AltCallingConvention, Library, StdCall, StdCallLibrary
The process status application programming interface (PSAPI) is a helper library that makes it easier for you to obtain information about processes and device drivers.
Verschachtelte Klassen
static class
static class
static class
Felder
boolean
Retrieves the process identifier for each process object in the system.
boolean
The EnumProcessModules function is primarily designed for use by debuggers and similar applications that must extract module information from another process.
If the module list in the target process is corrupted or not yet initialized, or if the module list changes during the function call as a result of DLLs being loaded or unloaded, EnumProcessModules may fail or return incorrect information.
It is a good idea to specify a large array of HMODULE values, because it is hard to predict how many modules there will be in the process at the time you call EnumProcessModules.
To determine if the lphModule array is too small to hold all module handles for the process, compare the value returned in lpcbNeeded with the value specified in cb.
If lpcbNeeded is greater than cb, increase the size of the array and call EnumProcessModules again.
int
Retrieves the fully qualified path for the file containing the specified module.
int
Retrieves the fully qualified path for the file containing the specified module.
int
Retrieves the fully qualified path for the file containing the specified module.
boolean
To get information for the calling process, pass the handle returned by GetCurrentProcess.
The GetModuleInformation function does not retrieve information for modules that were loaded with the LOAD_LIBRARY_AS_DATAFILE flag.
For more information, see LoadLibraryEx.
boolean
int
Retrieves the name of the executable file for the specified process.
boolean
Retrieves extended information about the pages at specific virtual addresses in the address space of the specified process.
Retrieves the fully qualified path for the file containing the specified module.
process - A handle to the process that contains the module.
module - A handle to the module. If this parameter is NULL, GetModuleFileNameEx returns the path of the executable file of the process specified in hProcess.
lpFilename - A pointer to a buffer that receives the fully qualified path to the module. If the size of the file name is larger than the value of the nSize parameter, the function succeeds but the file name is truncated and null-terminated.
nSize - The size of the lpFilename buffer, in characters.
Kernel32Util.getLastErrorMessage().
Retrieves the fully qualified path for the file containing the specified module.
process - A handle to the process that contains the module.
module - A handle to the module. If this parameter is NULL, GetModuleFileNameEx returns the path of the executable file of the process specified in hProcess.
lpFilename - A pointer to a buffer that receives the fully qualified path to the module. If the size of the file name is larger than the value of the nSize parameter, the function succeeds but the file name is truncated and null-terminated.
nSize - The size of the lpFilename buffer, in characters.
Kernel32Util.getLastErrorMessage().
Retrieves the fully qualified path for the file containing the specified module.
process - A handle to the process that contains the module.
module - A handle to the module. If this parameter is NULL, GetModuleFileNameEx returns the path of the executable file of the process specified in hProcess.
lpFilename - A pointer to a buffer that receives the fully qualified path to the module. If the size of the file name is larger than the value of the nSize parameter, the function succeeds but the file name is truncated and null-terminated.
nSize - The size of the lpFilename buffer, in characters.
Kernel32Util.getLastErrorMessage().
The EnumProcessModules function is primarily designed for use by debuggers and similar applications that must extract module information from another process.
If the module list in the target process is corrupted or not yet initialized, or if the module list changes during the function call as a result of DLLs being loaded or unloaded, EnumProcessModules may fail or return incorrect information.
It is a good idea to specify a large array of HMODULE values, because it is hard to predict how many modules there will be in the process at the time you call EnumProcessModules.
To determine if the lphModule array is too small to hold all module handles for the process, compare the value returned in lpcbNeeded with the value specified in cb.
If lpcbNeeded is greater than cb, increase the size of the array and call EnumProcessModules again. To determine how many modules were enumerated by the call to EnumProcessModules, divide the resulting value in the lpcbNeeded parameter by sizeof(HMODULE).
The EnumProcessModules function does not retrieve handles for modules that were loaded with the LOAD_LIBRARY_AS_DATAFILE or similar flags. For more information, see LoadLibraryEx.
Do not call CloseHandle on any of the handles returned by this function. The information comes from a snapshot, so there are no resources to be freed.
If this function is called from a 32-bit application running on WOW64, it can only enumerate the modules of a 32-bit process.
