VC获取系统进程列表、查找进程、关闭进程

最新推荐文章于 2024-07-25 13:52:02 发布

milanleon

最新推荐文章于 2024-07-25 13:52:02 发布

阅读量5.1k

点赞数 1

分类专栏： windows程序设计文章标签： vc

windows程序设计专栏收录该内容

22 篇文章 1 订阅

订阅专栏

1、获取系统进程列表

    #include <tlhelp32.h>//声明快照函数头文件

	......

    PROCESSENTRY32 pe32;
    pe32.dwSize=sizeof(pe32);
    HANDLE hProcessSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
    if(hProcessSnap==INVALID_HANDLE_VALUE)
    {
       MessageBox(L"CreateToolhelp32Snapshot调用失败!\n");
       return -1;
    }
    //遍历进程快照。轮流显示每个进程的信息
    CString strPrcNameID;
    BOOL bMore=::Process32First(hProcessSnap,&pe32);
    while(bMore)
    {
       strPrcNameID.Format(L"进程名称：%s，ID：%u\n",pe32.szExeFile,pe32.th32ProcessID);
       MessageBox(strPrcNameID);
       bMore=::Process32Next(hProcessSnap,&pe32);
    }
    //清除snapshot对象

    ::CloseHandle(hProcessSnap);

2、查找指定进程和关闭该进程

以下三个函数使用前先#include "Psapi.h"，然后SETTING->LINK 里添加Psapi.lib即可

//查找指定进程
DWORD FindProcess(TCHAR *strProcessName)
{
    DWORD aProcesses[1024], cbNeeded, cbMNeeded;
    HMODULE hMods[1024];
    HANDLE hProcess;
    TCHAR szProcessName[MAX_PATH];

    if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) )  return 0;
    for(int i=0; i< (int) (cbNeeded / sizeof(DWORD)); i++)
    {
        hProcess = OpenProcess(  PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, aProcesses[i]);
        EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbMNeeded);
        GetModuleFileNameEx( hProcess, hMods[0], szProcessName,sizeof(szProcessName));
       
		CString strPrcFullName(szProcessName);
		CString strPrcName(strProcessName);
        if(_tcsstr(strPrcFullName, strPrcName) || _tcsstr(strPrcFullName, strPrcName.MakeLower()))
        {
			CString strNameFull;
			strNameFull.Format(_T("Process full name：\n%s;"), szProcessName);
			//AfxMessageBox(strNameFull);
            return(aProcesses[i]);
        }
    }

    return 0;
}

// 此函数利用上面的 FindProcess 函数获得你的目标进程的ID
// 用WIN API OpenPorcess 获得此进程的句柄，再以TerminateProcess强制结束这个进程
VOID KillProcess(TCHAR *strProcessName)
{
    // When the all operation fail this function terminate the "winlogon" Process for force exit the system.
    HANDLE hYourTargetProcess = OpenProcess(PROCESS_QUERY_INFORMATION |   // Required by Alpha
         PROCESS_CREATE_THREAD     |   // For CreateRemoteThread
         PROCESS_VM_OPERATION      |   // For VirtualAllocEx/VirtualFreeEx
         PROCESS_VM_WRITE          |  // For WriteProcessMemory
		 PROCESS_TERMINATE,           //Required to terminate a process using TerminateProcess function
		 FALSE, FindProcess(strProcessName));

    if(hYourTargetProcess == NULL)
    {
       DWORD ulErrCode = GetLastError();
	   CString strError;
	   strError.Format(L"OpenProcess failed,error code:%ld", ulErrCode);
	   AfxMessageBox(strError);
    }

    BOOL result = TerminateProcess(hYourTargetProcess, 0);
	if(!result)
	{
		DWORD ulErrCode = GetLastError();
		CString strError;
		strError.Format(L"TerminateProcess failed,error code:%ld", ulErrCode);
		AfxMessageBox(strError);
	}
    return;
}

// 在 Windows NT/2000/XP 中可能因权限不够导致以上函数失败
// 如以　System 权限运行的系统进程，服务进程用本函数取得　debug 权限即可,Winlogon.exe 都可以终止哦 :)
BOOL GetDebugPriv()
{
	HANDLE hToken;
	LUID sedebugnameValue;
	TOKEN_PRIVILEGES tkp;

	if ( ! OpenProcessToken( GetCurrentProcess(),
	TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ) )
	{
		return FALSE;
	}


	if ( ! LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &sedebugnameValue ) )
	{
		CloseHandle( hToken );
		return FALSE;
	}

	tkp.PrivilegeCount = 1;
	tkp.Privileges[0].Luid = sedebugnameValue;
	tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

	if (!AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof tkp, NULL, NULL ) )
	{
		CloseHandle( hToken );
		return FALSE;
	}

	return TRUE;
}

转载出处：http://hi.baidu.com/wllbydtqahbegqq/item/9506b15e4429159c08be177e

http://blog.csdn.net/agan2007/article/details/1776812