VC获取进程的cpu使用率、内存、线程数、句柄数等信息
2024-05-29 15:37:21
//ProcessInfoCollect.h
//进程信息采集#pragma once//枚举进程
typedef BOOL(_stdcall *ENUMPROCESS)(DWORD *pProcessIds, //指向进程ID数组链DWORD cb, //ID数组的大小,用字节计数DWORD *pBytesReturned //返回的字节);//枚举进程模块
typedef BOOL(_stdcall *ENUMPROCESSMODULES)(HANDLE hProcess, //进程句柄HMODULE *lphModule, //指向模块句柄数组链DWORD cb, //模块句柄数组大小,字节计数LPDWORD lpcbNeeded //存储所有模块句柄所需的字节数);//获得进程模块名
typedef DWORD(_stdcall *GETMODULEFILENAMEEX)(HANDLE hProcess, //进程句柄HMODULE hModule, //进程句柄LPTSTR lpFilename, //存放模块全路径名DWORD nSize //lpFilename缓冲区大小,字符计算);//获得进程名
typedef DWORD(_stdcall *GETMODULEBASENAME)(HANDLE hProcess, //进程句柄HMODULE hModule, //模块句柄LPTSTR lpBaseName,//存放进程名DWORD nSize //lpBaseName缓冲区大小);//进程信息结构
typedef struct tagProcessInfo
{DWORD dwPID;//进程IDchar szFileName[MAX_PATH];//进程文件名char szPathName[MAX_PATH];//进程路径名
}ProcessInfo;class ProcessInfoCollect
{
public:ProcessInfoCollect();virtual ~ProcessInfoCollect();//提权BOOL EnablePrivilege(HANDLE hToken, LPCSTR szPrivName);//枚举所有进程BOOL EnumAllProcess(ProcessInfo *pAll, int & nTotal);//启动进程BOOL CreateNewProcess(LPCSTR pszExeName, WORD wShowWindow, HANDLE &hToken, DWORD & dwProcessID);//关闭进程int KillProcess(DWORD nProcessID);//获取指定进程的所有子进程BOOL GetChildProcessID(DWORD dwParentPID, DWORD* pChildProcess, int & nChildProcessNum);//获取进程所属令牌HANDLE GetProcessToken(DWORD dwPID);//根据程序名获取进程IDDWORD GetProcessIDByName(const char* pAppFileName); //获取当前进程的cpu使用率BOOL GetCPUUserRate(double & dCPUUserRate);//获取指定进程的cpu使用率BOOL GetCPUUserRate(DWORD lProcessID, double & dCPUUserRate);//获取当前进程的IO计数int GetIOBytes(ULONGLONG * read_bytes, ULONGLONG * write_bytes, ULONGLONG * wct, ULONGLONG * rct);//获取指定进程的IO计数int GetIOBytes(DWORD lProcessID, ULONGLONG * read_bytes, ULONGLONG * write_bytes, ULONGLONG * wct, ULONGLONG * rct);//获取当前进程的内存BOOL GetMemoryUsed(DWORD & dwPeakWorkingSetSize, DWORD & dwWorkingSetSize);//获取指定进程的内存BOOL GetMemoryUsed(DWORD lProcessID, DWORD & dwPeakWorkingSetSize, DWORD & dwWorkingSetSize);//获取句柄数BOOL GetHandleCount(DWORD &dwHandles);BOOL GetHandleCount(DWORD lProcessID, DWORD &dwHandles);//获取线程数BOOL GetThreadCount(DWORD &dwThreads);BOOL GetThreadCount(DWORD lProcessID, DWORD &dwThreads);#ifdef StartProcessBySysServiceEx_Flag//启动进程(通过服务启用进程)BOOL StartProcessBySysServiceEx(const char* pAppFullFileName, const char* pRunParameter);
#endifprotected://获取指定进程的cpu使用率BOOL GetCPUUserRateEx(HANDLE hProccess, double & dCPUUserRate);//获取指定进程的IO计数int GetIOBytesEx(HANDLE hProccess, ULONGLONG * read_bytes, ULONGLONG * write_bytes, ULONGLONG * wct, ULONGLONG * rct);//获取内存//参数:hProccess:进程句柄;dwPeakWorkingSetSize:使用内存高峰;dwWorkingSetSize:当前使用的内存;BOOL GetMemoryUsedEx(HANDLE hProccess, DWORD & dwPeakWorkingSetSize, DWORD & dwWorkingSetSize);//获取句柄数BOOL GetHandleCountEx(HANDLE hProccess, DWORD &dwHandles);//中断进程BOOL TerminateProcessEx(DWORD dwPID, DWORD dwTimeout);//启动进程BOOL StartProcess(LPCSTR pAppFullFileName, DWORD &dwProcessID, WORD wShowWindow);//启动进程(通过服务启用进程)HANDLE StartProcessBySysService(const char* pAppFullFileName, const char* pRunParameter, HANDLE hToken);
};//ProcessInfoCollect.cpp
#include "stdafx.h"
#include "ProcessInfoCollect.h"
#include <stdio.h>
#include <tchar.h>
#include <TLHELP32.H>
#include <winsvc.h>
#include <psapi.h>
#pragma comment(lib,"psapi.lib")#ifdef StartProcessBySysServiceEx_Flag
#include <Userenv.h>
#include <WtsApi32.h>
#include <atlbase.h>
#pragma comment(lib, "WtsApi32.lib")
#pragma comment(lib,"Userenv.lib")
