📄 process_functions.cpp
字号:
/************************************************************************
* 文件名称:Process_Functions.cpp
* 作 者:李骥
*************************************************************************/
#include "stdafx.h"
#include "Process_Functions.h"
#include "ProcessList.h"
extern PROCESSENTRY32 pe32;
extern HANDLE hProcessSnap;
int ListProcessThreads( DWORD dwOwnerPID, DWORD * dwThreadIdTable )
{
int iThreadCount = 0;
HANDLE hThreadSnap = CreateToolhelp32Snapshot( TH32CS_SNAPTHREAD, 0UL );
if( hThreadSnap == ( HANDLE ) -1 ) return 0;
THREADENTRY32 te32;
te32.dwSize = sizeof( THREADENTRY32 );
if( ! Thread32First( hThreadSnap, &te32 ) )
{
CloseHandle( hThreadSnap );
return 0;
}
do
{
if( te32.th32OwnerProcessID == dwOwnerPID )
{
dwThreadIdTable[ iThreadCount++ ] = te32.th32ThreadID;
}
} while( Thread32Next( hThreadSnap, &te32 ) && iThreadCount < MAX_THREAD_CNT );
CloseHandle( hThreadSnap );
return iThreadCount;
}
BOOL GetProcessList( HWND hList)
{
HANDLE hProcessSnap;
// Take a snapshot of all processes in the system.
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
if( hProcessSnap == INVALID_HANDLE_VALUE )
{
printError( L"获取进程信息失败!CreateToolhelp32Snapshot" );
return( FALSE );
}
// Set the size of the structure before using it.
pe32.dwSize = sizeof( PROCESSENTRY32 );
if( !Process32First( hProcessSnap, &pe32 ) )
{
printError( L"Process32First" ); // Show cause of failure
CloseHandle( hProcessSnap ); // Must clean up the snapshot object!
return( FALSE );
}
int count=0;
do
{
LVITEM LvItem;
memset(&LvItem,0,sizeof(LvItem)); // Reset Item Struct
Install_Process_To_Item( pe32, &LvItem, hList,count);
\
count++;
} while( Process32Next( hProcessSnap, &pe32 ) );
CloseHandle( hProcessSnap );
return( TRUE );
}
//
//BOOL ListProcessModules( DWORD dwPID )
//{
// HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
// MODULEENTRY32 me32;
//
// // Take a snapshot of all modules in the specified process.
// hModuleSnap = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID );
// if( hModuleSnap == INVALID_HANDLE_VALUE )
// {
// printError( L"CreateToolhelp32Snapshot (of modules)" );
// return( FALSE );
// }
//
// // Set the size of the structure before using it.
// me32.dwSize = sizeof( MODULEENTRY32 );
//
// // Retrieve information about the first module,
// // and exit if unsuccessful
// if( !Module32First( hModuleSnap, &me32 ) )
// {
// printError( L"Module32First" ); // Show cause of failure
// CloseHandle( hModuleSnap ); // Must clean up the snapshot object!
// return( FALSE );
// }
//
// // Now walk the module list of the process,
// // and display information about each module
// do
// {
// printf( "\n\n MODULE NAME: %s", me32.szModule );
// printf( "\n executable = %s", me32.szExePath );
// printf( "\n process ID = 0x%08X", me32.th32ProcessID );
// printf( "\n ref count (g) = 0x%04X", me32.GlblcntUsage );
// printf( "\n ref count (p) = 0x%04X", me32.ProccntUsage );
// printf( "\n base address = 0x%08X", (DWORD) me32.modBaseAddr );
// printf( "\n base size = %d", me32.modBaseSize );
//
// } while( Module32Next( hModuleSnap, &me32 ) );
//
// CloseHandle( hModuleSnap );
// return( TRUE );
//}
BOOL ListProcessThreads( DWORD dwOwnerPID )
{
HANDLE hThreadSnap = INVALID_HANDLE_VALUE;
THREADENTRY32 te32;
// Take a snapshot of all running threads
hThreadSnap = CreateToolhelp32Snapshot( TH32CS_SNAPTHREAD, 0 );
if( hThreadSnap == INVALID_HANDLE_VALUE )
return( FALSE );
// Fill in the size of the structure before using it.
