《windows任务管理器代码.doc》由会员分享,可在线阅读,更多相关《windows任务管理器代码.doc(58页珍藏版)》请在三一文库上搜索。
1、windows任务管理器代码via windows: 通过NtQuerySystemInfomation Native API 实现sample code:Header: taskmgr.h #include #include #define STATUS_INFO_LENGTH_MISMATCH (NTSTATUS)0xC0000004)typedef LONG NTSTATUS;#define Li2Double(x) (double)(x).HighPart) * 4.294967296E9 + (double)(x).LowPart)/* 2007-10-8 modified by w
2、anfustudio/ if you ll use this code without m$ sdk you should add this definitiontypedef struct _IO_COUNTERS ULONGLONG ReadOperationCount; ULONGLONG WriteOperationCount; ULONGLONG OtherOperationCount; ULONGLONG ReadTransferCount; ULONGLONG WriteTransferCount; ULONGLONG OtherTransferCount; IO_COUNTER
3、S, *PIO_COUNTERS;*/typedef struct _SYSTEM_HANDLE_ENTRY ULONG OwnerPid; BYTE ObjectType; BYTE HandleFlags; USHORT HandleValue; PVOID ObjectPointer; ULONG AccessMask; SYSTEM_HANDLE_ENTRY, *PSYSTEM_HANDLE_ENTRY;typedef struct _SYSTEM_HANDLE_INFORMATION ULONG Count; SYSTEM_HANDLE_ENTRY Handle1; SYSTEM_H
4、ANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;typedef struct _SYSTEM_CACHE_INFORMATION ULONG CurrentSize; ULONG PeakSize; ULONG PageFaultCount; ULONG MinimumWorkingSet; ULONG MaximumWorkingSet; ULONG unused4; SYSTEM_CACHE_INFORMATION, *PSYSTEM_CACHE_INFORMATION;typedef struct _PERFDATA WCHAR ImageN
5、ameMAX_PATH; DWORD ProcessId; WCHAR UserNameMAX_PATH; ULONG SessionId; ULONG CPUUsage; LARGE_INTEGER CPUTime; ULONG WorkingSetSizeBytes; ULONG PeakWorkingSetSizeBytes; ULONG WorkingSetSizeDelta; ULONG PageFaultCount; ULONG PageFaultCountDelta; ULONG VirtualMemorySizeBytes; ULONG PagedPoolUsagePages;
6、 ULONG NonPagedPoolUsagePages; ULONG BasePriority; ULONG HandleCount; ULONG ThreadCount; ULONG USERObjectCount; ULONG GDIObjectCount; IO_COUNTERS IOCounters; LARGE_INTEGER UserTime; LARGE_INTEGER KernelTime; PERFDATA, *PPERFDATA;typedef struct LARGE_INTEGER IdleProcessTime; LARGE_INTEGER IoReadTrans
7、ferCount; LARGE_INTEGER IoWriteTransferCount; LARGE_INTEGER IoOtherTransferCount; ULONG IoReadOperationCount; ULONG IoWriteOperationCount; ULONG IoOtherOperationCount; ULONG AvailablePages; ULONG CommittedPages; ULONG CommitLimit; ULONG PeakCommitment; ULONG PageFaultCount; ULONG CopyOnWriteCount; U
8、LONG TransitionCount; ULONG CacheTransitionCount; ULONG DemandZeroCount; ULONG PageReadCount; ULONG PageReadIoCount; ULONG CacheReadCount; ULONG CacheIoCount; ULONG DirtyPagesWriteCount; ULONG DirtyWriteIoCount; ULONG MappedPagesWriteCount; ULONG MappedWriteIoCount; ULONG PagedPoolPages; ULONG NonPa
9、gedPoolPages; ULONG PagedPoolAllocs; ULONG PagedPoolFrees; ULONG NonPagedPoolAllocs; ULONG NonPagedPoolFrees; ULONG FreeSystemPtes; ULONG ResidentSystemCodePage; ULONG TotalSystemDriverPages; ULONG TotalSystemCodePages; ULONG NonPagedPoolLookasideHits; ULONG PagedPoolLookasideHits; ULONG Spare3Count
10、; ULONG ResidentSystemCachePage; ULONG ResidentPagedPoolPage; ULONG ResidentSystemDriverPage; ULONG CcFastReadNoWait; ULONG CcFastReadWait; ULONG CcFastReadResourceMiss; ULONG CcFastReadNotPossible; ULONG CcFastMdlReadNoWait; ULONG CcFastMdlReadWait; ULONG CcFastMdlReadResourceMiss; ULONG CcFastMdlR
