系统相关功能开发（四）-应用程序操作

1.禁止程序重复运行

// CAppOperSampleApp initializationconst char* MyClassName = "CAppOperSampleDlg";BOOL CAppOperSampleApp::InitInstance(){AfxEnableControlContainer();HANDLE hMutex = CreateMutex(NULL, TRUE, MyClassName);if(GetLastError() == ERROR_ALREADY_EXISTS) {AfxMessageBox("程序已经在运行，退出！");return FALSE;}// Standard initialization// If you are not using these features and wish to reduce the size//  of your final executable, you should remove from the following//  the specific initialization routines you do not need.#ifdef _AFXDLLEnable3dControls();// Call this when using MFC in a shared DLL#elseEnable3dControlsStatic();// Call this when linking to MFC statically#endifCAppOperSampleDlg dlg;m_pMainWnd = &dlg;int nResponse = dlg.DoModal();if (nResponse == IDOK){// TODO: Place code here to handle when the dialog is//  dismissed with OK}else if (nResponse == IDCANCEL){// TODO: Place code here to handle when the dialog is//  dismissed with Cancel}CloseHandle(hMutex);// Since the dialog has been closed, return FALSE so that we exit the//  application, rather than start the application's message pump.return FALSE;}

2.如何确定应用程序没有响应

typedef BOOL  (WINAPI *PROCISHUNGAPPWINDOW)   (HWND); void CAppOperSampleDlg::OnButtonIsResponse()// 确定应用程序没有响应{    PROCISHUNGAPPWINDOW  IsHungAppWindow;  HMODULE hUser32=GetModuleHandle("user32");   IsHungAppWindow = (PROCISHUNGAPPWINDOW)GetProcAddress(hUser32,"IsHungAppWindow"); CString szAppName = "Notepad";HWND hWnd = ::FindWindow(szAppName, NULL);if (hWnd){if (IsHungAppWindow(hWnd))            WriteLog("%s程序没有响应", szAppName);else            WriteLog("%s程序有响应", szAppName);}else        WriteLog("%s程序没有运行", szAppName);}

3.检索任务管理器中的任务列表

调用EnumWindows函数可以枚举当前系统中屏幕上所有的顶层级别对话框。并且通过回调函数，处理每次枚举出来的对话框信息。

void CAppOperSampleDlg::OnButtonListtask()// 检索任务管理器中的任务列表{::EnumWindows((WNDENUMPROC)enumProcFunc,(LPARAM)this);}BOOL CALLBACK CAppOperSampleDlg::enumProcFunc(HWND hWnd, LPARAM lParam){CAppOperSampleDlg * pDlg = (CAppOperSampleDlg*)lParam;TCHAR szTitle[MAX_PATH] = {0};if (hWnd == NULL)  return FALSE;if (hWnd == pDlg->m_hWnd) return TRUE;if (::IsWindow(hWnd) && ::IsWindowVisible(hWnd) && ((GetWindowLong(hWnd, GWL_EXSTYLE)&WS_EX_TOOLWINDOW)!=WS_EX_TOOLWINDOW) &&(GetWindowLong(hWnd, GWL_HWNDPARENT)==0)){memset(szTitle, 0x00, sizeof(szTitle));::GetWindowText(hWnd, szTitle, sizeof(szTitle));if (strlen(szTitle) == 0)    return TRUE;DWORD dwProcessID = 0;::GetWindowThreadProcessId(hWnd,&dwProcessID);pDlg->WriteLog("%s \t\t进程ID=%X\n", szTitle, dwProcessID);}    return TRUE;}

