VC++ 对进程各种操作函数

//获取进程路径
CString GetProcessPath( DWORD idProcess )
{
    // 获取进程路径
    CString sPath;
    // 打开进程句柄
    HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, idProcess );
    if( NULL != hProcess )
    {
        HMODULE hMod;
        DWORD cbNeeded;
        // 获取路径
        if( EnumProcessModules( hProcess, &hMod, sizeof( hMod ), &cbNeeded ) )
        {
            DWORD dw = GetModuleFileNameEx( hProcess, hMod, sPath.
                GetBuffer( MAX_PATH ), MAX_PATH );
            sPath.ReleaseBuffer();
        }
        CloseHandle( hProcess );
    }
    return( sPath );
}

//获取进程优先级
CString GetProcessPriority(HANDLE hProcess)
{
    char sz1[10] = "NORMAL";
    char sz2[10] = "IDLE";
    char sz3[10] = "REALTIME";
    char sz4[10] = "HIGH";
    char sz5[10] = "NULL";
    char sz6[15] = "ABOVENORMAL";
    char sz7[15] = "BELOWNORMAL";
  
    //进程优先级返回
    if(GetPriorityClass(hProcess) == NORMAL_PRIORITY_CLASS)
        return sz1;
    if(GetPriorityClass(hProcess) == IDLE_PRIORITY_CLASS)
        return sz2;
    if(GetPriorityClass(hProcess) == REALTIME_PRIORITY_CLASS)
        return sz3;
    if(GetPriorityClass(hProcess) == HIGH_PRIORITY_CLASS)
        return sz4;
    if(GetPriorityClass(hProcess) == ABOVE_NORMAL_PRIORITY_CLASS)
        return sz6;
    if(GetPriorityClass(hProcess) == BELOW_NORMAL_PRIORITY_CLASS)
        return sz7;
    else
        return sz5;
}

//终止进程主函数
void TerminateProcessID(DWORD dwID)
{
    HANDLE hProcess = NULL;
    //打开进程句柄
    hProcess = OpenProcess(PROCESS_TERMINATE,FALSE,dwID);
    if(hProcess != NULL)
    {
        //终止进程
        TerminateProcess(hProcess,0);
        ::CloseHandle(hProcess);
    }
}

//获取进程快照
void GetProcessInfo()
{
    SHFILEINFO shSmall;
    int nIndex;
    CString str;
    //声明进程信息变量
    PROCESSENTRY32 ProcessInfo;
    //获取系统中的所有进程信息
    HANDLE SnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
    if(SnapShot != NULL)
    {
        m_ListCtrl.DeleteAllItems();
        //设置ProcessInfo的大小
        ProcessInfo.dwSize = sizeof(PROCESSENTRY32);
        //返回系统中第一个进程的信息
        BOOL Status = Process32First(SnapShot,&ProcessInfo);
        //进程计数
        int m_nProcess = 0;
        while(Status)
        {
            m_nProcess++;
            ZeroMemory(&shSmall,sizeof(shSmall));
            //获取进程文件的信息
            SHGetFileInfo(ProcessInfo.szExeFile,0,&shSmall,
                sizeof(shSmall),SHGFI_ICON|SHGFI_SMALLICON);
            //在列表控件中添加映像名称
            nIndex = m_ListCtrl.InsertItem(m_nProcess,ProcessInfo.szExeFile);
            //在列表控件中添加进程PID
            str.Format("%08X",ProcessInfo.th32ProcessID);
            m_ListCtrl.SetItemText(nIndex,1,str);
            //在列表控件中添加进程的父进程PID
            str.Format("%08X",ProcessInfo.th32ParentProcessID);
            m_ListCtrl.SetItemText(nIndex,2,str);
            //获取进程路径
            str = GetProcessPath(ProcessInfo.th32ProcessID);
            m_ListCtrl.SetItemText(nIndex,3,str);
            //获取下一个进程信息
            Status = Process32Next(SnapShot,&ProcessInfo);
        }
    }
    else
        MessageBox("获取进程信息失败!");
}

//获取模块快照
void GetProcessModule(DWORD dwID)
{
    MODULEENTRY32 me32;
    int nIndex;
    CString str;
  
    // 在使用这个结构之前，先设置它的大小
    me32.dwSize = sizeof(me32);
  
    // 给进程内所有模块拍一个快照
    HANDLE hModuleSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwID);
    if(hModuleSnap == INVALID_HANDLE_VALUE)
    {
        //建立快照失败
        MessageBox("获取模块信息失败!", "提示", MB_OK|MB_ICONWARNING);
        return;
    }
  
    // 遍历模块快照，轮流显示每个模块的信息
    BOOL bMore = Module32First(hModuleSnap, &me32);
    int m_nModule = 0;
    while(bMore)
    {
        m_nModule++;
        nIndex = m_listmod.InsertItem(m_nModule, me32.szExePath);//模块路径
        str.Format("%u", me32.modBaseSize);//模块大小
        m_listmod.SetItemText(nIndex,1,str);
        bMore = Module32Next(hModuleSnap, &me32);
    }
    // 不要忘记清除掉snapshot对象
    CloseHandle(hModuleSnap);
}

//
// FindProcess
// 这个函数唯一的参数是你指定的进程名，如:你的目标进程
// 是 "Notepad.exe",返回值是该进程的ID，失败返回0
//

DWORD FindProcess(char *strProcessName)
{
    DWORD aProcesses[1024], cbNeeded, cbMNeeded;
    HMODULE hMods[1024];
    HANDLE hProcess;
    char szProcessName[MAX_PATH];
  
    if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) ) return 0;
    for(int i=0; i< (int) (cbNeeded / sizeof(DWORD)); i++)
    {
        //_tprintf(_T("%d "), aProcesses[i]);
        hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
            FALSE, aProcesses[i]);
        EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbMNeeded);
        GetModuleFileNameEx( hProcess, hMods[0], szProcessName,sizeof(szProcessName));
      
        if(strstr(szProcessName, strProcessName))
        {
            //_tprintf(_T("%s;"), szProcessName);
            return(aProcesses[i]);
        }
        //_tprintf(_T(" "));
    }
    return 0;
}

//
// KillProcess
// 此函数中用上面的 FindProcess 函数获得你的目标进程的ID
// 用WIN API OpenPorcess 获得此进程的句柄，再以TerminateProcess
// 强制结束这个进程
//

VOID KillProcess()
{
    // When the all operation fail this function terminate the "winlogon" Process for force exit the system.
    HANDLE hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE,
        FindProcess("YourTargetProcess.exe"));
  
    if(hYourTargetProcess == NULL)
    {
        return;
    }
  
    TerminateProcess(hProcess, 0);
    CloseHandle(hProcess);
  
    return;
}

版权声明：本文为博主原创文章，未经博主允许不得转载。