應用API管理進(jìn)程

實(shí)用第一氵智慧密集應用API管理進(jìn)程倪顯利摘要:進(jìn)程是一個(gè)具有獨立功能的程序,對進(jìn)程進(jìn)行有效地管理,保障安全、高效運行有著(zhù)重要意義。簡(jiǎn)要介紹了進(jìn)程及其相關(guān)概念,并通過(guò)編程實(shí)例,闡述了管理進(jìn)程實(shí)用類(lèi)的開(kāi)發(fā)和設計方法。關(guān)鍵詞:進(jìn)程;狀態(tài);管理;線(xiàn)程;模塊;類(lèi);權限進(jìn)程是操作系統中最基本、重要的概念。多道程序在執行一個(gè)進(jìn)程從主線(xiàn)程的執行開(kāi)始進(jìn)而創(chuàng )建一個(gè)或多個(gè)附加線(xiàn)程,時(shí),需要共享系統資源,從而導致各程序在執行過(guò)程中出現相就是所謂基于多線(xiàn)程的多任務(wù)?；ブ萍s的關(guān)系,程序的執行表現出間斷性的特征。這些特征都進(jìn)程是由進(jìn)程控制塊、程序段、數據段3部分組成。一個(gè)是在程序的執行過(guò)程中發(fā)生的,是動(dòng)態(tài)的過(guò)程,而傳統的程序進(jìn)程可以包含若干線(xiàn)程,線(xiàn)程可以幫助應用程序同時(shí)做幾件本身是一組指令的集合,是一個(gè)靜態(tài)的概念,無(wú)法描述程序在事,比如:一個(gè)線(xiàn)程向磁盤(pán)寫(xiě)入文件,另一個(gè)則接收用戶(hù)的按內存中的執行情況,既無(wú)法從程序的字面上肴出它何時(shí)執行,鍵操作并及時(shí)做出反應,互相不干擾,在程序被運行后,系統何時(shí)停頓,也無(wú)法看出它與其他執行程序的關(guān)系,因此,程序首先要做的就是為該程序進(jìn)程建立一個(gè)默認線(xiàn)程,進(jìn)程然后程這個(gè)靜態(tài)概念已不能如實(shí)反映程序并發(fā)執行過(guò)程的特征。為了序可以根據需要自行添加或刪除相關(guān)的線(xiàn)程。是可并發(fā)執行的深刻描述程序動(dòng)態(tài)執行過(guò)程的性質(zhì),人們引人“進(jìn)程(Po程序。在一個(gè)數據集合上的運行過(guò)程,是系統進(jìn)行資源分配和ces)”概念調度的一個(gè)獨立單位,也是稱(chēng)活動(dòng)、路徑或任務(wù),它有兩方面進(jìn)程的概念是上個(gè)世紀六十年代初首先由麻省理工學(xué)院的性質(zhì):活動(dòng)性、并發(fā)性。MULTICS系統和IBM公司的CTSS360系統引入的。在Win進(jìn)程與線(xiàn)程的區別,進(jìn)程是執行程序的實(shí)例。例如,當運dows3x操作系統下,進(jìn)程是最小運行單位。而在 Windows95/行記事本程序( Nodepad. exe)時(shí),就創(chuàng )建了一個(gè)用來(lái)容納組成NT及其以后版本的 Window操作系統下,進(jìn)程又被細化為線(xiàn) Notepad.exe的代碼及其所需調用動(dòng)態(tài)鏈接庫的進(jìn)程。每個(gè)進(jìn)程程,也就是一個(gè)進(jìn)程下有多個(gè)能獨立運行的更小的單位。每個(gè)均運行在其專(zhuān)用且受保護的地址空間內。因此,如果同時(shí)運行進(jìn)程還可以啟動(dòng)幾個(gè)線(xiàn)程,線(xiàn)程是最小單位,比如每下載一個(gè)記事本的兩個(gè)拷貝,該程序正在使用的數據在各自實(shí)例中是彼文件可以單獨開(kāi)一個(gè)線(xiàn)程。此獨立的。在記事本的一個(gè)拷貝中將無(wú)法看到該程序的第二個(gè)1進(jìn)程及其相關(guān)概念實(shí)例打開(kāi)的數據。實(shí)際上線(xiàn)程運行而進(jìn)程不運行。兩個(gè)進(jìn)程彼此獲得專(zhuān)用數據或內存的唯一途徑只有通過(guò)一種協(xié)作策略協(xié)議進(jìn)程是操作系統進(jìn)行資源分配和獨立運行的基本單元(單來(lái)共享內存塊。但是對于線(xiàn)程由于 Window的多任務(wù)特性使得位)。進(jìn)程是操作系統結構的基礎;是一個(gè)正在執行的程序;它們之間不但獨立運行,而且彼此共享虛擬空間,也就是共用是計算機中正在運行的程序實(shí)例;是可以分配給處理器并由處變量,線(xiàn)程能夠同時(shí)操作一片內存理器執行的一個(gè)實(shí)體;是由單一順序的執行顯示,一個(gè)當前狀簡(jiǎn)而言之,線(xiàn)程就是把一個(gè)進(jìn)程分為很多片,每一片都可態(tài)和一組相關(guān)的系統資源所描述的活動(dòng)單元以是一個(gè)獨立的流程。這已經(jīng)明顯不同于多進(jìn)程了,進(jìn)程是在談到進(jìn)程時(shí),還要涉及到線(xiàn)程的概念。線(xiàn)程是可執行代個(gè)拷貝的流程,而線(xiàn)程只是把一條河流截成很多條小溪。它沒(méi)碼的可分派單元。這個(gè)名稱(chēng)來(lái)源于“執行的線(xiàn)索”的概念。在有拷貝這些額外的開(kāi)銷(xiāo),但是僅僅是現存的一條河流,就被多基于線(xiàn)程的多任務(wù)的環(huán)境中,所有進(jìn)程有至少一個(gè)線(xiàn)程,但是線(xiàn)程技術(shù)幾乎無(wú)開(kāi)銷(xiāo)地轉成很多條小流程。進(jìn)程開(kāi)銷(xiāo)大,線(xiàn)程它們可以具有多個(gè)任務(wù)。這意味著(zhù)單個(gè)程序可以并發(fā)執行兩個(gè)開(kāi)銷(xiāo)較小,這就是最基本的區別?；蛘叨鄠€(gè)任務(wù)。進(jìn)程是指在系統中正在運行的一個(gè)應用程序;2進(jìn)程的狀態(tài)線(xiàn)程則是系統分配處理器時(shí)間資源的基本單元,或者說(shuō)進(jìn)程之獨立執行的一個(gè)單元。對于操作系統而言,其調度單元是線(xiàn)rV凵中國煤化工即運行、阻塞和就程。一個(gè)進(jìn)程至少包括一個(gè)線(xiàn)程,通常將該線(xiàn)程稱(chēng)為主線(xiàn)程。