#endif#define MAX_ID 4096 //最大进程数
#define MAX_CHILD_PROCESS_COUNT 256 //子进程数//得到文件名(包含扩展名)
const char* GetFileName(const char* pFile)
{if (NULL == pFile || 0 == strlen(pFile)){return "";}const char *pPos = strrchr(pFile, '\\');if (NULL == pPos){pPos = strrchr(pFile, '/');if (NULL == pPos){return "";}}return pPos + 1;
}//得到文件名(不含扩展名)
void GetFileNameWithoutExtendName(const char* pFile, char *pFileDest)
{if (NULL == pFile || 0 == strlen(pFile) || NULL == pFileDest)return;char *pPos = (char *)strrchr(pFile, '\\');if (NULL == pPos){pPos = (char *)strrchr(pFile, '/');}if (NULL == pPos){pPos = (char *)pFile;}if (pPos != NULL){char *pSplitFlag = strrchr(pPos, '.');if (pSplitFlag != NULL){int nLenTemp = pSplitFlag - pPos - 1;strncpy(pFileDest, pPos + 1, nLenTemp);pFileDest[nLenTemp] = '\0';}else{strcpy(pFileDest, pPos + 1);}}else{strcpy(pFileDest, pFile);}
}#define TokenLinkedToken 19#ifdef StartProcessBySysServiceEx_Flag
DWORD GetActiveSessionID()
{DWORD dwSessionId = 0;PWTS_SESSION_INFO pSessionInfo = NULL;DWORD dwCount = 0;WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE, 0, 1, &pSessionInfo, &dwCount);for (DWORD i = 0; i < dwCount; i++){WTS_SESSION_INFO si = pSessionInfo[i];if (WTSActive == si.State){dwSessionId = si.SessionId;break;}}WTSFreeMemory(pSessionInfo);return dwSessionId;
}
#endifProcessInfoCollect::ProcessInfoCollect()
{
}ProcessInfoCollect::~ProcessInfoCollect()
{
}//获取cpu使用率
BOOL ProcessInfoCollect::GetCPUUserRate(double & dCPUUserRate)
{HANDLE hProcess = ::GetCurrentProcess();return GetCPUUserRateEx(hProcess, dCPUUserRate);
}//获取指定进程的cpu使用率
BOOL ProcessInfoCollect::GetCPUUserRate(DWORD lProcessID, double & dCPUUserRate)
{HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, lProcessID);if (hProcess == NULL)return FALSE;BOOL bSuccess = GetCPUUserRateEx(hProcess, dCPUUserRate);CloseHandle(hProcess);return bSuccess;
}int ProcessInfoCollect::GetIOBytes(ULONGLONG * read_bytes, ULONGLONG * write_bytes, ULONGLONG * wct, ULONGLONG * rct)
{HANDLE hProcess = GetCurrentProcess();//获取当前进程句柄int nRet = GetIOBytesEx(hProcess, read_bytes, write_bytes, wct, rct);return nRet;
}
//获取指定进程的IO计数
int ProcessInfoCollect::GetIOBytes(DWORD lProcessID, ULONGLONG * read_bytes, ULONGLONG * write_bytes, ULONGLONG * wct, ULONGLONG * rct)
{HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, lProcessID);if (hProcess == NULL)return -1;int nRet = GetIOBytesEx(hProcess, read_bytes, write_bytes, wct, rct);CloseHandle(hProcess);return nRet;
}//获取句柄数
BOOL ProcessInfoCollect::GetHandleCount(DWORD &dwHandles)
{return GetHandleCountEx(GetCurrentProcess(),dwHandles);
}
BOOL ProcessInfoCollect::GetHandleCount(DWORD lProcessID, DWORD &dwHandles)
{HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, lProcessID);if (hProcess == NULL)return FALSE;BOOL bSuccess = GetHandleCountEx(hProcess, dwHandles);CloseHandle(hProcess);return bSuccess;
}//获取当前进程的内存
BOOL ProcessInfoCollect::GetMemoryUsed(DWORD & dwPeakWorkingSetSize, DWORD & dwWorkingSetSize)
{HANDLE hProcess = GetCurrentProcess();//获取当前进程句柄return GetMemoryUsedEx(hProcess, dwPeakWorkingSetSize, dwWorkingSetSize);
}
//获取指定进程的内存
BOOL ProcessInfoCollect::GetMemoryUsed(DWORD lProcessID, DWORD & dwPeakWorkingSetSize, DWORD & dwWorkingSetSize)
{HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, lProcessID);if (hProcess == NULL)return FALSE;BOOL bSuccess = GetMemoryUsedEx(hProcess, dwPeakWorkingSetSize, dwWorkingSetSize);CloseHandle(hProcess);return bSuccess;