11、eadNotPossible; ULONG CcMapDataNoWait; ULONG CcMapDataWait; ULONG CcMapDataNoWaitMiss; ULONG CcMapDataWaitMiss; ULONG CcPinMappedDataCount; ULONG CcPinReadNoWait; ULONG CcPinReadWait; ULONG CcPinReadNoWaitMiss; ULONG CcPinReadWaitMiss; ULONG CcCopyReadNoWait; ULONG CcCopyReadWait; ULONG CcCopyReadNo
12、WaitMiss; ULONG CcCopyReadWaitMiss; ULONG CcMdlReadNoWait; ULONG CcMdlReadWait; ULONG CcMdlReadNoWaitMiss; ULONG CcMdlReadWaitMiss; ULONG CcReadAheadIos; ULONG CcLazyWriteIos; ULONG CcLazyWritePages; ULONG CcDataFlushes; ULONG CcDataPages; ULONG ContextSwitches; ULONG FirstLevelTbFills; ULONG Second
13、LevelTbFills; ULONG SystemCalls; SYSTEM_PERFORMANCE_INFORMATION;typedef struct _SYSTEM_TIMEOFDAY_INFORMATION LARGE_INTEGER BootTime; LARGE_INTEGER CurrentTime; LARGE_INTEGER TimeZoneBias; ULONG TimeZoneId; ULONG Reserved; SYSTEM_TIMEOFDAY_INFORMATION, *PSYSTEM_TIMEOFDAY_INFORMATION;/include sys head
14、ertypedef struct _THREAD_INFO LARGE_INTEGER CreateTime; DWORD dwUnknown1; DWORD dwStartAddress; DWORD StartEIP; DWORD dwOwnerPID; DWORD dwThreadId; DWORD dwCurrentPriority; DWORD dwBasePriority; DWORD dwContextSwitches; DWORD Unknown; DWORD WaitReason; THREADINFO, *PTHREADINFO;typedef struct _UNICOD
15、E_STRING USHORT Length; USHORT MaxLength; PWSTR Buffer; UNICODE_STRING;typedef struct _SYSTEM_PROCESS_INFORMATION ULONG NextEntryOffset; ULONG NumberOfThreads; LARGE_INTEGER SpareLi1; LARGE_INTEGER SpareLi2; LARGE_INTEGER SpareLi3; LARGE_INTEGER CreateTime; LARGE_INTEGER UserTime; LARGE_INTEGER Kern
16、elTime; UNICODE_STRING ImageName; DWORD BasePriority; DWORD UniqueProcessId; DWORD InheritedFromUniqueProcessId; ULONG HandleCount; ULONG SessionId; ULONG PageDirectoryFrame; / / This part corresponds to VM_COUNTERS_EX. / NOTE: *NOT* THE SAME AS VM_COUNTERS! / ULONG PeakVirtualSize; ULONG VirtualSiz
17、e; ULONG PageFaultCount; ULONG PeakWorkingSetSize; ULONG WorkingSetSize; ULONG QuotaPeakPagedPoolUsage; ULONG QuotaPagedPoolUsage; ULONG QuotaPeakNonPagedPoolUsage; ULONG QuotaNonPagedPoolUsage; ULONG PagefileUsage; ULONG PeakPagefileUsage; ULONG PrivateUsage; / / This part corresponds to IO_COUNTER
18、S / LARGE_INTEGER ReadOperationCount; LARGE_INTEGER WriteOperationCount; LARGE_INTEGER OtherOperationCount; LARGE_INTEGER ReadTransferCount; LARGE_INTEGER WriteTransferCount; LARGE_INTEGER OtherTransferCount; THREADINFO TH1; SYSTEM_PROCESS_INFORMATION, *PSYSTEM_PROCESS_INFORMATION;typedef struct _SY
19、STEM_PROCESSOR_PERFORMANCE_INFORMATION LARGE_INTEGER IdleTime; LARGE_INTEGER KernelTime; LARGE_INTEGER UserTime; LARGE_INTEGER DpcTime; LARGE_INTEGER InterruptTime; ULONG InterruptCount; SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION, *PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION;typedef struct _SYSTEM_BASIC
20、_INFORMATION ULONG Reserved; ULONG TimerResolution; ULONG PageSize; ULONG NumberOfPhysicalPages; ULONG LowestPhysicalPageNumber; ULONG HighestPhysicalPageNumber; ULONG AllocationGranularity; ULONG MinimumUserModeAddress; ULONG MaximumUserModeAddress; ULONG ActiveProcessorsAffinityMask; CCHAR NumberO