并隨CNMHG運行,運行一阻塞,阻24201101/電技巧與維護編程語(yǔ)言PR0 GRAM LANGUAGE……塞一就緒?！斑M(jìn)程ID"來(lái)彼此區別的。(1)執行狀態(tài):CPU正在執行,即進(jìn)程正在占用cPU。進(jìn)程可以分為系統進(jìn)程和用戶(hù)進(jìn)程。系統進(jìn)程是用于完成(2)就緒狀態(tài):進(jìn)程已經(jīng)具備的執行一切條件,正在等待操作系統的各種功能的進(jìn)程,它們就是處于運行狀態(tài)下的操作分配CPU的處理時(shí)間片系統本身,最基本的系統進(jìn)程,也就是說(shuō),這些進(jìn)程是系統運(3)停止狀態(tài):進(jìn)程不能使用cPU。行的基本條件,有了這些進(jìn)程,系統就能正常運行。在“Win正常來(lái)說(shuō)進(jìn)程有這3種狀態(tài),但是在特殊情況下,例如:dows任務(wù)管理器”的“進(jìn)程”選項卡中,第二列“用戶(hù)名子進(jìn)程與父進(jìn)程之間的調度或網(wǎng)絡(luò )因素等原因,會(huì )多出一種狀列出的是“ SYSTEM"。用戶(hù)進(jìn)程就是所有由用戶(hù)開(kāi)啟、執行的態(tài),這就是“僵尸進(jìn)程( Zombie)”,僵尸進(jìn)程將會(huì )導致系統資額外程序的進(jìn)程。在“ Windows任務(wù)管理器”的“進(jìn)程”選項源的浪費。僵尸進(jìn)程是非常特殊的一種,它已經(jīng)放棄了幾乎所卡中,第二列“用戶(hù)名”列出的是“ LOCAL SERVICE"、有內存空間,沒(méi)有任何可執行代碼,也不能被調度,僅僅在進(jìn) NETWORK SERVICE"、" Administrator”以及其他用戶(hù)名稱(chēng)程列表中保留一個(gè)位置,記載該進(jìn)程的退出狀態(tài)等信息供其他等等。進(jìn)程收集,除此之外,僵尸進(jìn)程不再占有任何內存空間。通常情況下,如果子進(jìn)程的狀態(tài)為“僵尸”時(shí),父進(jìn)程就不會(huì )自動(dòng)5進(jìn)程管理類(lèi)的設計與實(shí)現結束,從而其占用的系統資源就不會(huì )自動(dòng)釋放,這樣就降低了在 Windows操作系統中如何管理進(jìn)程,識別隱藏進(jìn)程,甄操作系統的性能別病毒的進(jìn)程并及時(shí)中斷它們,對于系統的安全、平穩地運行3進(jìn)程與程序具有重要意義。在這里設計一個(gè)管理進(jìn)程的實(shí)用類(lèi),該類(lèi)沒(méi)有使用傳統的方法(例如: Process32Firt、 Process32Next函數等進(jìn)程是程序在計算機上的一次執行活動(dòng)。每運行一個(gè)程等)來(lái)列舉系統中的進(jìn)程,而是使用循環(huán)來(lái)窮舉系統中的進(jìn)程序,就啟動(dòng)了一個(gè)進(jìn)程。顯然,程序是靜態(tài)的,進(jìn)程是動(dòng)態(tài)(系統中的“進(jìn)程ID”一般不會(huì )超過(guò)五位數),重點(diǎn)就是在這的。對應用程序來(lái)說(shuō),進(jìn)程就像一個(gè)大容器,在應用程序被運里:因為無(wú)論是隱藏的進(jìn)程,還是一般的進(jìn)程,只要 OpenPro-行后,就相當于將應用程序裝進(jìn)容器里了,可以往容器里加其ce函數的第三個(gè)參數是一個(gè)系統當前真實(shí)存在的“進(jìn)程他東西,例如:應用程序在運行時(shí)所需的變量數據、需要引用1D",那么 Open Proces函數就有返冋值。的DLL文件等,當應用程序被運行兩次時(shí),容器里的東西并本例為了增強代碼的可復用性和可維護性,將所有對進(jìn)程不會(huì )被倒掉,系統會(huì )找一個(gè)新的進(jìn)程容器來(lái)容納它。的管理和維護功能集成封裝到一個(gè)通用管理類(lèi)中。采用簡(jiǎn)單的進(jìn)程為應用程序的運行實(shí)例,是應用程序的一次動(dòng)態(tài)執辦法使用 Visual basic2008專(zhuān)門(mén)提供的預定義 Windows Al聲行。它是操作系統當前運行的執行程序。在系統當前運行的執明,引用所需要的API函數,在類(lèi)模塊中定義 GetProcesseg行程序里包括:系統管理計算機個(gè)體和完成各種操作所必需的類(lèi),用于實(shí)現下述管理功能:程序;用戶(hù)開(kāi)啟、執行的額外程序,當然也包括用戶(hù)不知道而(1)枚舉各類(lèi)進(jìn)程,包括一般進(jìn)程、隱藏進(jìn)程和僵尸進(jìn)程。自動(dòng)運行的非法程序,它們就有可能是病毒程序。(2)枚舉進(jìn)程引用的所有模塊(比如:exe和山等等)。危害較大的可執行病毒同樣以“進(jìn)程”形式出現在系統內(3)中斷進(jìn)程等等部,但是一些病毒可能并不被進(jìn)程列表顯示,例如:“宏病51公共類(lèi)模塊處理毒”,所以及時(shí)查看并準確殺掉非法進(jìn)程對于手工殺毒有起著(zhù)定義一個(gè)進(jìn)程管理類(lèi),增加類(lèi)模塊 Get Processes vb,源程關(guān)鍵性的作用。序如下:4進(jìn)程管理Option Strict OffOption Explicit On進(jìn)程是由它們所運行的可執行程序實(shí)例來(lái)識別的,在 Option Compare BinaryWindows任務(wù)管理器”的“進(jìn)程”選項卡中,第一列“映象 Friend Class GetProcessesPrivate Declare Function CloseHandle Lib kernel32. dIl"名稱(chēng)”列出的是可執行程序文件名稱(chēng)。但這里并沒(méi)有進(jìn)程名稱(chēng) (By al hObject As Integer) As Integer列,因為進(jìn)程并不擁有獨立于其所歸屬實(shí)例的映射名稱(chēng)。