te32.dwSize = sizeof(THREADENTRY32 );
// Retrieve information about the first thread,
// and exit if unsuccessful
if( !Thread32First( hThreadSnap, &te32 ) )
{
printError( L"Thread32First" ); // Show cause of failure
CloseHandle( hThreadSnap ); // Must clean up the snapshot object!
return( FALSE );
}
// Now walk the thread list of the system,
// and display information about each thread
// associated with the specified process
ULONG result;
do
{
HANDLE hThread=OpenThread(THREAD_ALL_ACCESS,TRUE,te32.th32ThreadID);
DWORD dwMask=0x0001;
result=(ULONG)SetThreadAffinityMask(hThread,dwMask);
} while( Thread32Next(hThreadSnap, &te32 ) );
CloseHandle( hThreadSnap );
return( TRUE );
}
void printError( TCHAR* msg )
{
DWORD eNum;
TCHAR sysMsg[256];
TCHAR* p;
eNum = GetLastError( );
FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
NULL, eNum,
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
sysMsg, 256, NULL );
// Trim the end of the line and terminate it with a null
p = sysMsg;
while( ( *p > 31 ) || ( *p == 9 ) )
++p;
do { *p-- = 0; } while( ( p >= sysMsg ) &&
( ( *p == '.' ) || ( *p < 33 ) ) );
// Display the message
printf( "\n WARNING: %s failed with error %d (%s)", msg, eNum, sysMsg );
}
#include "ioctls.h"
extern HANDLE hDevice;
BOOL GetProess(PVOID pMemoryProcess,ULONG Length)
{
DWORD returnLength;
BOOL result=DeviceIoControl(hDevice, IOCTL_GETPROCESS,NULL, 0, pMemoryProcess, Length,&returnLength, NULL);
return result;
}
extern BYTE *pProcessMemory;
BOOL GetProcess_From_Drv(HWND hList)
{
LRESULT lResult = SendMessage(hList, LVM_GETITEMCOUNT, 0,0);
for(int i=0;i<(int)lResult;i++)
{
LRESULT rt = SendMessage( hList, LVM_DELETEITEM, (WPARAM)0, 0 );
}
DWORD BytesReturned;
BOOL result=DeviceIoControl(hDevice, IOCTL_GETPROCESS,NULL, 0, pProcessMemory, 0x10000,&BytesReturned, NULL);
MY_PROCESS_INFO My_Process_Info_Temp;
PMY_PROCESS_INFO pMy_Process_Info=(PMY_PROCESS_INFO )pProcessMemory;
PMY_THREAD_INFO pMy_Thread_Info=(PMY_THREAD_INFO)(pProcessMemory+0x8000);
ULONG ProcessCount=*(ULONG *)(pProcessMemory+0x8000-sizeof(ULONG));
for(ULONG i=0 ;i<ProcessCount ;i++ )
{
My_Process_Info_Temp.dThreadCount=pMy_Process_Info->dThreadCount;
My_Process_Info_Temp.InheritedFromProcessID=pMy_Process_Info->InheritedFromProcessID;
My_Process_Info_Temp.ProcessID=pMy_Process_Info->ProcessID;
memcpy(My_Process_Info_Temp.ProcessName,pMy_Process_Info->ProcessName,sizeof(WCHAR)*256);
if(My_Process_Info_Temp.ProcessID==0)
{
swprintf_s(My_Process_Info_Temp.ProcessName,L"IDLE PROCESS!!!!!!");
}
My_Process_Info_Temp.ThreadInfos=pMy_Process_Info->ThreadInfos;
Install_Process_ToSub_From_Drv(My_Process_Info_Temp,hList,i);
pMy_Process_Info++;
}
return result;
}