21、fProcessors; SYSTEM_BASIC_INFORMATION, *PSYSTEM_BASIC_INFORMATION;typedef enum _SYSTEM_INFORMATION_CLASS SystemBasicInformation = 0, SystemCpuInformation = 1, SystemPerformanceInformation = 2, SystemTimeOfDayInformation = 3, /* was SystemTimeInformation */ Unknown4, SystemProcessInformation = 5, Unk
22、nown6, Unknown7, SystemProcessorPerformanceInformation = 8, Unknown9, Unknown10, SystemModuleInformation = 11, Unknown12, Unknown13, Unknown14, Unknown15, SystemHandleInformation = 16, Unknown17, SystemPageFileInformation = 18, Unknown19, Unknown20, SystemCacheInformation = 21, Unknown22, SystemInte
23、rruptInformation = 23, SystemDpcBehaviourInformation = 24, SystemFullMemoryInformation = 25, SystemNotImplemented6 = 25, SystemLoadImage = 26, SystemUnloadImage = 27, SystemTimeAdjustmentInformation = 28, SystemTimeAdjustment = 28, SystemSummaryMemoryInformation = 29, SystemNotImplemented7 = 29, Sys
24、temNextEventIdInformation = 30, SystemNotImplemented8 = 30, SystemEventIdsInformation = 31, SystemCrashDumpInformation = 32, SystemExceptionInformation = 33, SystemCrashDumpStateInformation = 34, SystemKernelDebuggerInformation = 35, SystemContextSwitchInformation = 36, SystemRegistryQuotaInformatio
25、n = 37, SystemCurrentTimeZoneInformation = 44, SystemTimeZoneInformation = 44, SystemLookasideInformation = 45, SystemSetTimeSlipEvent = 46, SystemCreateSession = 47, SystemDeleteSession = 48, SystemInvalidInfoClass4 = 49, SystemRangeStartInformation = 50, SystemVerifierInformation = 51, SystemAddVe
26、rifier = 52, SystemSessionProcessesInformation = 53, SystemInformationClassMax SYSTEM_INFORMATION_CLASS, *PSYSTEM_INFORMATION_CLASS;Source: taskmgr.cpp/*/ 获取任务管理器显示的所有数据/ Author: lwf/ E-MAIL: / */#include taskmgr.h#include TCHAR.H#include iostream.hCRITICAL_SECTION PerfDataCriticalSection;PPERFDATA
27、 pPerfDataOld = NULL; /* Older perf data (saved to establish delta values) */PPERFDATA pPerfData = NULL; /* Most recent copy of perf data */ULONG ProcessCountOld = 0;ULONG ProcessCount = 0;double dbIdleTime;double dbKernelTime;double dbSystemTime;LARGE_INTEGER liOldIdleTime = 0,0;double OldKernelTim
28、e = 0;LARGE_INTEGER liOldSystemTime = 0,0;SYSTEM_PERFORMANCE_INFORMATION SystemPerfInfo;SYSTEM_BASIC_INFORMATION SystemBasicInfo;SYSTEM_CACHE_INFORMATION SystemCacheInfo;SYSTEM_HANDLE_INFORMATION SystemHandleInfo;PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION SystemProcessorTimeInfo = NULL;PSID SystemUse
29、rSid = NULL;typedef LONG (WINAPI *PROCNTQSI)(DWORD,PVOID,ULONG,PULONG);/指向Native API NtQuerySystemInformationPROCNTQSI NtQuerySystemInformation = NULL; /取系统性能函数BOOL PerfDataInitialize(void) SID_IDENTIFIER_AUTHORITY NtSidAuthority = SECURITY_NT_AUTHORITY; NTSTATUS status; InitializeCriticalSection(&P
30、erfDataCriticalSection); NtQuerySystemInformation = (long(_stdcall*)(DWORD,PVOID,DWORD,DWORD*) GetProcAddress( GetModuleHandle( ntdll.dll ), NtQuerySystemInformation ); /* * Get number of processors in the system */ status = NtQuerySystemInformation(SystemBasicInformation, &SystemBasicInfo, sizeof(S