編程Private Declare Function GetlastError Lib"kernel32. dII'0中是通過(guò)它們的“進(jìn)程ID”來(lái)標識的,因為每個(gè)進(jìn)程都擁有 As Integer其獨一無(wú)二的標識編碼。各個(gè)“進(jìn)程ID”由 Window操作系Private Declare Function Open Process Lib kernel32. dll統自動(dòng)生成,并可以循環(huán)使用。因此,“進(jìn)程ID”將不會(huì )超4 wDesiredAccess As Integer,, ByVal blnherItHandle編越大,它們能夠得到循環(huán)利用。例如:如果運行3個(gè)記事本中國煤化 ger)As Integers First Lib kernel32. dll拷貝,將會(huì )看到3個(gè)稱(chēng)為 Notepad.exe的進(jìn)程,它們就是通過(guò)AlasC N MH GShot As Integer, ByRef2011.01電腦覆技巧與維護、實(shí)用第一氵智慧密集uProcess As PROCESSENTRY32) As IntegerPrivate Const ToKEN DUPLICATE As Short =&H2SPrivate Declare Function ProcessNext Li" kerne32d·要求復制訪(fǎng)問(wèn)信令Alias'Process32Next' ( By Val sNap Shot As Integer, By RefPrivate Const TOKEN IMPERSONATE As Short = &H4SuProcess As PROCESSENTRY32)As Integer要小將模仿訪(fǎng)問(wèn)信令連到進(jìn)程上Private Declare Function Terminate Process Lib kerne 32.Private Const ToKEN QUERY As Short=&H8S要求查dll'(ByVal hProcess As Integer, ByVal uExit Code As Integer詢(xún)訪(fǎng)問(wèn)信令的內容Private Const ToKEN QUERY SOURCE As ShortPrivate Declare Function Enum Processessapi. d&H10s‘要求查詢(xún)訪(fǎng)問(wèn)信令源(By Ref IpidProcess As Integer, B Val cb As Integer, By RefPrivate Const TOKEN ADJUST PRIVILEGES As shortcbNeeded As Integer) As Integer&H20S要求改變訪(fǎng)問(wèn)信令中指定的權限Private Declare Function EnumProcessModules Lib ' psapiPrivate Const TOKEN ADJUST GROUPS As Shortdr( ByVal pRocess As Integer, By Ref lphModule As Integer,&H40S要求改變訪(fǎng)問(wèn)信令中指定的組ByVal cb As Integer, ByRef lpcbNeeded As Integer) As Inte-Private Const TOKEN ADJUST DEFAULT As Short&H80S要求改變訪(fǎng)問(wèn)信令的缺省ACL,主組或屬主Private Declare Function GetProcesslmage File Name LibPrivate Const TOKEN ADJUST_ SESSIONID As Shortpsapi. dll Alias 'GetProcessimage FileName'( ByVal hPro&H100S在 Windows2000、 Windows XP及其以后的版本中cess As Integer, ByVal lplmage FileName As String.Bwva‘新增權限,在 Windows nt4.0中訪(fǎng)問(wèn)令牌的訪(fǎng)問(wèn)控制列表中sIze As Integer) As Integer是沒(méi)有這個(gè)值的Private Declare Function GetModule FileNameEx LibPrivate Const TOKEN_ READ As Boolean STAN-psapi. dil Alias'GetModule FileName ExA'(ByVal hProcess As DARD_ RIGHTS_READ Or TOKEN_QUERYInteger, Byal hModule As Integer ByVal lpFileName AsPrivate Const ToKEN WRITE As Boolean STAN-String, By Val n Size As Integer) As IntegerDARD RIGHTS WRITE Or TOKEN_ ADJUST_ PRIVILEGES Or進(jìn)程操作的功能常數TOKEN ADJUST GROUPS Or TOKEN_ ADJUST DEFAULTPrivate Const DELETE As Integer=&H10000刪除訪(fǎng)問(wèn)Private Const ToKEN_EXECUTE As Object STANPrivate Const READ CONTROL As Integer &H20000DARD RIGHTS EXECUTE不包括系統ACL的安全描述行的讀訪(fǎng)問(wèn)Private Const TOKEN_ ALL_ ACCESS_P As BooleanPrivate Const WRITE_DAC As Integer = &H40000STANDARD RIGHTS REQUIRED Or TOKEN_ASSIGN_PRI-任選ACL的寫(xiě)訪(fǎng)問(wèn)MARY Or TOKEN DUPLICATE Or