BOOL SetProcess_To_Drv()
{
DWORD BytesReturned;
BOOL result=DeviceIoControl(hDevice, IOCTL_SETPROCESS, pProcessMemory, 0x10000 , NULL, 0,&BytesReturned, NULL);
return result;
}
BOOL Install_Process_ToSub_From_Drv(MY_PROCESS_INFO My_Process_Info,HWND hList,int iSubItem)
{
LVITEM LvItem;
memset(&LvItem,0,sizeof(LvItem));
LvItem.mask=LVIF_TEXT; // Text Style
LvItem.cchTextMax = 256; // Max size of test
LvItem.iItem=iSubItem; // choose item
LvItem.iSubItem=0; // Put in first coluom
LvItem.pszText=My_Process_Info.ProcessName; // Text to display (can be from a char variable) (Items)
SendMessage(hList,LVM_INSERTITEM,0,(LPARAM)&LvItem); // Send to the Listview
WCHAR Temp[256];
LvItem.iSubItem=1;
swprintf_s(Temp,L"0x%08X",My_Process_Info.ProcessID);
LvItem.pszText=Temp;
SendMessage(hList,LVM_SETITEM,0,(LPARAM)&LvItem);
LvItem.iSubItem=2;
swprintf_s(Temp,L"%d", My_Process_Info.dThreadCount);
LvItem.pszText=Temp;
SendMessage(hList,LVM_SETITEM,0,(LPARAM)&LvItem);
LvItem.iSubItem=3;
swprintf_s(Temp,L"0x%08X", My_Process_Info.InheritedFromProcessID);
LvItem.pszText=Temp;
SendMessage(hList,LVM_SETITEM,0,(LPARAM)&LvItem);
LvItem.iSubItem=4;
swprintf_s(Temp,L"UNKNOW");
LvItem.pszText=Temp;
SendMessage(hList,LVM_SETITEM,0,(LPARAM)&LvItem);
// Retrieve the priority class.
DWORD dwPriorityClass = 0;
HANDLE hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, My_Process_Info.ProcessID );
if( hProcess == NULL )
{
return FALSE;
}
else
{
dwPriorityClass = GetPriorityClass( hProcess );
if( !dwPriorityClass )
{
return FALSE;
}
CloseHandle( hProcess );
}
LvItem.iSubItem=5;
swprintf_s(Temp,L"%d", dwPriorityClass);
LvItem.pszText=Temp;
SendMessage(hList,LVM_SETITEM,0,(LPARAM)&LvItem);
return TRUE;
}
BOOL Install_Thread_ToSub_From_Drv(MY_THREAD_INFO My_Thread_Info,HWND hList,int iSubItem)
{
LVITEM LvItem;
memset(&LvItem,0,sizeof(LvItem));
LvItem.mask=LVIF_TEXT; // Text Style
LvItem.cchTextMax = 256; // Max size of test
LvItem.iItem=iSubItem; // choose item
LvItem.iSubItem=0; // Put in first coluom
WCHAR Temp[256];
swprintf_s(Temp,L"0x%08X",My_Thread_Info.ThreadID);
LvItem.pszText=Temp; // Text to display (can be from a char variable) (Items)
SendMessage(hList,LVM_INSERTITEM,0,(LPARAM)&LvItem); // Send to the Listview
LvItem.iSubItem=1;
swprintf_s(Temp,L"0x%08X",My_Thread_Info.ProcessID);
LvItem.pszText=Temp;
SendMessage(hList,LVM_SETITEM,0,(LPARAM)&LvItem);
LvItem.iSubItem=2;
swprintf_s(Temp,L"%d", My_Thread_Info.CpuRate);
LvItem.pszText=Temp;
SendMessage(hList,LVM_SETITEM,0,(LPARAM)&LvItem);
LvItem.iSubItem=3;
swprintf_s(Temp,L"0x%08X", My_Thread_Info.CpuMask);
LvItem.pszText=Temp;
SendMessage(hList,LVM_SETITEM,0,(LPARAM)&LvItem);
// Retrieve the priority class.
