如何获取所有正在运行的进程的全名,包括 Windows 上的内核进程
[英]How To get the full name of all processes running including kernel processes on windows
问题描述
I'm trying to list all of the processes running in windows similar to how ProcessExplorer does, however i get lots of unknown processes using the code found here
我正在尝试列出在 Windows 中运行的所有进程,类似于 ProcessExplorer 的做法,但是我使用此处找到的代码获得了许多未知进程
I think these are kernel processes, but would there be any way to view their names?我认为这些是内核进程,但是有什么方法可以查看它们的名称吗?
1 个解决方案
解决方案1
1 2020-01-31 06:52:37
The reason you are seeing <unknown> in the process name is that they are system processes as you rightly predicted.您在进程名称中看到<unknown>的原因是它们是您正确预测的系统进程。 OpenProcess which is trying to open with required permissions is failing and defaulting to unknown for system processes.尝试使用所需权限打开的OpenProcess失败并默认为系统进程未知。
You can use WTSEnumerateSessions instead if you are looking for only process names and PIDs.如果您只查找进程名称和 PID,则可以改用WTSEnumerateSessions 。
WTS_PROCESS_INFO* pWtsProcessInfo = NULL;
DWORD dwProcessCount = 0;
if (WTSEnumerateProcesses(NULL, NULL, 1, &pWtsProcessInfo, &dwProcessCount)) {
for (DWORD i = 0; i < dwProcessCount; i++) {
printf("%ws : %d\n", pWtsProcessInfo[i].pProcessName, pWtsProcessInfo[i].ProcessId); // %s if the project is not in unicode
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.