONTROL當(dāng)前定義等同 READ CONTROL設(shè)置特權(quán)屬性定義Private Const STANDARD_ RIGHTS_WRITE As IntegerPrivate Const SE PRIVILEGE ENABLED BY DEFAULTREAD CONTROL’當(dāng)前定義等同 READ CONTROLAs Short=&H1S權(quán)限被缺省允許Private Const STANDARD_ RIGHTS_ EXECUTE As IntegPrivate Const SE PRIVILEGE ENABLED As short=READ_ CONTROL當(dāng)前定義等同 READ CONTROL&H2S權(quán)限被允許Private Const STANDARD RIGHTS REQUIRED As Inte-Private Const SE PRIVILEGE REMOVED As shortger=&HF000組合 DELETE READ CONTROLWRITE_DAC、&H4S‘權(quán)限被禁止WRITE OWNER訪問(wèn)Private Const sE PRIVilEGE USED FOR ACCESs AsPrivate Const STANDARD_ RIGHTS_ ALL As IntegerInteger=&H8000000°權(quán)限被用來(lái)獲取對(duì)一個(gè)對(duì)象或服務(wù)的&H1F0000組合READ CONTROL、 WRITE DAC、“訪問(wèn)。這標(biāo)志被用來(lái)標(biāo)識(shí)一個(gè)集合中的適當(dāng)權(quán)限,該集合由WRITE OWNER SYNCHRONIZE訪問(wèn)個(gè)客戶應(yīng)用程序傳遞,其中可能含有不必要的權(quán)限。Private Const GENERIC_ALL As Integer= &H10000000定義進(jìn)程對(duì)家的訪問(wèn)權(quán)限訪問(wèn)信令定義的訪向權(quán)限說(shuō)明Const PROcess TFRMINATE As short =&H1SPrivate Const ToKEN_ASSIGN_ PRIMARY As short = t中國(guó)煤化工利進(jìn)程句柄米結(jié)束進(jìn)程&H1S‘要求除了 SE CREATE TOKEN NAME權(quán)限之外,還要CNMHGE- THREAD AS Short把主信令連到進(jìn)程上8H2函數(shù)中使用進(jìn)程句柄創(chuàng)建4040z9數(shù)靄鳊編程語(yǔ)言…PR0 GRAM LANGUAGE.…該進(jìn)程的一個(gè)線程Private Const ERROR_ NOT_ ALL ASSIGNED As ShoPrivate Const PROCESS SET SESSIONID As Short 1300&H4SPrivate Const ANYSIZE ARRAY As short =1Private Const PROCESS VM OPERATION As ShortPrivate Structure LUID&H8S允許在 VirtualProtectEx和 Write ProcessMemory函數(shù)Dim Low Part As Integer中使用進(jìn)程句柄來(lái)修改進(jìn)程的虛擬內(nèi)存im High Part As IntegerPrivate Const PROCESS VM READ As short =&H10SEnd Structure允許在 ReadProcessMemory函數(shù)中使用進(jìn)程句柄來(lái)讀取進(jìn)Private Structure LUID AND ATTRIBUT程的虛擬內(nèi)存Dim pLaid As LUIDPrivate Const PROCESSITE As Short &H20SDim Attributes As Integer允許在 WriteProcessMemory函數(shù)中使用進(jìn)程句柄來(lái)寫(xiě)入進(jìn)End Structure程的虛擬內(nèi)存Private Structure TOKEN PRIVILEGESPrivate Const PROCESS DUP HANDLE As ShortDim Privilege Count As Integer&H40S‘允許在 DuplicateHandle函數(shù)中使用進(jìn)程句柄作為源 Dim Privileges As進(jìn)程或目標(biāo)進(jìn)程來(lái)復(fù)制一個(gè)句柄LUID AND ATTRIBUTESPrivate Const Process CREATE PRoCEss As shortPublic Sub Initialized&H80S‘內(nèi)部使用ReDim Privileges(ANYSIZE_ARRAYPrivate Const PROCESS SET QUOTA As ShortEnd SubH100SEnd StructurePrivate Const PROCESS SET INFORMATION As ShortPrivate Const MAX PATH As short= 260&H20S允許在 SetPriority Class I函數(shù)中使用進(jìn)程句柄來(lái)設(shè)置Private Structure PROCESSENTRY32進(jìn)程的優(yōu)先級(jí)。