进程名称中的应用程序名称 | 进程名称中的应用程序名称

本文介绍了进程名称中的应用程序名称的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

Hii ..
每当用户运行任何应用程序时，我都想让事件获取应用程序名称.
到目前为止，我已经从
找到了医学博士.拉希姆·乌丁(Rashim uddin)

Hii..
I want to make and event to get the application name whenever user runs any application.
so far i''ve found this from
Md. Rashim uddin

public partial class Form1 : Form
    {
        public System.Management.ManagementEventWatcher mgmtWtch;

        public Form1()
        {
            InitializeComponent();
            mgmtWtch = new System.Management.ManagementEventWatcher("Select * From Win32_ProcessStartTrace");
            mgmtWtch.EventArrived += new System.Management.EventArrivedEventHandler(mgmtWtch_EventArrived);
            mgmtWtch.Start();
        }

        private void mgmtWtch_EventArrived(object sender, System.Management.EventArrivedEventArgs e)
        {
            MessageBox.Show((string)e.NewEvent["ProcessName"]);
        }
    }

这获得了进程名称，但我想要应用程序名称...
是否有任何方法可以从进程名称中获取该信息.

this get the process name but i want the application name...
is there is any way to get that from process name..

thanks for your time.

推荐答案

#include <cstdio>
#include <windows.h>
#include <tlhelp32.h>

int main( int, char *[] )
{
 PROCESSENTRY32 entry;
 entry.dwSize = sizeof(PROCESSENTRY32);

 HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);

 if (Process32First(snapshot, &entry) == TRUE)
 {
  while (Process32Next(snapshot, &entry) == TRUE)
  {
   char buffer[512] = {0,};
   DWORD bufferSize = sizeof(buffer) - 1;
   HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, entry.th32ProcessID);

   QueryFullProcessImageName(hProcess,PROCESS_NAME_NATIVE,buffer,&bufferSize);

   CloseHandle(hProcess);
  }
 }

 CloseHandle(snapshot);

 return 0;
}

PROCESSENTRY32结构的szExeFile成员并不总是包含完整路径.

所有功能都记录在MSDN 进程和线程函数 [ ^ ]

工具帮助功能 [ ^ ]

PsSetCreateProcessNotifyRoutine [ ^ ]是从NTOSKRNL导出的，并且仅对驱动程序可用-上面引用的文章介绍了如何在启动进程时如何从驱动程序向用户进程发送通知.

显然，遵循Mikas示例更容易-只需使用计时器并每10秒左右执行一次即可.

最好的问候
Espen Harlinn

The szExeFile member of the PROCESSENTRY32 structure does not always contain the full path.

All of the functions are documented in MSDN Process and Thread Functions[^]

Tool Help Functions[^]

PsSetCreateProcessNotifyRoutine[^] is exported from NTOSKRNL and only available to drivers - the article refered to above explains how you can get a notification from your driver to a user process whenever a process is started.

Obviously it''s easier to follow Mikas example - just use a timer and execute it every 10 seconds or so.

Best regards
Espen Harlinn

这篇关于进程名称中的应用程序名称的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！