}//获取指定进程的cpu使用率
BOOL ProcessInfoCollect::GetCPUUserRateEx(HANDLE hProccess, double & dCPUUserRate)
{static DWORD s_dwTickCountOld = 0;static LARGE_INTEGER s_lgProcessTimeOld = { 0 };static DWORD s_dwProcessorCoreNum = 0;if (!s_dwProcessorCoreNum){SYSTEM_INFO sysInfo = { 0 };GetSystemInfo(&sysInfo);s_dwProcessorCoreNum = sysInfo.dwNumberOfProcessors;}double dbProcCpuPercent = 0;BOOL bRetCode = FALSE;FILETIME CreateTime, ExitTime, KernelTime, UserTime;LARGE_INTEGER lgKernelTime;LARGE_INTEGER lgUserTime;LARGE_INTEGER lgCurTime;bRetCode = GetProcessTimes(hProccess, &CreateTime, &ExitTime, &KernelTime, &UserTime);if (bRetCode){lgKernelTime.HighPart = KernelTime.dwHighDateTime;lgKernelTime.LowPart = KernelTime.dwLowDateTime;lgUserTime.HighPart = UserTime.dwHighDateTime;lgUserTime.LowPart = UserTime.dwLowDateTime;lgCurTime.QuadPart = (lgKernelTime.QuadPart + lgUserTime.QuadPart);if (s_lgProcessTimeOld.QuadPart){DWORD dwElepsedTime = ::GetTickCount() - s_dwTickCountOld;dbProcCpuPercent = (double)(((double)((lgCurTime.QuadPart - s_lgProcessTimeOld.QuadPart) * 100)) / dwElepsedTime) / 10000;dbProcCpuPercent = dbProcCpuPercent / s_dwProcessorCoreNum;}s_lgProcessTimeOld = lgCurTime;s_dwTickCountOld = ::GetTickCount();}dCPUUserRate = dbProcCpuPercent;return bRetCode;
}
//获取指定进程的IO计数
int ProcessInfoCollect::GetIOBytesEx(HANDLE hProccess, ULONGLONG * read_bytes, ULONGLONG * write_bytes, ULONGLONG * wct, ULONGLONG * rct)
{IO_COUNTERS io_counter;if (GetProcessIoCounters(hProccess, &io_counter)){if (read_bytes) *read_bytes = io_counter.ReadTransferCount;//字节数if (write_bytes) *write_bytes = io_counter.WriteTransferCount;if (wct) *wct = io_counter.WriteOperationCount;//次数if (rct) *rct = io_counter.ReadOperationCount;return 0;}return -1;
}//获取内存
//参数:hProccess:进程句柄;dwPeakWorkingSetSize:使用内存高峰;dwWorkingSetSize:当前使用的内存;
BOOL ProcessInfoCollect::GetMemoryUsedEx(HANDLE hProccess, DWORD & dwPeakWorkingSetSize, DWORD & dwWorkingSetSize)
{//根据进程ID打开进程if (hProccess){SYSTEM_INFO si;GetSystemInfo(&si);OSVERSIONINFO osvi;//定义OSVERSIONINFO数据结构对象memset(&osvi, 0, sizeof(OSVERSIONINFO));//开空间 osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);//定义大小 GetVersionEx(&osvi);//获得版本信息 if (osvi.dwMajorVersion < 6){PROCESS_MEMORY_COUNTERS pmc;pmc.cb = sizeof(PROCESS_MEMORY_COUNTERS);//获取这个进程的内存使用情况。if (::GetProcessMemoryInfo(hProccess, &pmc, sizeof(pmc))){dwWorkingSetSize = pmc.PagefileUsage;//pmc.WorkingSetSize;dwPeakWorkingSetSize = pmc.PeakWorkingSetSize;//缺页中断次数:pmc.PageFaultCount//使用内存高峰:pmc.PeakWorkingSetSize//当前使用的内存: pmc.WorkingSetSize//使用页面缓存池高峰: pmc.QuotaPeakPagedPoolUsage//使用页面缓存池: pmc.QuotaPagedPoolUsage//使用非分页缓存池高峰: pmc.QuotaPeakNonPagedPoolUsage//使用非分页缓存池: pmc.QuotaNonPagedPoolUsage//使用分页文件:pmc.PagefileUsage//使用分页文件的高峰: pmc.PeakPagefileUsage}}else{DWORD dwMemProcess = 0;PSAPI_WORKING_SET_INFORMATION workSet;memset(&workSet, 0, sizeof(workSet));BOOL bOk = QueryWorkingSet(hProccess, &workSet, sizeof(workSet));if (bOk || (!bOk && GetLastError() == ERROR_BAD_LENGTH)){int nSize = sizeof(workSet.NumberOfEntries) + workSet.NumberOfEntries * sizeof(workSet.WorkingSetInfo);char* pBuf = new char[nSize];if (pBuf){QueryWorkingSet(hProccess, pBuf, nSize);PSAPI_WORKING_SET_BLOCK* pFirst = (PSAPI_WORKING_SET_BLOCK*)(pBuf + sizeof(workSet.NumberOfEntries));DWORD dwMem = 0;for (ULONG_PTR nMemEntryCnt = 0; nMemEntryCnt < workSet.NumberOfEntries; nMemEntryCnt++, pFirst++){if (pFirst->Shared == 0) dwMem += si.dwPageSize;}delete pBuf;if(workSet.NumberOfEntries > 0){dwMemProcess = dwMem;dwWorkingSetSize = dwMemProcess;dwPeakWorkingSetSize = dwMemProcess;}}}else{return FALSE;}}}else{int ret = GetLastError();return FALSE;}return TRUE;
