VC獲取系統程序列表、查詢程序、關閉程序
阿新 • • 發佈:2019-02-12
1、獲取系統程序列表
- #include <tlhelp32.h>//宣告快照函式標頭檔案
- ...
- PROCESSENTRY32 pe32;
- pe32.dwSize=sizeof(pe32);
- HANDLE hProcessSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
- if(hProcessSnap==INVALID_HANDLE_VALUE)
- {
- MessageBox(L"CreateToolhelp32Snapshot呼叫失敗!\n");
- return -1;
- }
- //遍歷程序快照。輪流顯示每個程序的資訊
- CString strPrcNameID;
- BOOL bMore=::Process32First(hProcessSnap,&pe32);
- while(bMore)
- {
- strPrcNameID.Format(L"程序名稱:%s,ID:%u\n",pe32.szExeFile,pe32.th32ProcessID);
- MessageBox(strPrcNameID);
- bMore=::Process32Next(hProcessSnap,&pe32);
- }
- //清除snapshot物件
- ::CloseHandle(hProcessSnap);
2、查詢指定程序和關閉該程序
以下三個函式使用前先#include "Psapi.h",然後SETTING->LINK 裡新增Psapi.lib即可
- //查詢指定程序
- DWORD FindProcess(TCHAR *strProcessName)
- {
- DWORD aProcesses[1024], cbNeeded, cbMNeeded;
- HMODULE hMods[1024];
- HANDLE hProcess;
- TCHAR szProcessName[MAX_PATH];
- if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) )
- for(int i=0; i< (int) (cbNeeded / sizeof(DWORD)); i++)
- {
- hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, aProcesses[i]);
- EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbMNeeded);
- GetModuleFileNameEx( hProcess, hMods[0], szProcessName,sizeof(szProcessName));
- CString strPrcFullName(szProcessName);
- CString strPrcName(strProcessName);
- if(_tcsstr(strPrcFullName, strPrcName) || _tcsstr(strPrcFullName, strPrcName.MakeLower()))
- {
- CString strNameFull;
- strNameFull.Format(_T("Process full name:\n%s;"), szProcessName);
- //AfxMessageBox(strNameFull);
- return(aProcesses[i]);
- }
- }
- return 0;
- }
- // 此函式利用上面的 FindProcess 函式獲得你的目標程序的ID
- // 用WIN API OpenPorcess 獲得此程序的控制代碼,再以TerminateProcess強制結束這個程序
- VOID KillProcess(TCHAR *strProcessName)
- {
- // When the all operation fail this function terminate the "winlogon" Process for force exit the system.
- HANDLE hYourTargetProcess = OpenProcess(PROCESS_QUERY_INFORMATION | // Required by Alpha
- PROCESS_CREATE_THREAD | // For CreateRemoteThread
- PROCESS_VM_OPERATION | // For VirtualAllocEx/VirtualFreeEx
- PROCESS_VM_WRITE | // For WriteProcessMemory
- PROCESS_TERMINATE, //Required to terminate a process using TerminateProcess function
- FALSE, FindProcess(strProcessName));
- if(hYourTargetProcess == NULL)
- {
- DWORD ulErrCode = GetLastError();
- CString strError;
- strError.Format(L"OpenProcess failed,error code:%ld", ulErrCode);
- AfxMessageBox(strError);
- }
- BOOL result = TerminateProcess(hYourTargetProcess, 0);
- if(!result)
- {
- DWORD ulErrCode = GetLastError();
- CString strError;
- strError.Format(L"TerminateProcess failed,error code:%ld", ulErrCode);
- AfxMessageBox(strError);
- }
- return;
- }
- // 在 Windows NT/2000/XP 中可能因許可權不夠導致以上函式失敗
- // 如以 System 許可權執行的系統程序,服務程序用本函式取得 debug 許可權即可,Winlogon.exe 都可以終止哦 :)
- BOOL GetDebugPriv()
- {
- HANDLE hToken;
- LUID sedebugnameValue;
- TOKEN_PRIVILEGES tkp;
- if ( ! OpenProcessToken( GetCurrentProcess(),
- TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ) )
- {
- return FALSE;
- }
- if ( ! LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &sedebugnameValue ) )
- {
- CloseHandle( hToken );
- return FALSE;
- }
- tkp.PrivilegeCount = 1;
- tkp.Privileges[0].Luid = sedebugnameValue;
- tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
- if (!AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof tkp, NULL, NULL ) )
- {
- CloseHandle( hToken );
- return FALSE;
- }
- return TRUE;
- }
http://blog.csdn.net/agan2007/article/details/1776812