进程序名得到进程ID和句柄与进程的公司名（使用快照和GetPeFileCompany和VerQueryValueW等函数）

WORD  GetProcessIdByName(WCHAR *processName)
{


DWORD processId = 0;
HANDLE hProcessSnap=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
if(hProcessSnap==INVALID_HANDLE_VALUE)
{
return 0;
}


PROCESSENTRY32 pe32;
pe32.dwSize = sizeof(PROCESSENTRY32);


BOOL bMore=Process32First(hProcessSnap,&pe32);
if(!bMore) 
{
goto __END;
}


do 
{
if(_wcsicmp(pe32.szExeFile,processName) == 0)
{
if( _wcsicmp(pe32.szExeFile,processName/*GetProcessUserName(pe32.th32ProcessID),L"SYSTEM"*/) == 0)
{
processId = pe32.th32ProcessID;
break;
}


}
} while(Process32Next(hProcessSnap,&pe32));


__END:


CloseHandle(hProcessSnap);
return processId;
}

HANDLE ht = OpenProcess( PROCESS_ALL_ACCESS,FALSE,processId);

//进程序公司名：
#pragma comment(lib,"Version.lib")

//进程路径  名子
void GetPeFileCompany(WCHAR* file_path,WCHAR*&path) {
DWORD useless;
DWORD info_size = GetFileVersionInfoSizeW(file_path, &useless);
if (info_size > 0) {
BYTE *data_buffer = new BYTE[info_size*2/*+1*/];
ZeroMemory(data_buffer,info_size*2);
if (data_buffer!=NULL) {
if (GetFileVersionInfoW(file_path, 0, info_size*2, data_buffer)) {
void* data_ptr;
UINT data_len;
if (VerQueryValueW(data_buffer, L"\VarFileInfo\Translation", &data_ptr, &data_len)) {
const WORD* ver_data = reinterpret_cast<const WORD*>(data_ptr);
WCHAR fp_key[MAX_PATH]={0};
wsprintf(fp_key,L"\StringFileInfo\%04x%04x\CompanyName",
ver_data[0], ver_data[1]);
if(VerQueryValueW(data_buffer, fp_key, &data_ptr, &data_len)) {
path = new WCHAR[data_len];
memcpy(path,data_ptr,data_len*2);
if (data_buffer != NULL)
{
delete []data_buffer;
data_buffer = NULL;
}
}
}
}
}
}
}
WCHAR *ppp = NULL;
GetPeFileCompany(tp.GetBuffer(),ppp);
AfxMessageBox(ppp);
if (ppp != NULL)
{
delete []ppp;
ppp = NULL;
}

http://blog.csdn.net/yjwffgip456/article/details/11079823