Python: 查找进程ID及映像名称

#!/usr/bin/env python
# -*- coding: gb2312 -*-
#导入相关的模块
 
#-----------------------------获取当前进程信息函数---------------------------------
 
class _PROCESS_MEMORY_COUNTERS(Structure):
    _fields_ = [("cb", c_long),
                ("PageFaultCount", c_long),
                ("PeakWorkingSetSize", c_long),
                ("WorkingSetSize", c_long),
                ("QuotaPeakPagedPoolUsage", c_long),
                ("QuotaPagedPoolUsage", c_long),
                ("QuotaPeakNonPagedPoolUsage", c_long),
                ("QuotaNonPagedPoolUsage", c_long),
                ("PagefileUsage", c_long),
                ("PeakPagefileUsage", c_long)]
    def __init__(self, *args, **kw):
        super(_PROCESS_MEMORY_COUNTERS, self).__init__(*args, **kw)
        self.cb = sizeof(self)
 
def GetProcessInfo():
    #print "查询进程"
    arr = c_ulong * 256
    lpidProcess= arr()
    cb = sizeof(lpidProcess)
    cbNeeded = c_ulong()
    cbNeeded = c_ulong()
    hModule = c_ulong()
    count = c_ulong()
 
    #PSAPI.DLL
    psapi = windll.psapi
    #Kernel32.DLL
    kernel = windll.kernel32
    modname = c_buffer(30)
    PROCESS_QUERY_INFORMATION = 0x0400
    PROCESS_VM_READ = 0x0010
   
    #Call Enumprocesses to get hold of process id's
    psapi.EnumProcesses(byref(lpidProcess),
                        cb,
                        byref(cbNeeded))
 
    #Number of processes returned
    nReturned = cbNeeded.value/sizeof(c_ulong())
   
    pid = [i for i in lpidProcess][:nReturned]
    counters = _PROCESS_MEMORY_COUNTERS()
    for id in pid:
       
        #Get handle to the process based on PID
        hProcess = kernel.OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, False, id)
        if hProcess:
            psapi.EnumProcessModules(hProcess, byref(hModule), sizeof(hModule), byref(count))
            psapi.GetModuleBaseNameA(hProcess, hModule.value, modname, sizeof(modname))
            b = "".join( [ i for i in modname if i != '\x00'] )
            #print b
            b0 = (b.lower()).split('.')       
            if b0[0] == "qq":
                print "qq"
                #AppInfo.app_pid['GPRS数据传输'] = id
            kernel.CloseHandle(hProcess)  
函数里变量PID里保存的是进程的ID。 for循环是得到了每一个PID对应的映像名称b，注意b是字符串，对于系统进程，b的内容一般是没有问题的，如： b = "smss.exe"  或  b = "svchost.exe" 但是对于一些应用程序，则得到的b的名称就有些奇怪了，如：  b = "USBKeyTools.exexe.exe"  还有 b = "QQ.exexe.exe"， 当然这中情况并不是总是出现，有些情况下会正常显示。 因此当你根据映像名称判断某程序是否运行时，不能单单只考虑b里面的内容正常的情况，最后我采用的方式如程序中紫色字体的所示。   b0 = (b.lower()).split('.')       
            if b0[0] == "qq":
                print "qq"
                #AppInfo.app_pid['GPRS数据传输'] = id
欢迎讨论python相关知识。