//获取进程路径
CString GetProcessPath( DWORD idProcess )
{
// 获取进程路径
CString sPath;
// 打开进程句柄
HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, idProcess );
if( NULL != hProcess )
{
HMODULE hMod;
DWORD cbNeeded;
// 获取路径
if( EnumProcessModules( hProcess, &hMod, sizeof( hMod ), &cbNeeded ) )
{
DWORD dw = GetModuleFileNameEx( hProcess, hMod, sPath.
GetBuffer( MAX_PATH ), MAX_PATH );
sPath.ReleaseBuffer();
}
CloseHandle( hProcess );
}
return( sPath );
}

//获取进程优先级
CString GetProcessPriority(HANDLE hProcess)
{
char sz1[10] = "NORMAL";
char sz2[10] = "IDLE";
char sz3[10] = "REALTIME";
char sz4[10] = "HIGH";
char sz5[10] = "NULL";
char sz6[15] = "ABOVENORMAL";
char sz7[15] = "BELOWNORMAL";

//进程优先级返回
if(GetPriorityClass(hProcess) == NORMAL_PRIORITY_CLASS)
return sz1;
if(GetPriorityClass(hProcess) == IDLE_PRIORITY_CLASS)
return sz2;
if(GetPriorityClass(hProcess) == REALTIME_PRIORITY_CLASS)
return sz3;
if(GetPriorityClass(hProcess) == HIGH_PRIORITY_CLASS)
return sz4;
if(GetPriorityClass(hProcess) == ABOVE_NORMAL_PRIORITY_CLASS)
return sz6;
if(GetPriorityClass(hProcess) == BELOW_NORMAL_PRIORITY_CLASS)
return sz7;
else
return
sz5;
}

//终止进程主函数
void TerminateProcessID(DWORD dwID)
{
HANDLE hProcess = NULL;
//打开进程句柄
hProcess = OpenProcess(PROCESS_TERMINATE,FALSE,dwID);
if(hProcess != NULL)
{
//终止进程
TerminateProcess(hProcess,0);
::
CloseHandle(hProcess);
}
}

//获取进程快照
void GetProcessInfo()
{
SHFILEINFO shSmall;
int nIndex;
CString str;
//声明进程信息变量
PROCESSENTRY32 ProcessInfo;
//获取系统中的所有进程信息
HANDLE SnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
if(SnapShot != NULL)
{
m_ListCtrl.DeleteAllItems();
//设置ProcessInfo的大小
ProcessInfo.dwSize = sizeof(PROCESSENTRY32);
//返回系统中第一个进程的信息
BOOL Status = Process32First(SnapShot,&ProcessInfo);
//进程计数
int m_nProcess = 0;
while(Status)
{
m_nProcess++;
ZeroMemory(&shSmall,sizeof(shSmall));
//获取进程文件的信息
SHGetFileInfo(ProcessInfo.szExeFile,0,&shSmall,
sizeof(shSmall),SHGFI_ICON|SHGFI_SMALLICON);
//在列表控件中添加映像名称
nIndex = m_ListCtrl.InsertItem(m_nProcess,ProcessInfo.szExeFile);
//在列表控件中添加进程PID
str.Format("%08X",ProcessInfo.th32ProcessID);
m_ListCtrl.SetItemText(nIndex,1,str);
//在列表控件中添加进程的父进程PID
str.Format("%08X",ProcessInfo.th32ParentProcessID);
m_ListCtrl.SetItemText(nIndex,2,str);
//获取进程路径
str = GetProcessPath(ProcessInfo.th32ProcessID);
m_ListCtrl.SetItemText(nIndex,3,str);
//获取下一个进程信息
Status = Process32Next(SnapShot,&ProcessInfo);
}
}
else
MessageBox("获取进程信息失败!");
}

//获取模块快照
void GetProcessModule(DWORD dwID)
{
MODULEENTRY32 me32;
int nIndex;
or="#000000">CString str;

// 在使用这个结构之前,先设置它的大小
me32.dwSize = sizeof(me32);

// 给进程内所有模块拍一个快照
HANDLE hModuleSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwID);
if(hModuleSnap == INVALID_HANDLE_VALUE)
{
//建立快照失败
MessageBox("获取模块信息失败!", "提示", MB_OK|MB_ICONWARNING);
return;
}

// 遍历模块快照,轮流显示每个模块的信息
BOOL bMore = Module32First(hModuleSnap, &me32);
int m_nModule = 0;
while(bMore)
{
m_nModule++;
nIndex = m_listmod.InsertItem(m_nModule, me32.szExePath);//模块路径
str.Format("%u", me32.modBaseSize);//模块大小
m_listmod.SetItemText(nIndex,1,str);
bMore = Module32Next(hModuleSnap, &me32);
}
// 不要忘记清除掉snapshot对象
CloseHandle(hModuleSnap);
}

//
// FindProcess
// 这个函数唯一的参数是你指定的进程名,如:你的目标进程
// 是 "Notepad.exe",返回值是该进程的ID,失败返回0
//

DWORD FindProcess(char *strProcessName)
{
DWORD aProcesses[1024], cbNeeded, cbMNeeded;
HMODULE hMods[1024];
HANDLE hProcess;
char szProcessName[MAX_PATH];

if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) ) return 0;
for(int i=0; i< (int) (cbNeeded / sizeof(DWORD)); i++)
{
//_tprintf(_T("%d "), aProcesses[i]);
hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE, aProcesses[i]);
EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbMNeeded);
GetModuleFileNameEx( hProcess, hMods[0], szProcessName,sizeof(szProcessName));

if(strstr(szProcessName, st
rProcessName
))
{
//_tprintf(_T("%s;"), szProcessName);
return(aProcesses[i]);
}
//_tprintf(_T(" "));
}
return 0;
}

//
// KillProcess
// 此函数中用上面的 FindProcess 函数获得你的目标进程的ID
// 用WIN API OpenPorcess 获得此进程的句柄,再以TerminateProcess
// 强制结束这个进程
//

VOID KillProcess()
{
// When the all operation fail this function terminate the "winlogon" Process for force exit the system.
HANDLE hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE,
FindProcess("YourTargetProcess.exe"));

if(hYourTargetProcess == NULL)
{
return;
}

TerminateProcess(hProcess, 0);
CloseHandle(hProcess);

return;
}
 
目前有0条回应
Comment
Trackback
你目前的身份是游客,请输入昵称和电邮!