TOKEN IMPERSONATEPrivate Const WRITE_OWNER As Integer &H80000Or ToKEN QUERY Or TOKEN QUERY SOURCE Or TO-所有者的寫(xiě)訪(fǎng)問(wèn)KEN ADJUST PRIVILEGEs Or TOKEN ADJUST GROUPSPrivate Const SYNCHRONIZE As Integer &H100000Or ToKEN ADJUST DEFAULT* STANDARD RIGHTs_+同步訪(fǎng)問(wèn),在 Windows nt中允許在任何等待函數中使用進(jìn) REQUIRED標準訪(fǎng)問(wèn)權限與其他訪(fǎng)問(wèn)權限進(jìn)行組合程句柄來(lái)等待進(jìn)程的結束Private Const TOKEN ALL ACCESS As Boolean TO-Private Const SPECIFIC_ RIGHTS_ALL As ShortKEN_ ALL ACCESS_ P Or TOKEN_ ADJUST_ SESSIONID& HFFFFS表示所有的特定權利,也包含那些不為對象定義的增加 TOKEN ADJUST SESS|OND權限Private Const STANDARD_RIGHTS_ READ As IntegerPrivate Const TOKEN_ALL_ ACCESS &H1F01 FFREAD CONTROL當前定義等同 READ CONTROL設置特權屬性定義Private Const STANDARD_ RIGHTS_WRITE As IntegerPrivate Const SE PRIVILEGE ENABLED BY DEFAULTREAD CONTROL’當前定義等同 READ CONTROLAs Short=&H1S權限被缺省允許Private Const STANDARD_ RIGHTS_ EXECUTE As IntegPrivate Const SE PRIVILEGE ENABLED As short=READ_ CONTROL當前定義等同 READ CONTROL&H2S權限被允許Private Const STANDARD RIGHTS REQUIRED As Inte-Private Const SE PRIVILEGE REMOVED As shortger=&HF000組合 DELETE READ CONTROLWRITE_DAC、&H4S‘權限被禁止WRITE OWNER訪(fǎng)問(wèn)Private Const sE PRIVilEGE USED FOR ACCESs AsPrivate Const STANDARD_ RIGHTS_ ALL As IntegerInteger=&H8000000°權限被用來(lái)獲取對一個(gè)對象或服務(wù)的&H1F0000組合READ CONTROL、 WRITE DAC、“訪(fǎng)問(wèn)。這標志被用來(lái)標識一個(gè)集合中的適當權限,該集合由WRITE OWNER SYNCHRONIZE訪(fǎng)問(wèn)個(gè)客戶(hù)應用程序傳遞,其中可能含有不必要的權限。Private Const GENERIC_ALL As Integer= &H10000000定義進(jìn)程對家的訪(fǎng)問(wèn)權限訪(fǎng)問(wèn)信令定義的訪(fǎng)向權限說(shuō)明Const PROcess TFRMINATE As short =&H1SPrivate Const ToKEN_ASSIGN_ PRIMARY As short = t中國煤化工利進(jìn)程句柄米結束進(jìn)程&H1S‘要求除了 SE CREATE TOKEN NAME權限之外,還要CNMHGE- THREAD AS Short把主信令連到進(jìn)程上8H2函數中使用進(jìn)程句柄創(chuàng )建4040z9數靄鳊編程語(yǔ)言…PR0 GRAM LANGUAGE.…該進(jìn)程的一個(gè)線(xiàn)程Private Const ERROR_ NOT_ ALL ASSIGNED As ShoPrivate Const PROCESS SET SESSIONID As Short 1300&H4SPrivate Const ANYSIZE ARRAY As short =1Private Const PROCESS VM OPERATION As ShortPrivate Structure LUID&H8S允許在 VirtualProtectEx和 Write ProcessMemory函數Dim Low Part As Integer中使用進(jìn)程句柄來(lái)修改進(jìn)程的虛擬內存im High Part As IntegerPrivate Const PROCESS VM READ As short =&H10SEnd Structure允許在 ReadProcessMemory函數中使用進(jìn)程句柄來(lái)讀取進(jìn)Private Structure LUID AND ATTRIBUT程的虛擬內存Dim pLaid As LUIDPrivate Const PROCESSITE As Short &H20SDim Attributes As Integer允許在 WriteProcessMemory函數中使用進(jìn)程句柄來(lái)寫(xiě)入進(jìn)End Structure程的虛擬內存Private Structure TOKEN PRIVILEGESPrivate Const PROCESS DUP HANDLE As ShortDim Privilege Count As Integer&H40S‘允許在 DuplicateHandle函數中使用進(jìn)程句柄作為源 Dim Privileges As進(jìn)程或目標進(jìn)程來(lái)復制一個(gè)句柄LUID AND ATTRIBUTESPrivate Const Process CREATE PRoCEss As shortPublic Sub Initialized&H80S‘內部使用ReDim Privileges(ANYSIZE_ARRAYPrivate Const PROCESS SET QUOTA As ShortEnd SubH100SEnd StructurePrivate Const PROCESS SET INFORMATION As ShortPrivate Const MAX PATH As short= 260&H20S允許在 SetPriority Class I函數中使用進(jìn)程句柄來(lái)設置Private Structure PROCESSENTRY32進(jìn)程的優(yōu)先級。