http://www.csdn.net/develop/read_article.asp?id=13322
解决方案 »
- 请问rar提供的用于解压的unrar.dll可否实现解压进度的控制??
- 为什么没进入onTimer
- 一个即将毕业的本科生,请前辈们进来指点下。
- 问一个查找进程的问题?急!!
- 关于透明位图按钮的问题
- 紧急求助,如何在资源管理器中的目录树(tree)上增加一个节点(和控制面板同一级),节点如同“我的文档”一样,指向某个目录?
- 帮帮忙!VC++下的Socket Link Error???
- CListView的一个问题?
- VC6能装最新的MSDN吗(2002.1)
- 请教各位大侠一个问题,如何实现98下不用输密码退出屏保.......
- 关于FormView的小问题?
- 如何使listview中insertitem时使新插入的item排在最后?
if(!hWnd)
{
printf("Cannot find Explorer Window.\n");
return 0;
}
GetWindowThreadProcessId(hWnd,&dwProcessId);
printf("ID=%d\n",dwProcessId);这个是explorer.exe的id
{
HINSTANCE hNtDll;
NTSTATUS rc;
ULONG ulNeed = 0;
void *buf = NULL;
size_t len = 0;
int ret = 0; hNtDll = LoadLibrary( "NTDLL" );
if( !hNtDll )
return 0; NtQuerySystemInformation = (NtQSI_t)GetProcAddress( hNtDll, "NtQuerySystemInformation" );
if (!NtQuerySystemInformation)
return 0; RtlCompareUnicodeString = (RtlCUS_t)GetProcAddress( hNtDll, "RtlCompareUnicodeString" );
if( !RtlCompareUnicodeString )
return 0; do
{
delete[] buf;
len += 2000;
buf = new BYTE[len];
if( !buf )
return 0;
rc = NtQuerySystemInformation( 5, buf, len, &ulNeed );
} while( rc == 0xc0000004 );
if( rc <0 )
{
delete[] buf;
return 0;
} {
struct process_info *p = (struct process_info*)buf;
bool endlist = false;
UNICODE_STRING lsass = { 18, 20, L"LSASS.EXE" }; while( !endlist )
{
if( p->ProcessName.Buffer && !RtlCompareUnicodeString( &lsass, &p->ProcessName, 1 ) )
{
ret = p->ProcessId;
goto exit;
}
endlist = p->NextEntryDelta == 0;
p = (struct process_info *)(((BYTE*)p) + p->NextEntryDelta);
}
} exit:
delete[] buf;
FreeLibrary( hNtDll ); return ret;
}这个得到的是lsass的id,自己改吧。
NtQuerySystemInformation和RtlCompareUnicodeString都是怎样声明的,有什么作用,可否给予详细解释?
d:\program files\ntddk\inc\ddk\ntddk.h(7914) : error C2146: syntax error : missing ';' before identifier 'InterruptTime'
d:\program files\ntddk\inc\ddk\ntddk.h(7914) : error C2501: 'InterruptTime' : missing storage-class or type specifiers
d:\program files\ntddk\inc\ddk\ntddk.h(7928) : error C2146: syntax error : missing ';' before identifier 'SystemTime'
d:\program files\ntddk\inc\ddk\ntddk.h(7928) : error C2086: 'KSYSTEM_TIME' : redefinition
d:\program files\ntddk\inc\ddk\ntddk.h(7928) : error C2501: 'SystemTime' : missing storage-class or type specifiers
d:\program files\ntddk\inc\ddk\ntddk.h(7935) : error C2146: syntax error : missing ';' before identifier 'TimeZoneBias'
d:\program files\ntddk\inc\ddk\ntddk.h(7935) : error C2086: 'KSYSTEM_TIME' : redefinition
d:\program files\ntddk\inc\ddk\ntddk.h(7935) : error C2501: 'TimeZoneBias' : missing storage-class or type specifiers
d:\program files\ntddk\inc\ddk\ntddk.h(9101) : error C2146: syntax error : missing ';' before identifier 'ContextRecord'
d:\program files\ntddk\inc\ddk\ntddk.h(9101) : error C2501: 'PCONTEXT' : missing storage-class or type specifiers
d:\program files\ntddk\inc\ddk\ntddk.h(9101) : error C2501: 'ContextRecord' : missing storage-class or type specifiers
d:\program files\ntddk\inc\ddk\ntddk.h(10051) : error C2146: syntax error : missing ';' before identifier 'KeTickCount'
d:\program files\ntddk\inc\ddk\ntddk.h(10051) : fatal error C1004: unexpected end of file found
Error executing cl.exe.都是包含了ntddk.h之后的错误。
你看一下NT/2K NATIVE API定义命名空间好了!!
{
USHORT Length;
USHORT MaxLen;
USHORT *Buffer;
} UNICODE_STRING;typedef NTSTATUS (__stdcall *NtQSI_t)( ULONG, PVOID, ULONG, PULONG );
typedef LONG (__stdcall *RtlCUS_t)( UNICODE_STRING*, UNICODE_STRING*, ULONG );NTSTATUS (__stdcall *NtQuerySystemInformation)( IN ULONG SysInfoClass, IN OUT PVOID SystemInformation,
IN ULONG SystemInformationLength, OUT PULONG RetLen );LONG (__stdcall *RtlCompareUnicodeString)( IN UNICODE_STRING*, IN UNICODE_STRING*, IN ULONG CaseInsensitve );struct process_info
{
ULONG NextEntryDelta;
ULONG ThreadCount;
ULONG Reserved1[6];
LARGE_INTEGER CreateTime;
LARGE_INTEGER UserTime;
LARGE_INTEGER KernelTime;
UNICODE_STRING ProcessName;
ULONG BasePriority;
ULONG ProcessId;
};http://nongmin-cn.8u8.com/index.htm
去这里看吧。