获取当前进程是否是其它进程的子进程(这边如当前进程是否是Excel的)
// 获得当前进程信息
1 HMODULE hModule = LoadLibrary(L"NTdll.dll"); 2 if (hModule) 3 { 4 NTSTATUS (__stdcall *NtQueryInformationProcess) ( 5 IN HANDLE ProcessHandle, 6 IN PROCESSINFOCLASS ProcessInformationClass, 7 OUT PVOID ProcessInformation, 8 IN ULONG ProcessInformationLength, 9 OUT PULONG ReturnLength OPTIONAL 10 ); 11 12 (FARPROC &)NtQueryInformationProcess = GetProcAddress(hModule, "NtQueryInformationProcess"); 13 if (NtQueryInformationProcess) 14 { 15 DWORD dwProcessID = GetCurrentProcessId(); 16 17 HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,dwProcessID); 18 if( NULL != hProcess ) 19 { 20 LONG status; 21 PROCESS_BASIC_INFORMATION pbi; 22 status = NtQueryInformationProcess( hProcess,ProcessBasicInformation,(PVOID)&pbi,sizeof(PROCESS_BASIC_INFORMATION),NULL ); 23 if (!status) 24 { 25 g_bParentIsNotEXCEL_EXE = isNotEXCEL_EXE( ( DWORD )pbi.Reserved3 ); // pbi.Reserved3中也是进程信息 26 } 27 } 28 } 29 }
// 获取进程的名称,如EXCEL.EXE。
// To retrieve the full path to the executable file。
// 1.使用CreateToolhelp32Snapshot(),并传入TH32CS_SNAPMODULE
// 2.call the Module32First function and check the szExePath member of the MODULEENTRY32 structure that is returned. However, if the calling process is a 32-bit process, you must call the QueryFullProcessImageName function to retrieve the full path of the executable file for a 64-bit process.
// To enumerate the heap or module states for all processes, specify TH32CS_SNAPALL and set th32ProcessID to zero. Then, for each additional process in the snapshot, call CreateToolhelp32Snapshot again, specifying its process identifier and the TH32CS_SNAPHEAPLIST or TH32_SNAPMODULE value.
1 BOOL g_bParentIsNotEXCEL_EXE = FALSE; 2 BOOL isNotEXCEL_EXE( DWORD dwProcessID ) 3 { 4 HANDLE hProcessSnap; 5 PROCESSENTRY32 pe32; 6 7 // Take a snapshot of all processes in the system. 8 hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 ); 9 if( hProcessSnap == INVALID_HANDLE_VALUE ) 10 { 11 return( FALSE ); 12 } 13 14 // Set the size of the structure before using it. 15 pe32.dwSize = sizeof( PROCESSENTRY32 ); 16 17 // Retrieve information about the first process, and exit if unsuccessful 18 if( !Process32First( hProcessSnap, &pe32 ) ) 19 { 20 CloseHandle( hProcessSnap ); // Must clean up the snapshot object! 21 return( FALSE ); 22 } 23 24 // Now walk the snapshot of processes, and display information about each process in turn 25 do 26 { 27 28 if( pe32.th32ProcessID == dwProcessID ) 29 { 30 CString strExeFile = pe32.szExeFile; 31 //AfxMessageBox( strExeFile); 32 strExeFile.MakeUpper(); 33 if( strExeFile != _T("EXCEL.EXE") && strExeFile != _T("MATLAB.EXE")) 34 { 35 CloseHandle( hProcessSnap ); // Must clean up the snapshot object! 36 return TRUE; 37 } 38 break; 39 } 40 } while( Process32Next( hProcessSnap, &pe32 ) ); 41 CloseHandle( hProcessSnap ); // Must clean up the snapshot object! 42 return FALSE; 43 }