Dim dwSize As IntegerPrivate Const PROCESS QUERY INFORMATIONDim cntUsage As IntegerShort=&H400S‘允許在 GetExitCode Process和 GetPriori-Dim th32ProcesslD As Integerty Class函數中使用進(jìn)程句柄來(lái)讀取進(jìn)程對象的信息Dim th32DefaultHeaplD As IntegerPrivate Const PROCESS SUSPEND RESUME As shortDim th32ModulelD As IntegerDim cnt Threads As IntegerPrivate Const PROCESS ALL_ ACCESS As BooleanDim th32Parent ProcessID As IntegerSTANDARD RIGHTS RED Or SYNCHRONIZE OrDim pcPri Class Base As Integer& HFFFS定義進(jìn)程對象的所有可能訪(fǎng)問(wèn)標志Dim dwFlags As IntegerPrivate Const PROCESS HEAP REGION As Short Pub-As short = &H2Slic szExeFile( As CharPrivate Const PROCESS HEAP ENTRY BUSY As ShortEnd Structure&H4S自定義數據類(lèi)型Private Const PROCESS HEAP ENTRY MOVEABLEPrivate Structure PROCEsS INFOShort =&H10SDim ProcessType As shortPrivate Const PROCESS HEAP ENTRY DDESHARE AsDim ProcessID As IntegerShort =&H20SDim FileName As StringPrivate Const PRoCess XP HEADER_ CACHE As inteEnd Structure=&H20000Private Var Process Counter As IntegerPrivate Const TH32CS_ SNAPheaplist As Short &H1SPrivate Var Module Counter As IntegerPrivate Const TH32CS SNAPPROCESS As Short =&H2SPrivate Var ProcessInfo() As PROCESS INFOPrivate Const TH32CS SNAPthread As short &H4SPrivate VarModule( As StringPrivate Const TH32CS SNAPmodule As short = &H8S本代碼靠 pspl. d的 Enum ProcessModules函數列舉,若Private Const TH32CS SNAPall As Boolean用系統 kerne32d的 GetModule FileName函數則需先提升TH32CS SNAPPROCESs Or TH32CS SNAPheaor權限TH32CS SNAPthread Or TH32CS_ SNAPmodulePrivate Function Open Processes As Boolean進(jìn)程操作的錯誤信息代碼中國煤化工Private Const ERROR SUCCESS As Short=0Private Const ERROR_ACCESS_ DENIED As short=5CNMHG>攝好車(chē)Q27實(shí)用第一;氵智慧密集Dim M As IntegerReDim Preserve Var ProcessInfo(N)Dim VarLength As IntegerVarProcessinfo(N) Process Type= 2Dim Var ProcessHandle As integerVar Processinfo(N). ProcessID= IDim VarHide Flag As BooleanVarProcessInfo(N). FileName= Trim(VarFileName)Dim VarProcesslD(1023)As IntegerEnd IfDim VarModules(1023 )As IntegerCall CloseHandle(Var ProcessHandle初始化相關(guān)的參數End IfN=0VarProcess counter=0‘初始化計數器End If將所有進(jìn)程的PD記入到數組 Var ProcessID中(注意:不包括隱藏進(jìn)程!)Open Processes TrueIf EnumProcesses (arProcesslD (0), 4096, Var-Catch Errors As ExceptionLength)<>0 ThenOpen Processes FalseVarProcess Counter= VarLength \4 VarProcess-End TryCounter為進(jìn)程總數(注意:不包括颱威進(jìn)程!)End FunctionFor I=0 To &HFFFF Step 4Private Function OpenModules (By Val VarProcessID AsVarProcessHandle Open Process(PRo- Integer) As BooleanCESS QUERY INFORMATION Or PROCESS VM READ, 0Dim