31、ystemBasicInfo), NULL); if (status != NO_ERROR) return FALSE; /* * Create the SYSTEM Sid */ AllocateAndInitializeSid(&NtSidAuthority, 1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, &SystemUserSid); return TRUE;void PerfDataUninitialize(void) DeleteCriticalSection(&PerfDataCriticalSection); if (S
32、ystemUserSid != NULL) FreeSid(SystemUserSid); SystemUserSid = NULL; static void SidToUserName(PSID Sid, LPTSTR szBuffer, DWORD BufferSize) static TCHAR szDomainNameUnused255; DWORD DomainNameLen = sizeof(szDomainNameUnused) / sizeof(szDomainNameUnused0); SID_NAME_USE Use; if (Sid != NULL) LookupAcco
33、untSid(NULL, Sid, szBuffer, &BufferSize, szDomainNameUnused, &DomainNameLen, &Use);void PerfDataRefresh(void) ULONG ulSize; NTSTATUS status; LPBYTE pBuffer; ULONG BufferSize; PSYSTEM_PROCESS_INFORMATION pSPI; PPERFDATA pPDOld; ULONG Idx, Idx2; HANDLE hProcess; HANDLE hProcessToken; SYSTEM_PERFORMANC
34、E_INFORMATION SysPerfInfo; SYSTEM_TIMEOFDAY_INFORMATION SysTimeInfo; /SYSTEM_CACHE_INFORMATION SysCacheInfo; LPBYTE SysHandleInfoData; PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION SysProcessorTimeInfo; double CurrentKernelTime; PSECURITY_DESCRIPTOR ProcessSD; PSID ProcessUser; ULONG Buffer64; /* must b
35、e 4 bytes aligned! */ /* Get new system time */ status = NtQuerySystemInformation(SystemTimeOfDayInformation, &SysTimeInfo, sizeof(SysTimeInfo), 0); if (status != NO_ERROR) return; /* Get new CPUs idle time */ status = NtQuerySystemInformation(SystemPerformanceInformation, &SysPerfInfo, sizeof(SysPe
36、rfInfo), NULL); if (status != NO_ERROR) return; /* Get system cache information */ /* status = NtQuerySystemInformation(SystemFileCacheInformation, &SysCacheInfo, sizeof(SysCacheInfo), NULL); if (status != NO_ERROR) return; */ /* Get processor time information */ SysProcessorTimeInfo = (PSYSTEM_PROC
37、ESSOR_PERFORMANCE_INFORMATION)HeapAlloc(GetProcessHeap(), 0, sizeof(SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION) * SystemBasicInfo.NumberOfProcessors); status = NtQuerySystemInformation(SystemProcessorPerformanceInformation, SysProcessorTimeInfo, sizeof(SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION) * Syste
38、mBasicInfo.NumberOfProcessors, &ulSize); if (status != NO_ERROR) return; /* Get handle information * We dont know how much data there is so just keep * increasing the buffer size until the call succeeds */ BufferSize = 0; do BufferSize += 0x10000; SysHandleInfoData = (LPBYTE)HeapAlloc(GetProcessHeap
39、(), 0, BufferSize); status = NtQuerySystemInformation(SystemHandleInformation, SysHandleInfoData, BufferSize, &ulSize); if (status = STATUS_INFO_LENGTH_MISMATCH) HeapFree(GetProcessHeap(), 0, SysHandleInfoData); while (status = STATUS_INFO_LENGTH_MISMATCH); /* Get process information * We dont know how much data there is so just keep * increasing the buffer size until the call succeeds */ BufferSize = 0; do BufferSize += 0x10000; pBuffer = (LPBYTE)HeapAlloc(GetProcessHeap(), 0, BufferSize); status = NtQuerySystemInformation(SystemProcessInformation, pBuffer,