}//获取句柄数
BOOL ProcessInfoCollect::GetHandleCountEx(HANDLE hProccess, DWORD &dwHandles)
{return GetProcessHandleCount(hProccess, &dwHandles);
}//获取线程数
BOOL ProcessInfoCollect::GetThreadCount(DWORD &dwThreads)
{return GetThreadCount(GetCurrentProcessId(), dwThreads);
}
BOOL ProcessInfoCollect::GetThreadCount(DWORD lProcessID, DWORD &dwThreads)
{//获取进程信息HANDLE hProcessSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);if (hProcessSnap == INVALID_HANDLE_VALUE)return FALSE;BOOL bFind = FALSE;char szFilePath[MAX_PATH] = { 0 };PROCESSENTRY32 stProcessEntry32 = { 0 };stProcessEntry32.dwSize = sizeof(stProcessEntry32);BOOL bSucceed = ::Process32First(hProcessSnap, &stProcessEntry32);;for (;;){if (!bSucceed)break;if (stProcessEntry32.th32ProcessID == lProcessID){dwThreads = stProcessEntry32.cntThreads;bFind = TRUE;break;}bSucceed = ::Process32Next(hProcessSnap, &stProcessEntry32);}::CloseHandle(hProcessSnap);return bFind;
}BOOL ProcessInfoCollect::EnablePrivilege(HANDLE hToken, LPCSTR szPrivName)
{TOKEN_PRIVILEGES tkp;//访问令牌权限结构变量LUID luid;//本地唯一标识符结构变量//查询SE_DEBUG_NAME权限所对应的luid值if (!LookupPrivilegeValue(NULL, szPrivName, &luid)){// TRACE("Lookup Privilege Value Failed...\nErrorCode:%d\n",GetLastError());return 0;}//填充Token_Privileges结构tkp.PrivilegeCount = 1;tkp.Privileges[0].Luid = luid;tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;//提升权限if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL)){// TRACE("Adjust Token Privileges Failed...\nErrorCode:%d\n",GetLastError());return 0;}return(GetLastError() == ERROR_SUCCESS);
}BOOL ProcessInfoCollect::EnumAllProcess(ProcessInfo *pAll, int & nTotal)
{ENUMPROCESS pEnumProcess;ENUMPROCESSMODULES pEnumProcessModules;GETMODULEFILENAMEEX pGetModuleFileNameEx;GETMODULEBASENAME pGetModuleBaseName;DWORD dwMajorVersion = 0;DWORD dwMinorVersion = 0;OSVERSIONINFOEX osver = { 0 };osver.dwOSVersionInfoSize = sizeof(osver);::GetVersionEx((OSVERSIONINFO*)&osver);dwMajorVersion = osver.dwMajorVersion;dwMinorVersion = osver.dwMinorVersion;HANDLE hToken = NULL;//访问令牌句柄DWORD dwPID[MAX_ID] = { 0 };//接授进程ID的数组DWORD cbReturn = 0;//返回的字节数DWORD dwPCount = 0;//进程数DWORD i;char szFileName[MAX_PATH] = { 0 };//文件名char szPathName[MAX_PATH] = { 0 };//路径名char Id[] = "ID", Pid[] = "PID", Exe[] = "ProcessName", Path[] = "Path";HANDLE hProcess = NULL; //进程句柄HMODULE hModule = NULL;HINSTANCE hPsDll = NULL;//实例句柄hPsDll = LoadLibrary("PSAPI.DLL");//获得DLL的实例if (hPsDll == NULL){//FreeLibrary(hPsDll);return FALSE;}//获得函数的地址pEnumProcess = (ENUMPROCESS)GetProcAddress(hPsDll, "EnumProcesses");pEnumProcessModules = (ENUMPROCESSMODULES)GetProcAddress(hPsDll, "EnumProcessModules");pGetModuleFileNameEx = (GETMODULEFILENAMEEX)GetProcAddress(hPsDll, "GetModuleFileNameExA");pGetModuleBaseName = (GETMODULEBASENAME)GetProcAddress(hPsDll, "GetModuleBaseNameA");if (!