If the process is a 64-bit process, this function fails and the last error code is ERROR_PARTIAL_COPY (299).
To take a snapshot of specified processes and the heaps, modules, and threads used by these processes, use the CreateToolhelp32Snapshot function.
Starting with Windows 7 and Windows Server 2008 R2, Psapi.h establishes version numbers for the PSAPI functions.
The PSAPI version number affects the name used to call the function and the library that a program must load.
If PSAPI_VERSION is 2 or greater, this function is defined as K32EnumProcessModules in Psapi.h and exported in Kernel32.lib and Kernel32.dll.
If PSAPI_VERSION is 1, this function is defined as EnumProcessModules in Psapi.h and exported in Psapi.lib and Psapi.dll as a wrapper that calls K32EnumProcessModules.
Programs that must run on earlier versions of Windows as well as Windows 7 and later versions should always call this function as EnumProcessModules.
To ensure correct resolution of symbols, add Psapi.lib to the TARGETLIBS macro and compile the program with -DPSAPI_VERSION=1.
To use run-time dynamic linking, load Psapi.dll.
hProcess - A handle to the process.
lphModule - An array that receives the list of module handles.
cb - The size of the lphModule array, in bytes.
lpcbNeeded - The number of bytes required to store all module handles in the lphModule array.
To get information for the calling process, pass the handle returned by GetCurrentProcess.
The GetModuleInformation function does not retrieve information for modules that were loaded with the LOAD_LIBRARY_AS_DATAFILE flag.
For more information, see LoadLibraryEx.
Starting with Windows 7 and Windows Server 2008 R2, Psapi.h establishes version numbers for the PSAPI functions.
The PSAPI version number affects the name used to call the function and the library that a program must load.
If PSAPI_VERSION is 2 or greater, this function is defined as K32GetModuleInformation in Psapi.h and exported in Kernel32.lib and Kernel32.dll.
If PSAPI_VERSION is 1, this function is defined as K32GetModuleInformation in Psapi.h and exported in Psapi.lib and Psapi.dll as a wrapper that calls K32GetModuleInformation.
Programs that must run on earlier versions of Windows as well as Windows 7 and later versions should always call this function as K32GetModuleInformation.
To ensure correct resolution of symbols, add Psapi.lib to the TARGETLIBS macro and compile the program with -DPSAPI_VERSION=1.
To use run-time dynamic linking, load Psapi.dll.
hProcess - A handle to the process that contains the module. The handle must have the PROCESS_QUERY_INFORMATION and PROCESS_VM_READ access rights. For more information, see Process Security and Access Rights.
hModule - A handle to the module.
lpmodinfo - A pointer to the MODULEINFO structure that receives information about the module.
cb - The size of the MODULEINFO structure, in bytes.
Retrieves the name of the executable file for the specified process.
hProcess - A handle to the process. The handle must have the PROCESS_QUERY_INFORMATION or PROCESS_QUERY_LIMITED_INFORMATION access right. For more information, see Process Security and Access Rights.
lpImageFileName - A pointer to a buffer that receives the full path to the executable file.
nSize - The size of the lpImageFileName buffer, in characters.
pPerformanceInformation - A pointer to a Psapi.PERFORMANCE_INFORMATION structure that receives the performance information.
cb - The size of the Psapi.PERFORMANCE_INFORMATION structure, in bytes.
Kernel32Util.getLastErrorMessage().
Retrieves the process identifier for each process object in the system.
It is a good idea to use a large array, because it is hard to predict how many processes there will be at the time you call EnumProcesses.
To determine how many processes were enumerated, divide the pBytesReturned value by sizeof(DWORD). There is no indication given when the buffer is too small to store all process identifiers. Therefore, if pBytesReturned equals cb, consider retrying the call with a larger array.
To obtain process handles for the processes whose identifiers you have just obtained, call the OpenProcess function.
lpidProcess - A pointer to an array that receives the list of process identifiers
cb - The size of the lpidProcess array, in bytes.
lpcbNeeded - The number of bytes returned in the pProcessIds array.
Retrieves extended information about the pages at specific virtual addresses in the address space of the specified process.
hProcess - A Handle to the Process
pv - A pointer to an array of PSAPI_WORKING_SET_EX_INFORMATION structures
cb - The size of the pv buffer, in bytes.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4