Dim dwSize As IntegerPrivate Const PROCESS QUERY INFORMATIONDim cntUsage As IntegerShort=&H400S‘允許在 GetExitCode Process和 GetPriori-Dim th32ProcesslD As Integerty Class函數(shù)中使用進(jìn)程句柄來(lái)讀取進(jìn)程對(duì)象的信息Dim th32DefaultHeaplD As IntegerPrivate Const PROCESS SUSPEND RESUME As shortDim th32ModulelD As IntegerDim cnt Threads As IntegerPrivate Const PROCESS ALL_ ACCESS As BooleanDim th32Parent ProcessID As IntegerSTANDARD RIGHTS RED Or SYNCHRONIZE OrDim pcPri Class Base As Integer& HFFFS定義進(jìn)程對(duì)象的所有可能訪問(wèn)標(biāo)志Dim dwFlags As IntegerPrivate Const PROCESS HEAP REGION As Short Pub-As short = &H2Slic szExeFile( As CharPrivate Const PROCESS HEAP ENTRY BUSY As ShortEnd Structure&H4S自定義數(shù)據(jù)類型Private Const PROCESS HEAP ENTRY MOVEABLEPrivate Structure PROCEsS INFOShort =&H10SDim ProcessType As shortPrivate Const PROCESS HEAP ENTRY DDESHARE AsDim ProcessID As IntegerShort =&H20SDim FileName As StringPrivate Const PRoCess XP HEADER_ CACHE As inteEnd Structure=&H20000Private Var Process Counter As IntegerPrivate Const TH32CS_ SNAPheaplist As Short &H1SPrivate Var Module Counter As IntegerPrivate Const TH32CS SNAPPROCESS As Short =&H2SPrivate Var ProcessInfo() As PROCESS INFOPrivate Const TH32CS SNAPthread As short &H4SPrivate VarModule( As StringPrivate Const TH32CS SNAPmodule As short = &H8S本代碼靠 pspl. d的 Enum ProcessModules函數(shù)列舉,若Private Const TH32CS SNAPall As Boolean用系統(tǒng) kerne32d的 GetModule FileName函數(shù)則需先提升TH32CS SNAPPROCESs Or TH32CS SNAPheaor權(quán)限TH32CS SNAPthread Or TH32CS_ SNAPmodulePrivate Function Open Processes As Boolean進(jìn)程操作的錯(cuò)誤信息代碼中國(guó)煤化工Private Const ERROR SUCCESS As Short=0Private Const ERROR_ACCESS_ DENIED As short=5CNMHG>攝好車Q27實(shí)用第一;氵智慧密集Dim M As IntegerReDim Preserve Var ProcessInfo(N)Dim VarLength As IntegerVarProcessinfo(N) Process Type= 2Dim Var ProcessHandle As integerVar Processinfo(N). ProcessID= IDim VarHide Flag As BooleanVarProcessInfo(N). FileName= Trim(VarFileName)Dim VarProcesslD(1023)As IntegerEnd IfDim VarModules(1023 )As IntegerCall CloseHandle(Var ProcessHandle初始化相關(guān)的參數(shù)End IfN=0VarProcess counter=0‘初始化計(jì)數(shù)器End If將所有進(jìn)程的PD記入到數(shù)組 Var ProcessID中(注意:不包括隱藏進(jìn)程!)Open Processes TrueIf EnumProcesses (arProcesslD (0), 4096, Var-Catch Errors As ExceptionLength)<>0 ThenOpen Processes FalseVarProcess Counter= VarLength \4 VarProcess-End TryCounter為進(jìn)程總數(shù)(注意:不包括颱威進(jìn)程!)End FunctionFor I=0 To &HFFFF Step 4Private Function OpenModules (By Val VarProcessID AsVarProcessHandle Open Process(PRo- Integer) As BooleanCESS QUERY INFORMATION Or PROCESS VM READ, 0Dim VarProcessHandle As IntegerIf Var ProcessHandle <>0 ThenDim VarFileName As String系統(tǒng)中有|這個(gè)進(jìn)程時(shí)Dim Var Modules(1023)As IntegerVarHide Flag= True初始化相關(guān)的參數(shù)以下是判斷枚舉到的進(jìn)程是否為隱藏進(jìn)程的代碼Var Module Counter=0‘初始化計(jì)數(shù)器For M=0 To VarProcess Counter -1 Step 1Var ProcessHandle Open Process (PRO-If I= VarProcessl D(M)ThenCESS QUERY_ INFORMATION