(pEnumProcess && pEnumProcessModules && pGetModuleFileNameEx &&pGetModuleBaseName)){FreeLibrary(hPsDll);return FALSE;}//打开当前进程访问令牌if (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken)){if (EnablePrivilege(hToken, SE_DEBUG_NAME)){pEnumProcess(dwPID, sizeof(dwPID), &cbReturn);//枚举进程dwPCount = cbReturn / sizeof(DWORD);//计算进程/线程总数if (dwPCount > nTotal){dwPCount = nTotal;}else{nTotal = dwPCount;}for (i = 0; i < dwPCount; i++){//打开进程hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,//访问权限false,//是否允许得到的进程句柄被后创建的子进程继承dwPID[i]);//进程IDpAll[i].dwPID = dwPID[i];if (hProcess){//枚举进程模块DWORD dwError = 0;BOOL bSuccessProcess = pEnumProcessModules(hProcess, &hModule, sizeof(hModule), &cbReturn);if (!bSuccessProcess){dwError = GetLastError();}memset(pAll[i].szFileName, 0, sizeof(char)*MAX_PATH);memset(pAll[i].szPathName, 0, sizeof(char)*MAX_PATH);memset(szFileName, 0, sizeof(szFileName));memset(szPathName, 0, sizeof(szPathName));if (hModule != NULL){//获得进程模块文件名(包含路径)if (dwMajorVersion < 5) //< window2000{//保存文件名//DWORD dwGetModuleBaseName = pGetModuleFileNameEx(hProcess, hModule, szPathName, sizeof(szPathName));DWORD dwGetModuleBaseName = GetModuleFileNameEx(hProcess, hModule, szPathName, sizeof(szPathName));GetFileNameWithoutExtendName(szPathName, pAll[i].szFileName);}if (dwMajorVersion == 5) //xp或Windows Server2003{GetProcessImageFileName(hProcess, szPathName, sizeof(szPathName));GetFileNameWithoutExtendName(szPathName, pAll[i].szFileName);}else if (osver.dwMajorVersion >= 6) //win7或win7以上{DWORD dwPathNameSize = sizeof(szPathName);bSuccessProcess = QueryFullProcessImageName(hProcess, 0, szPathName, &dwPathNameSize);GetFileNameWithoutExtendName(szPathName, pAll[i].szFileName);}if (!bSuccessProcess){dwError = GetLastError();}strcpy(pAll[i].szPathName, szPathName);}}if (hProcess)CloseHandle(hProcess);//if(hModule)// CloseHandle(hModule);}}}//关闭句柄和实例if (hToken)CloseHandle(hToken);FreeLibrary(hPsDll);return TRUE;
}/*
功能说明:获取指定进程的所有子进程
参数说明:dwParentPID,父进程ID;m_pChildProcess,[out] 子进程列表;nChildProcessNum,[out]子进程数量
返回值:子进程ID列表
*/
BOOL ProcessInfoCollect::GetChildProcessID(DWORD dwParentPID, DWORD* pChildProcess, int & nChildProcessNum)
{//获取进程信息HANDLE hProcessSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);if (hProcessSnap == INVALID_HANDLE_VALUE)return FALSE;/*DWORD dwProcessID = 0;*/PROCESSENTRY32 stProcessEntry32 = { 0 };stProcessEntry32.dwSize = sizeof(stProcessEntry32);BOOL bSucceed = ::Process32First(hProcessSnap, &stProcessEntry32);;int i = 0;for (;;){if (!bSucceed)break;bSucceed = ::Process32Next(hProcessSnap, &stProcessEntry32);if (stProcessEntry32.th32ParentProcessID == dwParentPID){if (i < MAX_CHILD_PROCESS_COUNT){pChildProcess[i++] = stProcessEntry32.th32ProcessID;}else{break;}}}::CloseHandle(hProcessSnap);nChildProcessNum = i;return TRUE;
}BOOL CALLBACK CloseWindowByPID(HWND hwnd, LPARAM lParam)
{BOOL bRet = FALSE;DWORD dwID;GetWindowThreadProcessId(hwnd, &dwID);if (dwID == (DWORD)lParam){if (PostMessage(hwnd, WM_CLOSE, 0, 0)){bRet = TRUE;}}return TRUE;
}//结束进程
BOOL ProcessInfoCollect::TerminateProcessEx(DWORD dwPID, DWORD dwTimeout)
{HANDLE hProc;BOOL bRet = TRUE;// If we can 't open the process with PROCESS_TERMINATE rights,// then we give up immediately.hProc = OpenProcess(SYNCHRONIZE | PROCESS_TERMINATE, FALSE,dwPID);if (hProc == NULL){return FALSE;}// WindowEnumCallBack() posts WM_CLOSE to all windows whose PID// matches dwPID.EnumWindows((WNDENUMPROC)CloseWindowByPID, (LPARAM)dwPID);// Wait on the handle. If it signals, great. If it times out,// then you kill it.if (WaitForSingleObject(hProc, dwTimeout) != WAIT_OBJECT_0){bRet = TerminateProcess(hProc, 0);WaitForSingleObject(hProc, dwTimeout);}CloseHandle(hProc);return bRet;
}//获取进程所属令牌
HANDLE ProcessInfoCollect::GetProcessToken(DWORD dwPID)
