#include "windows.h"
#include <conio.h>
#include <stdio.h>
#include <tchar.h>
#include <tlhelp32.h>
#include <psapi.h>
#pragma comment(linker,"/subsystem:\"console\" /entry:\"mainCRTStartup\"") //设置入口地址
void main(void)
{
HANDLE hProcess;
HANDLE hModule;
BOOL report;
PROCESSENTRY32 pinfo;
MODULEENTRY32 minfo;
TCHAR shortpath[256];
TCHAR* lpPart[256]={NULL};
hProcess=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
pinfo.dwSize =sizeof(PROCESSENTRY32);
minfo.dwSize =sizeof(MODULEENTRY32);
report=Process32First(hProcess,&pinfo);
while(report)
{
RtlZeroMemory(&shortpath,256);
hModule=CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,pinfo.th32ProcessID);
Module32First(hModule, &minfo);
printf("%20s --- %20s\n",pinfo.szExeFile,minfo.szExePath);
report=Process32Next(hProcess,&pinfo);
}
}
、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、
得到的结果如下所示,怎么有一部分的模块只有名字,没有路径呢
[System Process] --- D:\mytest\Debug\mytest.exe
System --- System
smss.exe --- smss.exe
csrss.exe --- csrss.exe
winlogon.exe --- winlogon.exe
SERVICES.EXE --- SERVICES.EXE
LSASS.EXE --- LSASS.EXE
SVCHOST.EXE --- SVCHOST.EXE
SVCHOST.EXE --- SVCHOST.EXE
SVCHOST.EXE --- SVCHOST.EXE
SVCHOST.EXE --- SVCHOST.EXE
SVCHOST.EXE --- SVCHOST.EXE
SPOOLSV.EXE --- SPOOLSV.EXE
MDM.EXE --- MDM.EXE
sqlservr.exe --- sqlservr.exe
EXPLORER.EXE --- C:\WINDOWS\Explorer.EXE
nod32krn.exe --- nod32krn.exe
WDFMGR.EXE --- WDFMGR.EXE
dllhost.exe --- dllhost.exe
alg.exe --- alg.exe
msdtc.exe --- msdtc.exe
wscntfy.exe --- C:\WINDOWS\system32\wscntfy.exe
nod32kui.exe --- C:\Program Files\Eset\nod32kui.exe
CTFMON.EXE --- C:\WINDOWS\system32\ctfmon.exe
sqlmangr.exe --- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
iexplore.exe --- C:\Program Files\Internet Explorer\iexplore.exe
PinyinUp.exe --- C:\Program Files\SogouInput\PinyinUp.exe
iexplore.exe --- C:\Program Files\Internet Explorer\IEXPLORE.EXE
MSDEV.EXE --- C:\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin\MSDEV.EXE
conime.exe --- C:\WINDOWS\system32\conime.exe
cmd.exe --- C:\WINDOWS\system32\cmd.exe
SVCHOST.EXE --- SVCHOST.EXE
QQ.exe --- D:\QQ\QQ.exe
realsched.exe --- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
iexplore.exe --- C:\Program Files\Internet Explorer\IEXPLORE.EXE
mytest.exe --- D:\mytest\Debug\mytest.exe
[课程]FART 脱壳王!加量不加价!FART作者讲授!