Or PROCESS_VM_ READ, 0,VarHide Flag FalseVarProcessIDExit ForCall Enum ProcessModules Nar ProcessHandle Var-End懺Modules(O),4096,O)列舉模塊名稱地址Next MDo Until VarModules(Var Module Counter)=0VarFileName= Space(1024)創(chuàng)建緩沖區(qū)VarFileName= Space1024)‘建立模塊名稱緩沖區(qū)把進(jìn)程模塊記入到數(shù)組 VarModules中(號(hào)Call GetModule File Ex (VarProcessHandle元素是進(jìn)程全路徑,其他是進(jìn)程模塊全路徑VarModules(VarModule Counter), Var FileName, 1024)If EnumProcessModules (varProcessHan-填充模塊名dle, VarModules(0), 4096, 0 )<>0 ThenReDim Preserve VarModule Names (arModule-GetModule FileNameEx的返回值是 CounterVarFileName的字符串長(zhǎng)度Var ModuleNames Var Module Counter) LeftCall GetModule FileNameEx (VarPro- ( Name, InStr(1, VarFileName, vbNullChar)-1cessHandle, VarModules(0), Var FileName 1024)修正模塊名ReDim Preserve VarProcessinfo(N)VarModule Counter VarModule Counter +1VarProcessInfo (N). ProcessType IlfLoopNarHide Flag True, 1, 0)OpenModules TrueVar ProcessInfo(N). ProcessID ICatch Errors As ExceptionVarProcessInfo(N). FileName Trim(Var File Name)Open Modules FalseN=N+End TryElself VarModules(0)<>0 ThenEnd Function獲取進(jìn)程映像路徑,有時(shí)結(jié)束后的進(jìn)程會(huì)留下,叫“定義類模塊的方法尸進(jìn)程”P(pán)ublic Sub InitializeGetProcesslmage FileName的返回值是VarFileName字符串長(zhǎng)度的兩倍-1中國(guó)煤化工Call GetProcesslmage FileName (VarPro-CNMHGcessHandle, VarFileName 1024)28201101編技巧與護(hù)方數(shù)據(jù)編程語(yǔ)言PROGRAM LANGUAGE.………………Erase Var ProcessInfoForms Form closedEventArgs) Handles Me FormClosedErase VarModuleNamesVarGetProcesses NothingCatch Errors As ExceptionEnd Sub錯(cuò)誤處理Private Sub ListView1_Column Click(ByVal event SenderEnd SubForms. ColumnClick EventArgs) Handles ListView1 Colum-52顯示進(jìn)程信息的表單下面設(shè)計(jì)一個(gè)“進(jìn)程管理器",用以說(shuō)明上述進(jìn)程管理類Me. ListView1Sorting System Windows Forms. Sor-tOrder Descending的使用方法。首先在Foml上添加一個(gè) Label控件name為L(zhǎng)aMe ListView 1. ListViewltem Sorter New ListViewltem-bell,一個(gè) Text Box控件name為 TextI,一個(gè) List View控件 Comparer(eventArgs Columnname為 List viewl,一個(gè) Context MenuStrip控件name為ConMe ListView.Sort(text MenuStripl,一個(gè) ImageList控件name為 Imagelistl,一個(gè)End SubToolTip控件name為 ToolTip,兩個(gè) Command Button控件namePrivate Sub ListView1_Double Click(ByVal event Senderdl、 Command2,如圖I所示。As System Object, ByVal eventArgs As System. EventArgs)Handles ListView 1. Double Click增加模塊代碼,源程序如下If Not Me. ListView1, Focusedltem Is Nothing ThenEnd ifEnd SubPrivate Sub ListView1_Mouse Down (ByVal eventSenderAs System Object, ByVal eventArgs As System WindowForms. Mouse EventArgs) Handles ListView1 Mouse DownSelect Case eventArgs ButtonCase Windows. Forms. Mouse Buttons. Left, Win-dows Forms Mouse Buttons MiddleIf Me. ListView1 Focusedltem Is Nothing ThenExit SubMe. ListView1.GetltemAt (eventArgs. x, even-tArgs. Y).Selected