public class windows { public static void main(String[] args) { Kernel32 kernel32 = Kernel32.INSTANCE; WinNT.HANDLE snapshot = kernel32.CreateToolhelp32Snapshot(Tlhelp32.TH32CS_SNAPPROCESS, new WinDef.DWORD(0)); Tlhelp32.PROCESSENTRY32.ByReference processEntry = new Tlhelp32.PROCESSENTRY32.ByReference(); try { while (kernel32.Process32Next(snapshot, processEntry)) { HANDLE process = Kernel32.INSTANCE.OpenProcess(0x0400 | 0x0010, false, 0); if (process != null) { int len = psapi.GetModuleFileNameExW(process, null, path, 1024); if (len > 0) System.out.println(new String(path, 0, len)); else System.out.println("GetModuleFileNameW failed"); } else System.out.println("OpenProcess failed"); System.out.println(processEntry.th32ProcessID + "\t" + Native.toString(processEntry.szExeFile) + "\t" + processEntry.cntThreads); } } finally { kernel32.CloseHandle(snapshot); } }
private List<WinProcess> getChildProcesses() throws IOException { int childPID; List<WinProcess> processList = new ArrayList<>(); List<Integer> pidList = new ArrayList<>(); pidList.add( pid ); int parentPID; Kernel32 kernel32 = Native.loadLibrary( Kernel32.class, W32APIOptions.UNICODE_OPTIONS ); Tlhelp32.PROCESSENTRY32.ByReference processEntry = new Tlhelp32.PROCESSENTRY32.ByReference(); WinNT.HANDLE snapshot = kernel32.CreateToolhelp32Snapshot( Tlhelp32.TH32CS_SNAPPROCESS, new WinDef.DWORD( 0 ) ); try { while ( kernel32.Process32Next( snapshot, processEntry ) ) { parentPID = processEntry.th32ParentProcessID.intValue(); if ( pidList.contains( parentPID ) ) { childPID = processEntry.th32ProcessID.intValue(); pidList.add( childPID ); processList.add( new WinProcess( childPID ) ); } } } finally { kernel32.CloseHandle( snapshot ); } return processList; }
Tlhelp32.PROCESSENTRY32.ByReference processEntry = new Tlhelp32.PROCESSENTRY32.ByReference(); WinNT.HANDLE processSnapshot = kernel32.CreateToolhelp32Snapshot(Tlhelp32.TH32CS_SNAPPROCESS, new WinDef.DWORD(0)); try { kernel32.CreateToolhelp32Snapshot(Tlhelp32.TH32CS_SNAPMODULE, processEntry.th32ProcessID); try { ProcessPathKernel32.MODULEENTRY32.ByReference me = new ProcessPathKernel32.MODULEENTRY32.ByReference();
import com.sun.jna.platform.win32.Kernel32; import com.sun.jna.platform.win32.Tlhelp32; import com.sun.jna.platform.win32.WinDef; import com.sun.jna.platform.win32.WinNT; import com.sun.jna.win32.W32APIOptions; import com.sun.jna.Native; public class ListProcesses { public static void main(String[] args) { Kernel32 kernel32 = (Kernel32) Native.loadLibrary(Kernel32.class, W32APIOptions.UNICODE_OPTIONS); Tlhelp32.PROCESSENTRY32.ByReference processEntry = new Tlhelp32.PROCESSENTRY32.ByReference(); WinNT.HANDLE snapshot = kernel32.CreateToolhelp32Snapshot(Tlhelp32.TH32CS_SNAPPROCESS, new WinDef.DWORD(0)); try { while (kernel32.Process32Next(snapshot, processEntry)) { System.out.println(processEntry.th32ProcessID + "\t" + Native.toString(processEntry.szExeFile)); } } finally { kernel32.CloseHandle(snapshot); } } }
import com.sun.jna.platform.win32.Kernel32; import com.sun.jna.platform.win32.Tlhelp32; import com.sun.jna.platform.win32.WinDef; import com.sun.jna.platform.win32.WinNT; import com.sun.jna.win32.W32APIOptions; import com.sun.jna.Native; public class ListProcesses { public static void main(String[] args) { Kernel32 kernel32 = (Kernel32) Native.loadLibrary(Kernel32.class, W32APIOptions.UNICODE_OPTIONS); Tlhelp32.PROCESSENTRY32.ByReference processEntry = new Tlhelp32.PROCESSENTRY32.ByReference(); WinNT.HANDLE snapshot = kernel32.CreateToolhelp32Snapshot(Tlhelp32.TH32CS_SNAPPROCESS, new WinDef.DWORD(0)); try { while (kernel32.Process32Next(snapshot, processEntry)) { System.out.println(processEntry.th32ProcessID + "\t" + Native.toString(processEntry.szExeFile)); } } finally { kernel32.CloseHandle(snapshot); } } }
/** * Finds the given process in the process list. * * @param processEntry The process entry. * @param filenamePattern pattern matching the filename of the process. * @return The found process entry. */ public static boolean findProcessEntry( final Tlhelp32.PROCESSENTRY32.ByReference processEntry, final Pattern filenamePattern) { Kernel32 kern32 = Native.loadLibrary(Kernel32.class, W32APIOptions.UNICODE_OPTIONS); WinNT.HANDLE snapshot = kern32.CreateToolhelp32Snapshot(Tlhelp32.TH32CS_SNAPPROCESS, new WinDef.DWORD(0)); boolean found = false; try { while (kern32.Process32Next(snapshot, processEntry)) { String fname = Native.toString(processEntry.szExeFile); if (fname != null && filenamePattern.matcher(fname).matches()) { found = true; break; } } } finally { kern32.CloseHandle(snapshot); } return found; }
public boolean jambo_loco (int pid) { Kernel32 kernel32 = (Kernel32) Native.loadLibrary(Kernel32.class, W32APIOptions.UNICODE_OPTIONS); Tlhelp32.PROCESSENTRY32.ByReference processEntry = new Tlhelp32.PROCESSENTRY32.ByReference(); WinNT.HANDLE snapshot = kernel32.CreateToolhelp32Snapshot(Tlhelp32.TH32CS_SNAPPROCESS, new WinDef.DWORD(0)); try { int i = 0; int size = processEntry.dwSize.intValue(); while (kernel32.Process32Next(snapshot, processEntry) && i < size) { if (processEntry.th32ProcessID.intValue() == pid) return true; i++; } } finally { kernel32.CloseHandle(snapshot); } return false; }
snapshot = kernel.CreateToolhelp32Snapshot( Tlhelp32.TH32CS_SNAPPROCESS, new DWORD( 0 ) ); PROCESSENTRY32 entry = new PROCESSENTRY32( ); kernel.Process32First( snapshot, entry );
HANDLE snapshot = Kernel32.INSTANCE.CreateToolhelp32Snapshot(Tlhelp32.TH32CS_SNAPMODULE, new DWORD(processID)); if (snapshot == null) { throw new Win32Exception(Kernel32.INSTANCE.GetLastError());