C++监视后台运行进程吗? 我一直试图编写一个C++程序,它将监视后台运行的进程,如果检测到运行,则终止某个进程。我已经编写了一个程序,可以这样做,但是我能想到的唯一方法是使用一个无限WHILE循环来不断检查程序。正如您可以想象的那样,这会不断地使用CPU功率和资源来不断循环。在任务管理器中,您可以看到大多数正在运行的进程总是使用0%的CPU。我的问题是:我如何编写或修改这个程序,使其在后台运行,使用0%的CPU,直到它检测到它应该终止的进程? 我的整个计划如下。在本例中,我使用WinMain中的Notepad.exe作为程序应该终止的进程 #include <Windows.h> #include <iostream> #include <tlhelp32.h> #include <string> #define TA_FAILED 0 #define TA_SUCCESS_CLEAN 1 #define TA_SUCCESS_KILL 2 DWORD WINAPI TerminateApp(DWORD dwPID, DWORD dwTimeout); DWORD WINAPI Terminate16App(DWORD dwPID, DWORD dwThread, WORD w16Task, DWORD dwTimeout); typedef struct { DWORD dwID; DWORD dwThread; } TERMINFO; BOOL CALLBACK TerminateAppEnum( HWND hwnd, LPARAM lParam ) ; DWORD WINAPI TerminateApp( DWORD dwPID, DWORD dwTimeout ) { HANDLE hProc ; DWORD dwRet ; // If we can't open the process with PROCESS_TERMINATE rights, // then we give up immediately. hProc = OpenProcess(SYNCHRONIZE|PROCESS_TERMINATE, FALSE, dwPID); if(hProc == NULL) { return TA_FAILED ; } // TerminateAppEnum() posts WM_CLOSE to all windows whose PID // matches your process's. EnumWindows((WNDENUMPROC)TerminateAppEnum, (LPARAM) dwPID) ; // Wait on the handle. If it signals, great. If it times out, // then you kill it. if(WaitForSingleObject(hProc, dwTimeout)!=WAIT_OBJECT_0) dwRet=(TerminateProcess(hProc,0)?TA_SUCCESS_KILL:TA_FAILED); else dwRet = TA_SUCCESS_CLEAN ; CloseHandle(hProc) ; return dwRet ; } BOOL CALLBACK TerminateAppEnum( HWND hwnd, LPARAM lParam ) { DWORD dwID ; GetWindowThreadProcessId(hwnd, &dwID) ; if(dwID == (DWORD)lParam) { PostMessage(hwnd, WM_CLOSE, 0, 0) ; } return TRUE ; } DWORD FindProcessId(const std::string& processName); int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR szCmdLine, int iCmdShow) { std::string process1 = "Notepad.exe"; while (1) { TerminateApp(FindProcessId(process1),0); } return 0; } DWORD FindProcessId(const std::string& processName) { PROCESSENTRY32 processInfo; processInfo.dwSize = sizeof(processInfo); HANDLE processesSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL); if (processesSnapshot == INVALID_HANDLE_VALUE) { return 0; } Process32First(processesSnapshot, &processInfo); if (!processName.compare(processInfo.szExeFile)) { CloseHandle(processesSnapshot); return processInfo.th32ProcessID; } while (Process32Next(processesSnapshot, &processInfo)) { if (!processName.compare(processInfo.szExeFile)) { CloseHandle(processesSnapshot); return processInfo.th32ProcessID; } } CloseHandle(processesSnapshot); return 0; }