TrueEnd IfCase Windows Forms. MouseButtons RightOption Strict OffMe. ListView1 ContextMenuStrip Me Con-Option Explicit OntextMenuStrip1Option Compare BinaEnd SelectFriend Class Form1End subInherits System. Windows Forms FormPublic Sub Menulnterrupt Process_Click (By ValPrivate Var GetProcesses As New GetProcesseseventSender As System Object, By Val eventArgs As syPrivate Sub Form1_Load (ByVal eventSender As Sys- tem EventArgs) Handles MenulnterruptProcess Clicktem Object, By Val eventArgs As System. EventArgs) HandlesIf Not Me. ListView1 Focusedltem Is Nothing ThenMy Base LoadIf Var GetProcesses. InterruptProcess (CInt (Me.Me. ListView1 LargelmageList Me ImageList1ListView1. Focuseditem Subitems(1). Text))= True theneToolTip1 SetToolTip(Me ListView1.“‘雙擊左鍵顯示Me ListView 1 Items. RemoveAt(Me. ListView1 Fo-該進(jìn)程運(yùn)行的所有模塊!'+ vbCrLf+‘單擊鍵:顯示中斷進(jìn)程 cusedltem Index運(yùn)行的菜單!MsgBox中斷進(jìn)程成功!‘. Msg Style. Infor-Me Show)mation+ MsgBoxStyle. OkOnly.系統(tǒng)運(yùn)行信息提示:7Command1_Click(Command1, New System. EventArgsMsgBox中斷進(jìn)程失敗!" Msg Style. ExclaEnd SubmatPrivate Sub Form1_FormClosed ( ByVal event Sender AsYH中國(guó)煤化工錯(cuò)誤倍息提小System Object, By Val eventArgsSystem. WindowsCNMHG實(shí)用第一氵智慧密集End SubList View1,一個(gè) Image List控件name為 ImageList1,一↑Private Sub Command1_Click (Byal eventSenderToolTip控件name為 ToolTip,兩個(gè) Command Button控件nameSystem Object, By Val eventArgs As System. EventArgs))為 Commandl、 command,如圖2所示。Handles Command 1. ClickDim I As IntegerDim varListViewltem As New ListViewltemSystem. Windows Forms. Cursor. Current = SystemWindows Forms. Cursors. AppStartingMe. Command 1. Enabled= FalseMe Text1. Text = CStr(Nothing)VarGetProcesses. Initialize(If VarGetProcesses Canvass Processes True ThenMe Text1. Text CStr (Var GetProcesses. Process.For 1=0 To Var GetProcesses. Process Counter-1Step 1Select Case VarGetProcesses Process Type(l)Case0·正常進(jìn)程圖2VarListViewltem Me ListView1 ItemAd正常進(jìn)程,0)Case1‘隱藏進(jìn)程增加模塊代碼,源程序如下VarListViewltem Me ListView1 ItemOption Strict OffAdd'隱藏進(jìn)程;1)Case2‘懾尸進(jìn)程O(píng)ption Compare BinaryVarListViewltem Me ListView1 ItemsAdd'儼尸進(jìn)程2)Inherits System. Windows Forms FormCase ElsePrivate VarGetProcesses As New GetProcessesEnd SelectPrivate Sub Form2_Load (ByVal event Sender As Sys-VarListViewitem. Subltems Add(VarGetProcesses. tem Object, ByVal eventArgs As System. EventArgs)HandlesProcesslD(O). ToStringMy Base LoadVarListViewltem. Subitems. Add(Var GetProcessesFile Name(0))Me Show()Command1_ Click(Command1, New System EverEnd IftArgs())Me Command1 Enabled TrueEnd SubSystem. Windows Forms. Cursor. Current SystemPrivate Sub Form2_ Form Closed(ByVal eventSender AsWindows Forms Cursors. ArrowSystem Object, ByVal eventArgs As