DWORD dwPriorityClass = 0;
HANDLE hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE,(DWORD) My_Thread_Info.ProcessID );
if( hProcess == NULL )
{
DWORD dw=GetLastError();
return FALSE;
}
else
{
dwPriorityClass = GetPriorityClass( hProcess );
CloseHandle( hProcess );
}
LvItem.iSubItem=4;
swprintf_s(Temp,L"0x%08X", dwPriorityClass);
LvItem.pszText=Temp;
SendMessage(hList,LVM_SETITEM,0,(LPARAM)&LvItem);
LvItem.iSubItem=5;
swprintf_s(Temp,L"UNKNOW");
LvItem.pszText=Temp;
SendMessage(hList,LVM_SETITEM,0,(LPARAM)&LvItem);
return TRUE;
}
BOOL GetThread_To_Thread_List(DWORD dwOwnerPID,HWND hList)
{
GetProess((PVOID)pProcessMemory,0x10000);
MY_THREAD_INFO My_Thread_Info_Temp;
PMY_PROCESS_INFO pMy_Process_Info=(PMY_PROCESS_INFO )pProcessMemory;
PMY_THREAD_INFO pMy_Thread_Info=(PMY_THREAD_INFO)(pProcessMemory+0x8000);
ULONG ProcessCount=*(ULONG *)(pProcessMemory+0x8000-sizeof(ULONG));
ULONG ThreadCount=0;
for(ULONG i=0 ;i<ProcessCount ;i++ )
{
if(pMy_Process_Info->ProcessID==dwOwnerPID)
{
pMy_Thread_Info=(PMY_THREAD_INFO)(pMy_Process_Info->ThreadInfos);
for(ULONG j=0;j<pMy_Process_Info->dThreadCount;j++)
{
My_Thread_Info_Temp.ProcessID=pMy_Thread_Info->ProcessID;
My_Thread_Info_Temp.ThreadID=pMy_Thread_Info->ThreadID;
My_Thread_Info_Temp.ThreadCnt=pMy_Thread_Info->ThreadCnt;
My_Thread_Info_Temp.CpuMask=pMy_Thread_Info->CpuMask;
My_Thread_Info_Temp.CpuRate=pMy_Thread_Info->CpuRate;
Install_Thread_ToSub_From_Drv(My_Thread_Info_Temp,hList,j);
pMy_Thread_Info++;
}
break;
}
pMy_Process_Info++;
}
return( TRUE );
}
BOOL GetThread_To_Thread_List_Index(ULONG lIndex,HWND hList)
{
MY_THREAD_INFO My_Thread_Info_Temp;
PMY_PROCESS_INFO pMy_Process_Info=(PMY_PROCESS_INFO )pProcessMemory;
PMY_THREAD_INFO pMy_Thread_Info=(PMY_THREAD_INFO)(pProcessMemory+0x8000);
ULONG ProcessCount=*(ULONG *)(pProcessMemory+0x8000-sizeof(ULONG));
ULONG ThreadCount=0;
pMy_Process_Info=((PMY_PROCESS_INFO )pProcessMemory)+lIndex;
pMy_Thread_Info=(PMY_THREAD_INFO)(pMy_Process_Info->ThreadInfos);
for(ULONG j=0;j<pMy_Process_Info->dThreadCount;j++)
{
My_Thread_Info_Temp.ProcessID=pMy_Thread_Info->ProcessID;
My_Thread_Info_Temp.ThreadID=pMy_Thread_Info->ThreadID;
My_Thread_Info_Temp.ThreadCnt=pMy_Thread_Info->ThreadCnt;
My_Thread_Info_Temp.CpuMask=pMy_Thread_Info->CpuMask;
My_Thread_Info_Temp.CpuRate=pMy_Thread_Info->CpuRate;
Install_Thread_ToSub_From_Drv(My_Thread_Info_Temp,hList,j);
pMy_Thread_Info++;
}
return( TRUE );
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -