进程管理

创建进程示例：

void CProcessManageDlg::OnButtonCreate() {    // TODO: Add your control notification handler code here    PROCESS_INFORMATION pi = {0};    STARTUPINFO si = {0};    si.cb = sizeof(STARTUPINFO);    BOOL bRet = CreateProcess("c:\\windows\\system32\\notepad.exe",                                NULL, NULL, NULL, FALSE, NULL, NULL, NULL, &si, &pi);    if(bRet == FALSE)    {           AfxMessageBox("CreateProcess Error!\n");        return;    }    CloseHandle(pi.hThread);    CloseHandle(pi.hProcess);}

进程枚举：

void CProcessManageDlg::ShowProcess(){    m_ProcessList.DeleteAllItems();    HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); //对当前系统中的进程进行一个快照    if(hSnap == NULL)    {        AfxMessageBox("CreateToolhelp32Snapshot Fail!");        return;    }    PROCESSENTRY32 Pe32 = {0};    Pe32.dwSize = sizeof(PROCESSENTRY32);    BOOL bRet = Process32First(hSnap, &Pe32);    int i = 0;    CString strTmp;    while(bRet)    {        strTmp.Format("%d", i);        m_ProcessList.InsertItem(i, strTmp);        m_ProcessList.SetItemText(i, 1, Pe32.szExeFile);  //进程名        bRet = Process32Next(hSnap, &Pe32);        i++;    }}

枚举指定进程中加载DLL

//枚举指定进程中加载DLL代码void CProcessManageDlg::OnButtonDll() {    // TODO: Add your control notification handler code here    DebugPrivilege();    m_ModleList.DeleteAllItems();    DWORD nPid = GetSelectPid();    MODULEENTRY32 Me32 = {0};    Me32.dwSize = sizeof(MODULEENTRY32);    HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, nPid);    if(hSnap == NULL)    {        AfxMessageBox("CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, nPid) Faile!");        return;    }    BOOL bRet = Module32First(hSnap, &Me32);    int i = 0;    CString strTmp;    while(bRet)    {        strTmp.Format("%d", i);        m_ModleList.InsertItem(i, strTmp);        m_ModleList.SetItemText(i, 1, Me32.szModule);  //DLL名        m_ModleList.SetItemText(i, 2, Me32.szExePath);  //DLL路径        bRet = Module32Next(hSnap, &Me32);        i++;    }}

调整进程权限

//调整权限void CProcessManageDlg::DebugPrivilege(){    HANDLE hToken = NULL;    BOOL bRet = OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &hToken); //打开当前进程的访问令牌    if(bRet == TRUE)    {        TOKEN_PRIVILEGES tp;        tp.PrivilegeCount = 1;  //指定特权数组的个数(因为下一个参数是一个数组)        LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tp.Privileges[0].Luid);  //取得描述权限的LUID        tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;        AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(tp), NULL, NULL); //调整访问令牌的权限        CloseHandle(hToken);    }}

获得进程ID

DWORD CProcessManageDlg::GetSelectPid(){    POSITION pos = m_ProcessList.GetFirstSelectedItemPosition();    int nSelected = -1;    while(pos)    {        nSelected = m_ProcessList.GetNextSelectedItem(pos);    }    //获取选中的进程名    char szProcessName[MAXBYTE] = {0};    m_ProcessList.GetItemText(nSelected, 1, szProcessName, MAXBYTE);    //获取当前进程快照    HANDLE  snapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0 );    //查询进程    PROCESSENTRY32  processInfo;    CString strProcessName = "";    DWORD nProcessID = 0;    int nProcessTerminate = 0;    //这句很重要，否则就无法获取到进程信息    processInfo.dwSize = sizeof( PROCESSENTRY32 );    //获取第一个进程    BOOL status = Process32First( snapShot, &processInfo );    while( status )    {       //获取进程名字       strProcessName = processInfo.szExeFile;       //查询比较是否选中的进程       if( strProcessName.CompareNoCase( szProcessName ) == 0 )       {            //获取进程ID           nProcessID = processInfo.th32ProcessID;           break;       }       //获取下一个进程       status = Process32Next( snapShot, &processInfo );        }    return nProcessID;}

结束进程

void CProcessManageDlg::OnButtonEnd() {    // TODO: Add your control notification handler code here    DWORD nPid = GetSelectPid();  //获得进程ID    HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, nPid);  //打开该进程，得到该进程的句柄    if(handle == NULL)    {        AfxMessageBox("获取进程句柄失败！");        return;    }    TerminateProcess(handle, 0);  //结束进程    AfxMessageBox("结束进程成功！");    CloseHandle(handle);}

暂停进程

void CProcessManageDlg::OnButtonSuspend() {    // TODO: Add your control notification handler code here    int nPid = GetSelectPid();    HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, nPid);    if(hSnap == INVALID_HANDLE_VALUE)    {        AfxMessageBox("CreateToolhelp32Snapshot(TH32CS_SNAPTHEAD, nPid) Error");        return;    }    THREADENTRY32 Te32 = {0};    Te32.dwSize = sizeof(THREADENTRY32);    BOOL bRet = Thread32First(hSnap, &Te32);    while(bRet)    {        if(Te32.th32OwnerProcessID == nPid)        {            HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, Te32.th32ThreadID);            SuspendThread(hThread);  //暂停进程            CloseHandle(hThread);        }        bRet = Thread32Next(hSnap, &Te32);    }}

恢复进程

void CProcessManageDlg::OnButtonRestore() {    // TODO: Add your control notification handler code here    int nPid = GetSelectPid();    HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, nPid);    if(hSnap == INVALID_HANDLE_VALUE)    {        AfxMessageBox("CreateToolhelp32Snapshot(TH32CS_SNAPTHEAD, nPid) Error");        return;    }    THREADENTRY32 Te32 = {0};    Te32.dwSize = sizeof(THREADENTRY32);    BOOL bRet = Thread32First(hSnap, &Te32);    while(bRet)    {        if(Te32.th32OwnerProcessID == nPid)        {            HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, Te32.th32ThreadID);            ResumeThread(hThread);  //恢复进程            CloseHandle(hThread);        }        bRet = Thread32Next(hSnap, &Te32);    }}