{HANDLE hProc;HANDLE hToken = NULL;// If we can 't open the process with PROCESS_TERMINATE rights,// then we give up immediately. if(!OpenProcessToken(hProc,TOKEN_QUERY|TOKEN_QUERY_SOURCE, &hToken))hProc = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE,dwPID);if (hProc != NULL){if (!OpenProcessToken(hProc, TOKEN_ALL_ACCESS, &hToken)){DWORD dwRet = GetLastError();}CloseHandle(hProc);}return hToken;}//创建新进程
BOOL ProcessInfoCollect::CreateNewProcess(LPCSTR pszExeName, WORD wShowWindow, HANDLE &hToken, DWORD & dwProcessID)
{if (hToken == NULL){BOOL bRet = StartProcess(pszExeName, dwProcessID, wShowWindow);if (bRet){HANDLE hNewToken = GetProcessToken(dwProcessID);if (hToken != NULL)CloseHandle(hToken);hToken = hNewToken;}return bRet;}else{HANDLE hNewToken = StartProcessBySysService(pszExeName, "", hToken);if (hToken != NULL)CloseHandle(hToken);hToken = hNewToken;return TRUE;}
}//根据程序名获取进程ID
DWORD ProcessInfoCollect::GetProcessIDByName(const char* pAppFileName)
{//获取进程信息HANDLE hProcessSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);if (hProcessSnap == INVALID_HANDLE_VALUE)return 0;DWORD dwProcessID = 0;PROCESSENTRY32 stProcessEntry32 = { 0 };stProcessEntry32.dwSize = sizeof(stProcessEntry32);BOOL bSucceed = ::Process32First(hProcessSnap, &stProcessEntry32);;for (;;){if (!bSucceed)break;bSucceed = ::Process32Next(hProcessSnap, &stProcessEntry32);if (::_stricmp(stProcessEntry32.szExeFile, pAppFileName) == 0){dwProcessID = stProcessEntry32.th32ProcessID;break;}}::CloseHandle(hProcessSnap);return dwProcessID;
}//关闭进程
int ProcessInfoCollect::KillProcess(DWORD nProcessID)
{HANDLE hProcessHandle = NULL;hProcessHandle = ::OpenProcess(PROCESS_TERMINATE, FALSE, nProcessID);if (hProcessHandle == NULL)return 0;//关闭子进程DWORD *pChildProcess = new DWORD[MAX_CHILD_PROCESS_COUNT];memset(pChildProcess, 0, MAX_CHILD_PROCESS_COUNT);int nChildProcessNum = 0;BOOL bRet = GetChildProcessID(nProcessID, pChildProcess, nChildProcessNum);if (bRet){for (int i = 0; i < nChildProcessNum; ++i){if (pChildProcess[i] > 0){TerminateProcessEx(pChildProcess[i], 200);}}}if (pChildProcess != NULL){delete[]pChildProcess;pChildProcess = NULL;}bRet = ::TerminateProcess(hProcessHandle, 200);if (hProcessHandle != NULL)CloseHandle(hProcessHandle);return bRet;
}//启动进程BOOL ProcessInfoCollect::StartProcess(LPCSTR pAppFullFileName, DWORD &dwProcessID, WORD wShowWindow)
{BOOL bRet = FALSE;STARTUPINFO stStartupInformation = { 0 };stStartupInformation.cb = sizeof(stStartupInformation);stStartupInformation.dwFlags = STARTF_USESHOWWINDOW;stStartupInformation.wShowWindow = wShowWindow;//SW_SHOW;//stStartupInformation.lpDesktop="WinSta0\\Winlogon";stStartupInformation.lpDesktop = "winsta0\\default";PROCESS_INFORMATION stProcessInformation = { 0 };//目录工作路径char szProgrammeWorkPath[MAX_PATH] = { 0 };::strcpy_s(szProgrammeWorkPath, MAX_PATH - 1, pAppFullFileName);//+1,从c:\..开始if (::strchr(szProgrammeWorkPath, ':') != NULL &&::strrchr(szProgrammeWorkPath, '\\') != NULL){(_tcsrchr(szProgrammeWorkPath, '\\'))[1] = 0;}bRet = ::CreateProcess((LPTSTR)pAppFullFileName, NULL, NULL, NULL, FALSE, 0, NULL, szProgrammeWorkPath,&stStartupInformation, &stProcessInformation);dwProcessID = stProcessInformation.dwProcessId;if (stProcessInformation.hProcess != NULL)CloseHandle(stProcessInformation.hProcess);if (stProcessInformation.dwThreadId != NULL)CloseHandle(stProcessInformation.hThread);return bRet;
}//启动进程(令牌)