4.判断某个程序是否运行

void CAppOperSampleDlg::OnButtonIfRunning()// 判断某个程序是否运行{BOOL bRunning = FALSE;// 定义变量标识程序是否正在运行中CString szAppName="C:\\Windows\\Notepad.exe";HANDLE   hPS;// 进程快照句柄PROCESSENTRY32   pe;// 进程条目变量hPS = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);// 创建进程快照      if (hPS==INVALID_HANDLE_VALUE)   return;// 创建失败，返回memset(&pe,0,sizeof(pe));// 初始化PROCESSENTRY32结构    pe.dwSize=sizeof(PROCESSENTRY32);// 为dwSize赋值if (Process32First(hPS, &pe))// 检索第一个进程{do   {if (szAppName.CompareNoCase(pe.szExeFile))// 比较是否是要判断的应用程序{bRunning = TRUE;// 如果是，赋值变量break;// 退出循环} }   while(Process32Next(hPS,&pe));// 检索下一个进程 }     CloseHandle(hPS);// 关闭快照句柄               if (bRunning)        WriteLog("程序%s正在运行......", szAppName);// 输出成功信息else        WriteLog("程序%s没有运行。", szAppName);// 输出失败信息}

5.怎样在程序中执行DOS命令

void CAppOperSampleDlg::OnButtonRunCopydos()// 在程序中执行DOS命令{system("copy C:\\1.txt D:\\");}

6.修改其他进程中对话框的标题

void CAppOperSampleDlg::OnButtonUpdateTitle()// 修改其他进程中对话框的标题{HWND hWnd = ::FindWindow("Notepad", NULL);if (hWnd)        ::SetWindowText(hWnd, "这是从AppOperSampleDlg程序中修改后的标题");}

7.如何设计换肤程序

8.PE档案格式分析

void CAppOperSampleDlg::OnButtonPeparser()// PE档案格式分析{char szFile[MAX_PATH]={0};// 要解析的PE文件名strcpy(szFile, "user32.dll");// 解析user32.dll文件LOADED_IMAGE li;// 信息结构变量if (!MapAndLoad(szFile, 0, &li, FALSE, TRUE))// 装载PE文件{WriteLog("PE档案格式分析--MapAndLoad错误");// 装载失败，显示错误信息return;// 并返回}// 分析装载的PE映射的基本信息WriteLog("模块名称=%s\r\n文件句柄=%d\r\n映射地址=%08X\r\n字符集=%08X\r\n档案大小=%d\r\n映射%s是内核模式下的可执行映射\r\n映射%s是16位可执行映射\r\nLinks=%08X-%08X\r\n映射大小=%u\r\n", li.ModuleName, li.hFile,li.MappedAddress, li.Characteristics, li.SizeOfImage,li.fSystemImage ? "" : "不", li.fDOSImage ? "" : "不", li.Links.Blink, li.Links.Flink, li.SizeOfImage);PIMAGE_NT_HEADERS ntHeader = li.FileHeader;// 获取NT头结构变量WriteLog("NT头信息FileHeader=%08X\r\n", ntHeader->FileHeader);// 输出NT头信息    WriteLog("共有%d个COFF个段头", li.NumberOfSections);// 输出COFF段数量        for (int i = 0;i < (int)li.NumberOfSections;i++)// 循环输出每段信息    {PIMAGE_SECTION_HEADER psHeader = (PIMAGE_SECTION_HEADER)&li.Sections[i];// 获取第i个段WriteLog("第%d个COFF个段头信息名称=%s", i, psHeader->Name);// 输出段名称}    if (UnMapAndLoad(&li))WriteLog("成功卸载%s档案文件", szFile);// 卸载档案文件else WriteLog("卸载%s档案文件失败", szFile);// 输出错误信息}

9.修改应用程序图标

void CAppOperSampleDlg::OnButtonReplaceicon()// 修改应用程序图标{HICON hIconNew=AfxGetApp()->LoadIcon(IDI_ICON_TEST);if(hIconNew != NULL){HWND hWnd = ::FindWindow("Notepad", NULL);if (hWnd != NULL)            ::SendMessage(hWnd, WM_SETICON, ICON_SMALL, (LPARAM)hIconNew);}}