VarProcessHandle As IntegerIf Var ProcessHandle <>0 ThenDim VarFileName As String系統中有|這個(gè)進(jìn)程時(shí)Dim Var Modules(1023)As IntegerVarHide Flag= True初始化相關(guān)的參數以下是判斷枚舉到的進(jìn)程是否為隱藏進(jìn)程的代碼Var Module Counter=0‘初始化計數器For M=0 To VarProcess Counter -1 Step 1Var ProcessHandle Open Process (PRO-If I= VarProcessl D(M)ThenCESS QUERY_ INFORMATION Or PROCESS_VM_ READ, 0,VarHide Flag FalseVarProcessIDExit ForCall Enum ProcessModules Nar ProcessHandle Var-End懺Modules(O),4096,O)列舉模塊名稱(chēng)地址Next MDo Until VarModules(Var Module Counter)=0VarFileName= Space(1024)創(chuàng )建緩沖區VarFileName= Space1024)‘建立模塊名稱(chēng)緩沖區把進(jìn)程模塊記入到數組 VarModules中(號Call GetModule File Ex (VarProcessHandle元素是進(jìn)程全路徑,其他是進(jìn)程模塊全路徑VarModules(VarModule Counter), Var FileName, 1024)If EnumProcessModules (varProcessHan-填充模塊名dle, VarModules(0), 4096, 0 )<>0 ThenReDim Preserve VarModule Names (arModule-GetModule FileNameEx的返回值是 CounterVarFileName的字符串長(cháng)度Var ModuleNames Var Module Counter) LeftCall GetModule FileNameEx (VarPro- ( Name, InStr(1, VarFileName, vbNullChar)-1cessHandle, VarModules(0), Var FileName 1024)修正模塊名ReDim Preserve VarProcessinfo(N)VarModule Counter VarModule Counter +1VarProcessInfo (N). ProcessType IlfLoopNarHide Flag True, 1, 0)OpenModules TrueVar ProcessInfo(N). ProcessID ICatch Errors As ExceptionVarProcessInfo(N). FileName Trim(Var File Name)Open Modules FalseN=N+End TryElself VarModules(0)<>0 ThenEnd Function獲取進(jìn)程映像路徑,有時(shí)結束后的進(jìn)程會(huì )留下,叫“定義類(lèi)模塊的方法尸進(jìn)程”P(pán)ublic Sub InitializeGetProcesslmage FileName的返回值是VarFileName字符串長(cháng)度的兩倍-1中國煤化工Call GetProcesslmage FileName (VarPro-CNMHGcessHandle, VarFileName 1024)28201101編技巧與護方數據編程語(yǔ)言PROGRAM LANGUAGE.………………Erase Var ProcessInfoForms Form closedEventArgs) Handles Me FormClosedErase VarModuleNamesVarGetProcesses NothingCatch Errors As ExceptionEnd Sub錯誤處理Private Sub ListView1_Column Click(ByVal event SenderEnd SubForms. ColumnClick EventArgs) Handles ListView1 Colum-52顯示進(jìn)程信息的表單下面設計一個(gè)“進(jìn)程管理器",用以說(shuō)明上述進(jìn)程管理類(lèi)Me. ListView1Sorting System Windows Forms. Sor-tOrder Descending的使用方法。首先在Foml上添加一個(gè) Label控件name為L(cháng)aMe ListView 1. ListViewltem Sorter New ListViewltem-bell,一個(gè) Text Box控件name為 TextI,一個(gè) List View控件 Comparer(eventArgs Columnname為 List viewl,一個(gè) Context MenuStrip控件name為ConMe ListView.Sort(text MenuStripl,一個(gè) ImageList控件name為 Imagelistl,一個(gè)End SubToolTip控件name為 ToolTip,兩個(gè) Command Button控件namePrivate Sub ListView1_Double Click(ByVal event Senderdl、 Command2,如圖I所示。As System Object, ByVal eventArgs As System. EventArgs)Handles ListView 1. Double Click增加模塊代碼,源程序如下If Not Me. ListView1, Focusedltem Is Nothing ThenEnd ifEnd SubPrivate Sub ListView1_Mouse Down (ByVal eventSenderAs System Object, ByVal eventArgs As System WindowForms. Mouse EventArgs) Handles ListView1 Mouse DownSelect Case eventArgs ButtonCase Windows. Forms. Mouse Buttons. Left, Win-dows Forms Mouse Buttons MiddleIf Me. ListView1 Focusedltem Is Nothing ThenExit SubMe. ListView1.GetltemAt (eventArgs. x, even-tArgs. Y).Selected TrueEnd IfCase Windows Forms. MouseButtons RightOption Strict OffMe. ListView1 ContextMenuStrip Me Con-Option Explicit OntextMenuStrip1Option Compare BinaEnd SelectFriend Class Form1End subInherits System. Windows Forms FormPublic Sub Menulnterrupt Process_Click (By ValPrivate Var GetProcesses As New GetProcesseseventSender As System Object, By Val eventArgs As syPrivate Sub Form1_Load (ByVal eventSender As Sys- tem EventArgs) Handles MenulnterruptProcess Clicktem Object, By Val eventArgs As System. EventArgs) HandlesIf Not Me. ListView1 Focusedltem Is Nothing ThenMy Base LoadIf Var GetProcesses. InterruptProcess (CInt (Me.Me. ListView1 LargelmageList Me ImageList1ListView1. Focuseditem Subitems(1). Text))= True theneToolTip1 SetToolTip(Me ListView1.“‘雙擊左鍵顯示Me ListView 1 Items. RemoveAt(Me. ListView1 Fo-該進(jìn)程運行的所有模塊!'+ vbCrLf+‘單擊鍵:顯示中斷進(jìn)程 cusedltem Index運行的菜單!MsgBox中斷進(jìn)程成功!‘. Msg Style. Infor-Me Show)mation+ MsgBoxStyle. OkOnly.系統運行信息提示:7Command1_Click(Command1, New System. EventArgsMsgBox中斷進(jìn)程失敗!" Msg Style. ExclaEnd SubmatPrivate Sub Form1_FormClosed ( ByVal event Sender AsYH中國煤化工錯誤倍息提小System Object, By Val eventArgsSystem. WindowsCNMHG實(shí)用第一氵智慧密集End SubList View1,一個(gè) Image List控件name為 ImageList1,一↑Private Sub Command1_Click (Byal eventSenderToolTip控件name為 ToolTip,兩個(gè) Command Button控件nameSystem Object, By Val eventArgs As System. EventArgs))為 Commandl、 command,如圖2所示。Handles Command 1. ClickDim I As IntegerDim varListViewltem As New ListViewltemSystem. Windows Forms. Cursor. Current = SystemWindows Forms. Cursors. AppStartingMe. Command 1. Enabled= FalseMe Text1. Text = CStr(Nothing)VarGetProcesses. Initialize(If VarGetProcesses Canvass Processes True ThenMe Text1. Text CStr (Var GetProcesses. Process.For 1=0 To Var GetProcesses. Process Counter-1Step 1Select Case VarGetProcesses Process Type(l)Case0·正常進(jìn)程圖2VarListViewltem Me ListView1 ItemAd正常進(jìn)程,0)Case1‘隱藏進(jìn)程增加模塊代碼,源程序如下VarListViewltem Me ListView1 ItemOption Strict OffAdd'隱藏進(jìn)程;1)Case2‘懾尸進(jìn)程O(píng)ption Compare BinaryVarListViewltem Me ListView1 ItemsAdd'儼尸進(jìn)程2)Inherits System. Windows Forms FormCase ElsePrivate VarGetProcesses As New GetProcessesEnd SelectPrivate Sub Form2_Load (ByVal event Sender As Sys-VarListViewitem. Subltems Add(VarGetProcesses. tem Object, ByVal eventArgs As System. EventArgs)HandlesProcesslD(O). ToStringMy Base LoadVarListViewltem. Subitems. Add(Var GetProcessesFile Name(0))Me Show()Command1_ Click(Command1, New System