HANDLE ProcessInfoCollect::StartProcessBySysService(const char* pAppFullFileName, const char* pRunParameter, HANDLE hToken)
{HANDLE hNewToken = NULL;char szSoftWare[1024] = { 0 };sprintf_s(szSoftWare, 1024, "\"%s\" %s", pAppFullFileName, pRunParameter);STARTUPINFO stStartupInformation = { 0 };stStartupInformation.cb = sizeof(stStartupInformation);stStartupInformation.dwFlags = STARTF_USESHOWWINDOW;stStartupInformation.wShowWindow = SW_SHOW;stStartupInformation.lpDesktop = "winsta0\\default";PROCESS_INFORMATION stProcessInformation = { 0 };//目录工作路径char szProgrammeWorkPath[MAX_PATH] = { 0 };::strcpy_s(szProgrammeWorkPath, MAX_PATH - 1, pAppFullFileName);//+1,从c:\..开始if (::strchr(szProgrammeWorkPath, ':') != NULL &&::strrchr(szProgrammeWorkPath, '\\') != NULL){(_tcsrchr(szProgrammeWorkPath, '\\'))[1] = 0;}if (DuplicateTokenEx(hToken, MAXIMUM_ALLOWED, NULL,SecurityImpersonation, TokenPrimary, &hNewToken)){if (CreateProcessAsUser(hNewToken, NULL,szSoftWare, NULL, NULL, FALSE,0, NULL, szProgrammeWorkPath, &stStartupInformation, &stProcessInformation)){if (stProcessInformation.hProcess != NULL)CloseHandle(stProcessInformation.hProcess);if (stProcessInformation.dwThreadId != NULL)CloseHandle(stProcessInformation.hThread);}}return hNewToken;
}#ifdef StartProcessBySysServiceEx_Flag
BOOL ProcessInfoCollect::StartProcessBySysServiceEx(const char* pAppFullFileName, const char* pRunParameter)
{DWORD dwProcesses = 0;BOOL bResult = FALSE;char szSoftWare[1024] = { 0 };sprintf_s(szSoftWare, 1024, _T("\"%s\" %s"), pAppFullFileName, pRunParameter);DWORD dwSid = GetActiveSessionID();DWORD dwRet = 0;PROCESS_INFORMATION pi;STARTUPINFO si;HANDLE hProcess = NULL, hPToken = NULL, hUserTokenDup = NULL;if (!WTSQueryUserToken(dwSid, &hPToken)){PROCESSENTRY32 procEntry;DWORD dwPid = 0;HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);if (hSnap == INVALID_HANDLE_VALUE){return FALSE;}procEntry.dwSize = sizeof(PROCESSENTRY32);if (Process32First(hSnap, &procEntry)){do{if (_tcsicmp(procEntry.szExeFile, _T("explorer.exe")) == 0){DWORD exeSessionId = 0;if (ProcessIdToSessionId(procEntry.th32ProcessID, &exeSessionId) && exeSessionId == dwSid){dwPid = procEntry.th32ProcessID;break;}}} while (Process32Next(hSnap, &procEntry));}CloseHandle(hSnap);// explorer进程不存在if (dwPid == 0){return FALSE;}hProcess = ::OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwPid);if (hProcess == NULL){return FALSE;}if (!::OpenProcessToken(hProcess, TOKEN_ALL_ACCESS_P, &hPToken)){CloseHandle(hProcess);return FALSE;}}if (hPToken == NULL)return FALSE;TOKEN_LINKED_TOKEN admin;bResult = GetTokenInformation(hPToken, (TOKEN_INFORMATION_CLASS)TokenLinkedToken, &admin, sizeof(TOKEN_LINKED_TOKEN), &dwRet);if (!bResult) // vista 以前版本不支持TokenLinkedToken{TOKEN_PRIVILEGES tp;LUID luid;if (LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid)){tp.PrivilegeCount = 1;tp.Privileges[0].Luid = luid;tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;}//复制tokenDuplicateTokenEx(hPToken, MAXIMUM_ALLOWED, NULL, SecurityIdentification, TokenPrimary, &hUserTokenDup);}else{hUserTokenDup = admin.LinkedToken;}LPVOID pEnv = NULL;DWORD dwCreationFlags = CREATE_PRESERVE_CODE_AUTHZ_LEVEL;// hUserTokenDup为当前登陆用户的令牌if (CreateEnvironmentBlock(&pEnv, hUserTokenDup, TRUE)){//如果传递了环境变量参数,CreateProcessAsUser的//dwCreationFlags参数需要加上CREATE_UNICODE_ENVIRONMENT,//这是MSDN明确说明的dwCreationFlags |= CREATE_UNICODE_ENVIRONMENT;}else{//环境变量创建失败仍然可以创建进程,//但会影响到后面的进程获取环境变量内容pEnv = NULL;}ZeroMemory(&si, sizeof(si));si.cb = sizeof(si);si.dwFlags = STARTF_USESHOWWINDOW;si.wShowWindow = SW_HIDE;ZeroMemory(&pi, sizeof(pi));//USES_CONVERSION;bResult = CreateProcessAsUser(hUserTokenDup, // client's access tokenNULL, // file to execute(LPTSTR)A2T(szSoftWare), // command lineNULL, // pointer to process SECURITY_ATTRIBUTESNULL, // pointer to thread SECURITY_ATTRIBUTESFALSE, // handles are not inheritabledwCreationFlags, // creation flagspEnv, // pointer to new environment blockNULL, // name of current directory&si, // pointer to STARTUPINFO structure&pi // receives information about new process);if (pi.hProcess){CloseHandle(pi.hThread);CloseHandle(pi.hProcess);}if (hUserTokenDup != NULL)CloseHandle(hUserTokenDup);if (hProcess != NULL)CloseHandle(hProcess);if (hPToken != NULL)CloseHandle(hPToken);if (pEnv != NULL)DestroyEnvironmentBlock(pEnv);return TRUE;
}
#endif//调用方法
ProcessInfoCollect picProcessInfoCollect;
int nRet = 0;
DWORD nMemoryUsed; //内存使用(Byte)
DWORD nVirtualMemoryUsed; //虚拟内存使用(Byte)
DWORD nHandleNumber; //句柄数量
DWORD dwCurrentProcessThreadCount; //线程数量
ULONGLONG ullIo_read_bytes; //IO读字节数
ULONGLONG ullIo_write_bytes; //IO写字节数
ULONGLONG ullIo_wct; //IO写次数
ULONGLONG ullIo_rct; //IO读次数
double dCPUUserRate = 0; //CPU使用的百分比
picProcessInfoCollect.GetCPUUserRate(dCPUUserRate);
picProcessInfoCollect.GetMemoryUsed(nVirtualMemoryUsed, nMemoryUsed);
nVirtualMemoryUsed = nVirtualMemoryUsed;
nMemoryUsed = nMemoryUsed;
picProcessInfoCollect.GetThreadCount(dwCurrentProcessThreadCount);
picProcessInfoCollect.GetHandleCount(nHandleNumber);
picProcessInfoCollect.GetIOBytes(&ullIo_read_bytes, &ullIo_write_bytes, &ullIo_wct, &ullIo_rct);VC获取进程的cpu使用率、内存、线程数、句柄数等信息相关推荐
- C#获取进程的CPU使用率
参考文章:http://www.cnblogs.com/gjhjoy/p/3551549.html 一.根据Process类方法进行计算 CPU使用比例 = 在间隔时间内进程的CPU使用时间 除以 计 ...
- C/C++通过WMI和系统API函数获取获取系统硬件(cpu,内存,显卡,网卡)配置信息
转自:http://blog.csdn.net/ly402609921/article/details/7446943 前段时间由于项目需要,要求做一个服务器的实时性能监控(CPU.内存.网络利 ...
- php获取linux服务器CPU、内存、硬盘使用率的实现代码
define("MONITORED_IP", "172.16.0.191"); //被监控的服务器IP地址 也就是本机地址 define("DB_SE ...
- C++ 获取特定进程的CPU使用率转
C++ 获取特定进程的CPU使用率 近来发现笔记本在关闭屏幕后风扇转得特别快,打开屏幕后看任务管理器,风扇马上减速,也没有发现大量占用CPU的进程.于是想写一个小程序在后台记录每个进程的CPU使用情况 ...
- C++ 获取特定进程的CPU使用率
近来发现笔记本在关闭屏幕后风扇转得特别快,打开屏幕后看任务管理器,风扇马上减速,也没有发现大量占用CPU的进程.于是想写一个小程序在后台记录每个进程的CPU使用情况,揪出锁屏后占用CPU的进程.于是自 ...
- java 通过snmp协议获取物理机CPU、内存容量及使用率,存储的容量及使用率
java 用snmp协议获取物理机CPU.内存容量及使用率,存储的容量及使用率,java获取trap告警 一.SNMP简介 1.什么是snmp 二.SNMP获取信息步骤 1.开启SNMP 2.MIB文 ...
- .NET/C# 如何获取当前进程的 CPU 和内存占用?如何获取全局 CPU 和内存占用?
都知道可以在任务管理器中查看进程的 CPU 和内存占用,那么如何通过 .NET 编写代码的方式来获取到 CPU 和内存占用呢? .NET 中提供了 PerformanceCounter 类型,可以用来 ...
- android cpu负载 工具,计算Android中进程的CPU使用率
我正在尝试按以下方式计算Android中进程的CPU使用率,但是由于产生的输出,我不确定它是否正确. 要将吉菲转换为秒:吉菲/赫兹 第一步: 使用/proc/uptime文件的第一个参数获取正常运行时 ...
- 教你用Python监控进程的CPU使用率
背景 在平时的工作中,经常会有某些进程突然CPU飙升,导致系统卡顿.那如何才能监控某个进程的CPU利用率呢?我们今天就一起用Python来实现下. 环境准备 依赖库 psutil是Python的一个很 ...
最新文章
- 【SICP练习】30 练习1.36
- python系统-Python(第八课,简单开发系统)
- tp论坛 分页(三)
- Hbase读写数据的原理解析
- 菜鸟教程 之 JavaScript 函数(function)
- day7 java的封装
- 2018 ACM/ICPC 沈阳站小结
- 深入浅出JS:Two
- SpringDataJpa 概述
- win10录屏软件推荐 Ocam
- 物联网服务器搭建资料汇总借用原作者
- x64位游戏call代码测试注入器
- AgentWeb 更加简洁优秀的webview
- 计算机思维在化学上的应用,【科学思维】化隐性为显性思想在化学中的应用
- flutter手写板2.0 橡皮擦
- bam文件测序深度统计-bamdst
- Cobalt Strike 的 Beacon 使用介绍以及 Profile 文件修改Beacon内存教程
- word页码不连续怎么办
- [HSI论文阅读] | HybridSN: Exploring 3-D–2-D CNN Feature Hierarchy for Hyperspectral Image Classification
- 申请工作居住证办事指南