10.列举应用程序使用的DLL文件

快照系列函数

void CAppOperSampleDlg::OnButtonExeusedlls()// 列举应用程序使用的dll文件{HANDLE hModule = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, 0);// 创建进程使用的模块快照if (hModule == NULL)// 如果创建失败，则{WriteLog( "调用函数CreateToolhelp32Snapshot失败" );// 显示错误信息return;// 并返回}WriteLog( "当前进程调用的dll文件有:" );// 显示提示信息MODULEENTRY32 me;// 定义模块信息变量BOOL bResult = Module32First( hModule,  &me );// 获取快照中的第一个模块while (bResult)// 循环处理模块{WriteLog( me.szExePath );// 输出模块文件名bResult = Module32Next( hModule,  &me );// 获取下一个模块}CloseHandle( hModule );// 关闭模块快照句柄}

11.调用具有命令行参数的应用程序

void CAppOperSampleDlg::OnButtonExecCommand()// 调用具有命令行参数的应用程序{WinExec("AddSample.exe 4 6", SW_SHOWNORMAL);// 执行自定义程序AddSample}

12.在程序中调用一个子进程直到结束

void CAppOperSampleDlg::OnButtonWaitprocess()// 在程序中调用一个子进程直到其结束{WriteLog("调用计算器程序......");// 显示提示信息STARTUPINFO si={0};// 定义启动信息变量PROCESS_INFORMATION pi;// 定义进程信息变量si.cb = sizeof(si);// 赋值进程结构大小if(CreateProcess(NULL,"calc.exe",NULL,NULL,FALSE,0,NULL,NULL,&si,&pi)) // 启动程序{WaitForSingleObject(pi.hProcess,INFINITE);// 等待程序返回WriteLog("计算器程序正常结束.");// 显示结果信息}}

13.保存应用程序图标

void CAppOperSampleDlg::OnButtonSaveicon() {SHFILEINFO  fi;LPVOID lpGMem= GlobalLock(fi.hIcon);if(!::SHGetFileInfo("c:\\Windows\\System32\\calc.exe",0, &fi,sizeof(SHFILEINFO),SHGFI_ICON | SHGFI_SMALLICON)){WriteLog("获取应用程序图标失败。");return;}SendDlgItemMessage (IDC_BUTTON_ICON, BM_SETIMAGE, (WPARAM)IMAGE_ICON, (LPARAM)(HICON)fi.hIcon);PICONINFO pi;BOOL bResult = GetIconInfo(fi.hIcon, pi);CDC dc;DWORD  dwSize= GlobalSize(fi.hIcon);UINT   uiSize;OFSTRUCT  of;    int fh = OpenFile ("SavedAppIcon.ico", &of, OF_WRITE | OF_CREATE);    if (fh != -1)      {uiSize = _lwrite(fh, (LPSTR)lpGMem, (UINT)dwSize);_lclose(fh);WriteLog("保存应用程序图标到SavedAppIcon.ico文件成功。文件大小=%d", dwSize);}if (!SUCCEEDED(CoInitialize(NULL))) {WriteLog("初始化OLE组件失败。");return;}//IUnknown*   pUnk;/*IFilterGraph *pfg=NULL;if (!SUCCEEDED(CoCreateInstance(CLSID_FilterGraph, NULL, CLSCTX_INPROC, IID_IGraphBuilder,(void**)&pfg))){*//*IPicture* pPicture;if (SUCCEEDED(pUnk->QueryInterface(IID_IPicture, (void**)&pPicture))){IStorage* pStorage=NULL;if (SUCCEEDED(::StgCreateDocfile(L"GetAppIcon", STGM_SHARE_EXCLUSIVE|STGM_CREATE|STGM_READWRITE,                                   0,   &pStorage))){IStream* pStream = NULL;                              if(SUCCEEDED(pStorage->CreateStream(L"PICTURE",                        STGM_SHARE_EXCLUSIVE|STGM_CREATE|STGM_READWRITE, 0,0,&pStream)))                {                       pPicture->SaveAsFile(pStream, TRUE, NULL);                       pStream->Release();  WriteLog("保存应用程序图标成功");                }                   pStorage->Release();   }pPicture->Release();}*///}}