EverEnd IftArgs())Me Command1 Enabled TrueEnd SubSystem. Windows Forms. Cursor. Current SystemPrivate Sub Form2_ Form Closed(ByVal eventSender AsWindows Forms Cursors. ArrowSystem Object, ByVal eventArgs As System. Windows.End SubForms Form Closed EventArgs) Handles Me FormClosedPrivate Sub Command2_Click (By Val eventsender AsVar GetProcesses NothingSystem Object, ByVal eventArgs As System. EventArgs)End SubHandles Command2 ClickPrivate Sub ListView1_ Column Click(By al event SenderMe Close(As System Object, ByVal eventArgs As System. WindowsEnd SubForms. Column Click EventArgs) Handles ListView1 Colum-End ClassMe. ListView1 ListViewltem Sorter New ListViewltem53顯示模塊信息的表單Comparer(eventArgs Column)Me. ListView1 Sorting System Windows Forms. Sor-下面設計一個(gè)被調用的顯示進(jìn)程所引用的cxe、DL文件 torder Ascending等模塊信息的表單,同樣用以說(shuō)明上述進(jìn)程管理類(lèi)的使用方中國煤化工法。首先在Fom1上添加一個(gè) Label控件nme為 Labell,個(gè) Text Box控件name為T(mén)ext1,一↑ Listview控件name為CN MHG(Byal event As30電腦技巧與編程語(yǔ)言……PR0 GRAM LANGUAGE…System Object, Byal eventArgs As System. EventArgs) Handles Command2 ClickHandles Command1. ClickMe Close)System. Windows Forms. Cursor. Current System. End ClassWindows Forms. Cursors. AppStarting54運行效果Me Command1 Enabled False如圖3所示。Me Text1.Text= CStr(Nothing)Me. ListView1 Items ClearIf VarGetProcesses. CanvassModules (al(Form1ListView1. Focusedltem. Subitems(1). Text))= True ThenMe. Text1. TextStr (Var GetProcesses. ModuleCounterFor I =0 To VarGetProcesses Module CounterepMe. ListView1 Items Add(Var GetProcesses. Modu-1,1leName(), owa Thareneea arNext IEnd IfMe Command1 Enabled TrueSystem. Windows Forms. Cursor, Current Sys-測」tem Windows Forms. Cursors. Arrow出nd SubPrivate Sub Command2_Click (ByVal eventSender AsSystem Object, By al eventArgs As System. EventArgs(收稿日期:2010-1007)(上接第14頁(yè))CoLORREF clrCtlText RGB(0, 0, 159);退出4實(shí)驗FILE * agencys: agencys=forcorpus, wt";∥讀出向中的內容保存到文件中使用這個(gè)程序做了大量的人工分詞和詞性標注的實(shí)驗,實(shí)if(agencys==NULL) return驗結果顯示,這個(gè)程序既能夠有效處理簡(jiǎn)體漢字語(yǔ)料,也能夠CStdioFile agents(agencys處理 Unicode編碼的繁體漢字語(yǔ)料,大大提高了人工分詞及詞for( int i=0: i totalLines: i++)性標注的速度和正確率agents. WriteString(linesliD)agents. Close參考文獻(10)小鍵盤(pán)中“檢驗標注”和“強制提交”兩個(gè)命令按鈕的單擊響應消息與“提交標注”相似,對“檢驗標注”[陳小荷,現代漢語(yǔ)自動(dòng)分析— Visual c+實(shí)現[M],北命令按鈕的單擊響應消息的代碼只編寫(xiě)至京:語(yǔ)言文化大學(xué)出版社,2000if( m_ appear I =")2]劉開(kāi)瑛.中文文本自動(dòng)分詞和標注M].北京:商務(wù)印書(shū)Update Data(FALSE)Updatewindow0eturn:〔3] D.S. Malik,著(zhù),晏海華,等,譯,C+編程—數據結構結束即可。與程序設計方法.北京:電子工業(yè)出版社,2003強制提交”命令按紐的單擊響應消息可以復制“提交{4]梁水,王家勝.視頻學(xué) Visual c++.北京:人民郵電出版標注”的代碼,只要去掉上面的這兩行代碼就行了。(11)如果想要使這個(gè)輔助程序更加美觀(guān)一點(diǎn),只要選(收稿日期:2010-10-11)取“ Class View",找到這個(gè)對話(huà)框App類(lèi)的 InitInstance0函數,在 AfxEnable ControlContainer0;下面添加三行代碼即可:中國煤化工CoLORREF clrCtlBk RGB(230, 242, 255):CNMHG3