独立的函数模块
1. 打印软件监视日志
const DWORD dwBufferSize = MAX_PATH * 2;
TCHAR szMoudleFileName[dwBufferSize] = {0}; GetModuleFileName(0, szMoudleFileName, dwBufferSize);
_tcscat_s(szMoudleFileName, dwBufferSize, _T("\\MyProcessViewer.log"));
VERIFY( g_Log.Open( szModuleFileName ));
2. IsUserAnAdmin 查看用户权限是否是管理员权限
int IsUserAnAdmin()
{
typedef BOOL( __stdcall *CTM ) ( HANDLE, PSID, PBOOL);
CTM CheckTokenMembership;
int bToken, bCheck;
PSID pAdmin;
SID_IDENTIFIER_AUTHORITY sAuthority = SECURITY_NT_AUTHORITY;
HMODULE hAdvapi32 = LoadLibrary( "advapi32" );
if( hAdvapi32 != NULL )
{
CheckTokenMembership = (CTM) GetProcAddress( hAdvapi32, "CheckTokenMembership");
if( CheckTokenMembership != NULL )
{
bToken = AllocateAndInitializeSid( &sAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0, &pAdmin );
if( bToken == 1 )
{
bCheck = CheckTokenMembership( NULL, pAdmin, &bToken );
if( bCheck == 0 )
{
bToken = 1;
}
}
}
}
return bToken ;
}
3. 修改用户系统权限
// IDLE_PRIORITY_CLASS : 空闲 4
// NORMAL_PRIORITY_CLASS : 默认等级 9 或 7
// HIGH_PRIORITY_CLASS : 高等级 13 (资源管理器)
// REALTIME_PRIORITY_CLASS : 实时 24
// ABOVE_NORMAL_PRIORITY_CLASS: 在默认等级和高等级之间( 9 < x < 13)
// BELOW_NORMAL_PRIORITY_CLASS: 低于一般等级
void ChangeProcessPriority()
{
HANDLE hProcessViewerProc = GetCurrentProcess();
// 设置进程优先级
SetPriorityClass( hProcessViewerProc, ABOVE_NORMAL_PRIORITY_CLASS );
// 禁用系统能力暂时提升进程线程的优先级
SetProcessPriorityBoost( hProcessViewerProc, FALSE );
}
4. 获取到电脑的名字
CString m_ComputerName, //电脑名字
m_UserName; //用户名字
DWORD dwComputerNameLength = MAX_COMPUTERNAME_LENGTH + 1;
VERIFY(GetComputerName(m_ComputerName.GetBuffer(dwComputerNameLength), &dwComputerNameLength));
m_ComputerName.ReleaseBuffer();
// 获取用户名
DWORD dwUerNameLength = MAX_PATH;
GetUserName(m_UserName.GetBuffer(dwUerNameLength), &dwUerNameLength);
m_UserName.ReleaseBuffer();
5. 变换窗口
WINDOWPLACEMENT wpPlacement = {0};
wpPlacement.length = sizeof(wpPlacement);
wpPlacement.rcNormalPosition = g_Settings.m_MainWindowRect;
wpPlacement.showCmd = SW_HIDE;
::SetWindowPlacement(GetSafeHwnd(),&wpPlacement);
6. 获取系统根目录
TCHAR szSystemRoot[MAX_PATH];
GetEnvironmentVariable(_T("systemroot"), szSystemRoot, MAX_PATH);
// 编辑驱动路径
CString csName;
csName.Format(_T(";%s\\System32\\Drivers\\"), szSystemRoot);
7. 转换真实句柄
HANDLE GetProcessHandle( const DWORD dwProcessId_i )
{
// 1. to get target process handle (Utils 是一个类)
Utils::AutoHandleMgr ahmProcess( ::OpenProcess( PROCESS_ALL_ACCESS,
FALSE,
dwProcessId_i ));
if( !ahmProcess )
{
// Open process with limited read access
ahmProcess = ::OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ | PROCESS_DUP_HANDLE,
FALSE,
dwProcessId_i );
if( !ahmProcess )
{
return 0;
}
}
// 2. to create duplicated handle for target process at currentprocess
Utils::AutoHandleMgr ahmDuplicateProcHandle;
VERIFY( ::DuplicateHandle( ::GetCurrentProcess(),
ahmProcess,
GetCurrentProcess(),
&ahmDuplicateProcHandle.m_hHandle,
0,
FALSE,
DUPLICATE_SAME_ACCESS));
return ahmDuplicateProcHandle.Detach();
}
8. 获取进程路径
CString GetProcessPath( DWORD idProcess )
{
// 获取进程路径
CString sPath;
// 打开进程句柄
HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION |PROCESS_VM_READ, FALSE, idProcess );
if( NULL != hProcess )
{
HMODULE hMod;
DWORD cbNeeded;
// 获取路径
if( EnumProcessModules( hProcess, &hMod, sizeof( hMod ), &cbNeeded ) )
{
DWORD dw = GetModuleFileNameEx( hProcess, hMod, sPath.
GetBuffer( MAX_PATH ), MAX_PATH );
sPath.ReleaseBuffer();
}
CloseHandle( hProcess );
}
return( sPath );
}
9. 终止进程主函数
void TerminateProcessID(DWORD dwID)
{
HANDLE hProcess = NULL;
//打开进程句柄
hProcess = OpenProcess(PROCESS_TERMINATE,FALSE,dwID);
if(hProcess != NULL)
{
//终止进程
TerminateProcess(hProcess,0);
::CloseHandle(hProcess);
}
}