您可以使用通知查找进程的创建和销毁时间__InstanceCreationEvent是您需要查找的 创建资源:\ uu InstanceCreationEventC++监视后台运行进程吗? 我一直试图编写一个C++程序,它将监视后台运行的进程,如果检测到运行,则终止某个进程。我已经编写了一个程序,可以这样做,但是我能想到的唯一方法是使用一个无限WHILE循环来不断检查程序。正如您可以想象的那样,这会不断地使用CPU功率和资源来不断循环。在任务管理器中,您可以看到大多数正在运行的进程总是使用0%的CPU。我的问题是:我如何编写或修改这个程序,使其在后台运行,使用0%的CPU,直到它检测到它应该终止的进程? 我的整个计划如下。在本例中,我使用WinMain中的Notepad.exe作为程序应该终止的进程 #include <Windows.h> #include <iostream> #include <tlhelp32.h> #include <string> #define TA_FAILED 0 #define TA_SUCCESS_CLEAN 1 #define TA_SUCCESS_KILL 2 DWORD WINAPI TerminateApp(DWORD dwPID, DWORD dwTimeout); DWORD WINAPI Terminate16App(DWORD dwPID, DWORD dwThread, WORD w16Task, DWORD dwTimeout); typedef struct { DWORD dwID; DWORD dwThread; } TERMINFO; BOOL CALLBACK TerminateAppEnum( HWND hwnd, LPARAM lParam ) ; DWORD WINAPI TerminateApp( DWORD dwPID, DWORD dwTimeout ) { HANDLE hProc ; DWORD dwRet ; // If we can't open the process with PROCESS_TERMINATE rights, // then we give up immediately. hProc = OpenProcess(SYNCHRONIZE|PROCESS_TERMINATE, FALSE, dwPID); if(hProc == NULL) { return TA_FAILED ; } // TerminateAppEnum() posts WM_CLOSE to all windows whose PID // matches your process's. EnumWindows((WNDENUMPROC)TerminateAppEnum, (LPARAM) dwPID) ; // Wait on the handle. If it signals, great. If it times out, // then you kill it. if(WaitForSingleObject(hProc, dwTimeout)!=WAIT_OBJECT_0) dwRet=(TerminateProcess(hProc,0)?TA_SUCCESS_KILL:TA_FAILED); else dwRet = TA_SUCCESS_CLEAN ; CloseHandle(hProc) ; return dwRet ; } BOOL CALLBACK TerminateAppEnum( HWND hwnd, LPARAM lParam ) { DWORD dwID ; GetWindowThreadProcessId(hwnd, &dwID) ; if(dwID == (DWORD)lParam) { PostMessage(hwnd, WM_CLOSE, 0, 0) ; } return TRUE ; } DWORD FindProcessId(const std::string& processName); int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR szCmdLine, int iCmdShow) { std::string process1 = "Notepad.exe"; while (1) { TerminateApp(FindProcessId(process1),0); } return 0; } DWORD FindProcessId(const std::string& processName) { PROCESSENTRY32 processInfo; processInfo.dwSize = sizeof(processInfo); HANDLE processesSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL); if (processesSnapshot == INVALID_HANDLE_VALUE) { return 0; } Process32First(processesSnapshot, &processInfo); if (!processName.compare(processInfo.szExeFile)) { CloseHandle(processesSnapshot); return processInfo.th32ProcessID; } while (Process32Next(processesSnapshot, &processInfo)) { if (!processName.compare(processInfo.szExeFile)) { CloseHandle(processesSnapshot); return processInfo.th32ProcessID; } } CloseHandle(processesSnapshot); return 0; },windows,background,process,monitor,terminate,Windows,Background,Process,Monitor,Terminate,您可以使用通知查找进程的创建和销毁时间__InstanceCreationEvent是您需要查找的 创建资源:\ uu InstanceCreationEvent 假设您有兴趣在某台计算机上运行记事本时接收通知。当记事本运行时,将创建相应的进程。进程可以使用WMI进行管理,并由Win32_进程类表示。当记事本开始运行时,Win32_进程类的相应实例将通过WMI可用。如果您已通过发出适当的事件通知查询来注册对此事件的兴趣,则此实例的可用性将导致创建_InstanceCreationEvent类的实
假设您有兴趣在某台计算机上运行记事本时接收通知。当记事本运行时,将创建相应的进程。进程可以使用WMI进行管理,并由Win32_进程类表示。当记事本开始运行时,Win32_进程类的相应实例将通过WMI可用。如果您已通过发出适当的事件通知查询来注册对此事件的兴趣,则此实例的可用性将导致创建_InstanceCreationEvent类的实例。这不是可实例化的WMI类,请考虑抽象基类。您正在寻找Win32\u ProcessStartTrace。快速修复是while1循环中的Sleep1。不要犹豫,让它变大,但1已经足够让它接近于零。啊哈,谢谢汉斯·帕桑的建议。这完全解决了我的问题!也谢谢你的建议!