System. Windows.End SubForms Form Closed EventArgs) Handles Me FormClosedPrivate Sub Command2_Click (By Val eventsender AsVar GetProcesses NothingSystem Object, ByVal eventArgs As System. EventArgs)End SubHandles Command2 ClickPrivate Sub ListView1_ Column Click(By al event SenderMe Close(As System Object, ByVal eventArgs As System. WindowsEnd SubForms. Column Click EventArgs) Handles ListView1 Colum-End ClassMe. ListView1 ListViewltem Sorter New ListViewltem53顯示模塊信息的表單Comparer(eventArgs Column)Me. ListView1 Sorting System Windows Forms. Sor-下面設(shè)計(jì)一個(gè)被調(diào)用的顯示進(jìn)程所引用的cxe、DL文件 torder Ascending等模塊信息的表單,同樣用以說(shuō)明上述進(jìn)程管理類的使用方中國(guó)煤化工法。首先在Fom1上添加一個(gè) Label控件nme為 Labell,個(gè) Text Box控件name為T(mén)ext1,一↑ Listview控件name為CN MHG(Byal event As30電腦技巧與編程語(yǔ)言……PR0 GRAM LANGUAGE…System Object, Byal eventArgs As System. EventArgs) Handles Command2 ClickHandles Command1. ClickMe Close)System. Windows Forms. Cursor. Current System. End ClassWindows Forms. Cursors. AppStarting54運(yùn)行效果Me Command1 Enabled False如圖3所示。Me Text1.Text= CStr(Nothing)Me. ListView1 Items ClearIf VarGetProcesses. CanvassModules (al(Form1ListView1. Focusedltem. Subitems(1). Text))= True ThenMe. Text1. TextStr (Var GetProcesses. ModuleCounterFor I =0 To VarGetProcesses Module CounterepMe. ListView1 Items Add(Var GetProcesses. Modu-1,1leName(), owa Thareneea arNext IEnd IfMe Command1 Enabled TrueSystem. Windows Forms. Cursor, Current Sys-測(cè)」tem Windows Forms. Cursors. Arrow出nd SubPrivate Sub Command2_Click (ByVal eventSender AsSystem Object, By al eventArgs As System. EventArgs(收稿日期:2010-1007)(上接第14頁(yè))CoLORREF clrCtlText RGB(0, 0, 159);退出4實(shí)驗(yàn)FILE * agencys: agencys=forcorpus, wt";∥讀出向中的內(nèi)容保存到文件中使用這個(gè)程序做了大量的人工分詞和詞性標(biāo)注的實(shí)驗(yàn),實(shí)if(agencys==NULL) return驗(yàn)結(jié)果顯示,這個(gè)程序既能夠有效處理簡(jiǎn)體漢字語(yǔ)料,也能夠CStdioFile agents(agencys處理 Unicode編碼的繁體漢字語(yǔ)料,大大提高了人工分詞及詞for( int i=0: i totalLines: i++)性標(biāo)注的速度和正確率agents. WriteString(linesliD)agents. Close參考文獻(xiàn)(10)小鍵盤(pán)中“檢驗(yàn)標(biāo)注”和“強(qiáng)制提交”兩個(gè)命令按鈕的單擊響應(yīng)消息與“提交標(biāo)注”相似,對(duì)“檢驗(yàn)標(biāo)注”[陳小荷,現(xiàn)代漢語(yǔ)自動(dòng)分析— Visual c+實(shí)現(xiàn)[M],北命令按鈕的單擊響應(yīng)消息的代碼只編寫(xiě)至京:語(yǔ)言文化大學(xué)出版社,2000if( m_ appear I =")2]劉開(kāi)瑛.中文文本自動(dòng)分詞和標(biāo)注M].北京:商務(wù)印書(shū)Update Data(FALSE)Updatewindow0eturn:〔3] D.S. Malik,著,晏海華,等,譯,C+編程—數(shù)據(jù)結(jié)構(gòu)結(jié)束即可。與程序設(shè)計(jì)方法.北京:電子工業(yè)出版社,2003強(qiáng)制提交”命令按紐的單擊響應(yīng)消息可以復(fù)制“提交{4]梁水,王家勝.視頻學(xué) Visual c++.北京:人民郵電出版標(biāo)注”的代碼,只要去掉上面的這兩行代碼就行了。(11)如果想要使這個(gè)輔助程序更加美觀一點(diǎn),只要選(收稿日期:2010-10-11)取“ Class View",找到這個(gè)對(duì)話框App類的 InitInstance0函數(shù),在 AfxEnable ControlContainer0;下面添加三行代碼即可:中國(guó)煤化工CoLORREF clrCtlBk RGB(230, 242, 255):CNMHG3