169 lines
4.4 KiB
C++
169 lines
4.4 KiB
C++
// GetProcessInfo.cpp: implementation of the CGetProcessInfo class.
|
||
//
|
||
//////////////////////////////////////////////////////////////////////
|
||
|
||
#include "geomative.h"
|
||
#include "GetProcessInfo.h"
|
||
#include <tlhelp32.h>
|
||
#ifdef _DEBUG
|
||
#undef THIS_FILE
|
||
static char THIS_FILE[]=__FILE__;
|
||
#define new DEBUG_NEW
|
||
#endif
|
||
|
||
#ifndef PSAPI_VERSION
|
||
#define PSAPI_VERSION 1
|
||
#endif
|
||
|
||
#include <Psapi.h>
|
||
#pragma comment (lib,"Psapi.lib")
|
||
|
||
#define ProcessBasicInformation 0
|
||
|
||
//////////////////////////////////////////////////////////////////////
|
||
// Construction/Destruction
|
||
//////////////////////////////////////////////////////////////////////
|
||
|
||
CGetProcessInfo* CGetProcessInfo::m_pGetProcessInfo = NULL;
|
||
|
||
CGetProcessInfo::CGetProcessInfo()
|
||
{
|
||
|
||
}
|
||
|
||
CGetProcessInfo::~CGetProcessInfo()
|
||
{
|
||
if (m_pGetProcessInfo)
|
||
{
|
||
delete m_pGetProcessInfo;
|
||
}
|
||
|
||
}
|
||
|
||
|
||
|
||
CGetProcessInfo* CGetProcessInfo::CreateInstance()
|
||
{
|
||
if (NULL == m_pGetProcessInfo)
|
||
{
|
||
m_pGetProcessInfo = new CGetProcessInfo();
|
||
}
|
||
return m_pGetProcessInfo;
|
||
}
|
||
|
||
DWORD CGetProcessInfo :: GetProcessIdFromName(CString strProcessName, DWORD &dwParentProcessId)
|
||
{
|
||
DWORD dwProcessID =0;
|
||
|
||
//进行一个进程快照
|
||
HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
|
||
if (hProcessSnap == INVALID_HANDLE_VALUE)
|
||
{
|
||
OutputDebugString(_T("进程快照失败!"));
|
||
return FALSE;
|
||
}
|
||
|
||
PROCESSENTRY32 pe;
|
||
pe.dwSize = sizeof(pe);
|
||
BOOL bProcess = Process32First(hProcessSnap,&pe);
|
||
while (bProcess)
|
||
{
|
||
if (strProcessName.CompareNoCase(pe.szExeFile) == 0)
|
||
{
|
||
dwProcessID = pe.th32ProcessID;
|
||
dwParentProcessId = pe.th32ParentProcessID; //pe结构中包含有父进程的ID
|
||
}
|
||
bProcess = Process32Next(hProcessSnap,&pe);
|
||
}
|
||
|
||
CloseHandle(hProcessSnap);
|
||
|
||
return dwProcessID;
|
||
}
|
||
|
||
DWORD CGetProcessInfo :: GetParentProcessId(DWORD dwChildProcessId)
|
||
{
|
||
//NtQueryInformationProcess函数的使用需要加载进ntdll.dll
|
||
PROCNTQSIP NtQueryInformationProcess = (PROCNTQSIP)GetProcAddress(GetModuleHandle(_T("ntdll.dll")), "NtQueryInformationProcess");
|
||
|
||
if(!NtQueryInformationProcess)
|
||
{
|
||
OutputDebugString(_T("ntdll.dll中检索NtQueryInformationProcess失败!"));
|
||
}
|
||
|
||
DWORD dwParentProcessId = 0;
|
||
LONG status;
|
||
PROCESS_BASIC_INFORMATION pbi;
|
||
|
||
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,dwChildProcessId);
|
||
if (!hProcess)
|
||
{
|
||
OutputDebugString(_T("OpenProcess Error!"));
|
||
return FALSE;
|
||
}
|
||
|
||
status = NtQueryInformationProcess( hProcess, ProcessBasicInformation, (PVOID)&pbi, sizeof(PROCESS_BASIC_INFORMATION), NULL);
|
||
|
||
if (!status)
|
||
{
|
||
dwParentProcessId = (DWORD)pbi.InheritedFromUniqueProcessId;
|
||
CString strParentID;
|
||
strParentID.Format(_T("%d"), dwParentProcessId);
|
||
OutputDebugString(_T("ParentProcessID:")+strParentID);
|
||
}
|
||
|
||
return dwParentProcessId;
|
||
}
|
||
|
||
CString CGetProcessInfo :: GetProcessNameFromId(DWORD dwProcessId)
|
||
{
|
||
CString strProcessName;
|
||
HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION|PROCESS_VM_READ, FALSE, dwProcessId);
|
||
if (NULL != hProcess )
|
||
{
|
||
|
||
HMODULE hMod;
|
||
DWORD cbNeeded;
|
||
if ( EnumProcessModules( hProcess, &hMod, sizeof(hMod), &cbNeeded) )
|
||
{
|
||
GetModuleBaseName( hProcess, hMod, strProcessName.GetBuffer(MAX_PATH), MAX_PATH);
|
||
strProcessName.ReleaseBuffer();
|
||
}
|
||
}
|
||
return strProcessName;
|
||
}
|
||
|
||
|
||
DWORD CGetProcessInfo :: GetSpcialProcessIdFromName(CString strProcessName, DWORD dwParentProcessId)
|
||
{
|
||
DWORD dwProcessID =0;
|
||
|
||
//进行一个进程快照
|
||
HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
|
||
if (hProcessSnap == INVALID_HANDLE_VALUE)
|
||
{
|
||
OutputDebugString(_T("进程快照失败!"));
|
||
return FALSE;
|
||
}
|
||
|
||
PROCESSENTRY32 pe;
|
||
pe.dwSize = sizeof(pe);
|
||
BOOL bProcess = Process32First(hProcessSnap,&pe);
|
||
CString strInfo = _T("");
|
||
while (bProcess)
|
||
{
|
||
if (strProcessName.CompareNoCase(pe.szExeFile) == 0)
|
||
{
|
||
if (dwParentProcessId == pe.th32ParentProcessID)
|
||
{
|
||
dwProcessID = pe.th32ProcessID;
|
||
break;
|
||
}
|
||
}
|
||
bProcess = Process32Next(hProcessSnap,&pe);
|
||
}
|
||
|
||
CloseHandle(hProcessSnap);
|
||
|
||
return dwProcessID;
|
||
}
|