dwNumberBytes = sizeof(SYSTEM_PERFORMANCE_INFORMATION);
Status = NtQuerySystemInformation(SYSTEM_PERF_INFO,
                       &SystemPerfInfo,
  dwNumberBytes,
  &dwReturnLength);
if(Status != STATUS_SUCCESS)
{
printf("NtQuerySystemInformation for Performance 
Error: %d\n",GetLastError());
__leave;
}

printf("IdleTime:\t\t");
llTempTime  = SystemPerfInfo.IdleTime.QuadPart;
llTempTime /= 10000;
printf("%d:",llTempTime/(60*60*1000));
llTempTime %= 60*60*1000;
printf("%.2d:",llTempTime/(60*1000));
llTempTime %= 60*1000;
printf("%.2d.",llTempTime/1000);
llTempTime %= 1000;
printf("%.3d\n",llTempTime);

printf("ReadOperationCount:\t%-10d\t",
SystemPerfInfo.ReadOperationCount);
printf("ReadTransferCount:\t%d\n",SystemPerfInfo.ReadTransferCount);
printf("WriteOperationCount:\t%-10d\t",SystemPerfInfo.
WriteOperationCount);
printf("WriteTransferCount:\t%d\n",SystemPerfInfo.WriteTransferCount);
printf("OtherOperationCount:\t%-10d\t",SystemPerfInfo.
OtherOperationCount);
printf("OtherTransferCount:\t%d\n",SystemPerfInfo.OtherTransferCount);

printf("AvailablePages:\t\t%-10d\t",SystemPerfInfo.AvailablePages);
printf("TotalCommittedPage:\t%d\n",SystemPerfInfo.TotalCommittedPages);
printf("CommitLimit:\t\t%-10d\t",SystemPerfInfo.TotalCommitLimit);
printf("PeakCommitment:\t\t%d\n",SystemPerfInfo.PeakCommitment);

printf("PageFault:\t\t%-10d\t",SystemPerfInfo.PageFaults);
printf("WriteCopyFault:\t\t%d\n",SystemPerfInfo.WriteCopyFaults);
printf("TransitionFault:\t%-10d\t",SystemPerfInfo.TransitionFaults);
printf("DemandZeroFault:\t%d\n",SystemPerfInfo.DemandZeroFaults);

printf("PagesRead:\t\t%-10d\t",SystemPerfInfo.PagesRead);
printf("PageReadIos:\t\t%d\n",SystemPerfInfo.PageReadIos);
printf("PagesWritten:\t\t%-10d\t",SystemPerfInfo.PagefilePagesWritten);
printf("PageWriteIos:\t\t%d\n",SystemPerfInfo.PagefilePageWriteIos);
printf("MappedFilePagesWritten:\t%-10d\t",
SystemPerfInfo.MappedFilePagesWritten);
printf("MappedFileWriteIos:\t%d\n",SystemPerfInfo.MappedFileWriteIos);

printf("PagedPoolUsage:\t\t%-10d\t",SystemPerfInfo.PagedPoolUsage);
printf("NonPagedPoolUsage:\t%d\n",SystemPerfInfo.NonPagedPoolUsage);
printf("PagedPoolAllocs:\t%-10d\t",SystemPerfInfo.PagedPoolAllocs);
printf("NonPagedPoolAllocs:\t%d\n",SystemPerfInfo.NonPagedPoolAllocs);
printf("PagedPoolFrees:\t\t%-10d\t",SystemPerfInfo.PagedPoolFrees);
printf("NonPagedPoolFrees:\t%d\n",SystemPerfInfo.NonPagedPoolFress);

printf("SystemCodePage:\t\t%-10d\t",SystemPerfInfo.SystemCodePage);
printf("TotalSystemCodePage:\t%d\n",
SystemPerfInfo.TotalSystemCodePages);
printf("TotalFreeSysPTE:\t%-10d\t",
SystemPerfInfo.TotalFreeSystemPtes);
printf("TotalSystemDriverPages:\t%d\n",
SystemPerfInfo.TotalSystemDriverPages);
printf("PagedPoolPage:\t\t%-10d\t",SystemPerfInfo.PagedPoolPage);
printf("SystemDriverPage:\t%d\n",SystemPerfInfo.SystemDriverPage);

printf("FastReadWait:\t\t%-10d\t",SystemPerfInfo.FastReadWait);
printf("FastReadNoWait:\t\t%d\n",SystemPerfInfo.FastReadNoWait);
printf("FastReadNoPossible:\t%-10d\t",SystemPerfInfo.
FastReadNotPossible);
printf("FastReadResourceMiss:\t%d\n",SystemPerfInfo.
FastReadResourceMiss);
printf("FastMdlReadWait:\t%-10d\t",SystemPerfInfo.FastMdlReadWait);
printf("FastMdlReadNoWait:\t%d\n",SystemPerfInfo.FastMdlReadNoWait);
printf("FastMdlReadNotPossible:\t%-10d\t",
SystemPerfInfo.FastMdlReadNotPossible);
printf("FastMdlReadResourceMiss:%d\n",SystemPerfInfo.
FastMdlReadResourceMiss);


printf("MapDataWait:\t\t%-10d\t",SystemPerfInfo.MapDataWait);
printf("MapDataNoWait:\t\t%d\n",SystemPerfInfo.MapDataNoWait);
printf("MapDataWaitMiss:\t%-10d\t",SystemPerfInfo.MapDataWaitMiss);
printf("MapDataNoWaitMiss:\t%d\n",SystemPerfInfo.MapDataNoWaitMiss);

printf("ReadAheadIos:\t\t%-10d\t",SystemPerfInfo.ReadAheadIos);
printf("PinMappedDataCount:\t%d\n",SystemPerfInfo.PinMappedDataCount);
printf("PinReadWait:\t\t%-10d\t",SystemPerfInfo.PinReadWait);
printf("PinReadNoWait:\t\t%d\n",SystemPerfInfo.PinReadNoWait);
printf("PinReadWaitMiss:\t%-10d\t",SystemPerfInfo.PinReadWaitMiss);
printf("PinReadNoWaitMiss:\t%d\n",SystemPerfInfo.PinReadNoWaitMiss);

printf("CopyReadWait:\t\t%-10d\t",SystemPerfInfo.CopyReadWait);
printf("CopyReadNoWait:\t\t%d\n",SystemPerfInfo.CopyReadNoWait);
printf("CopyReadWaitMiss:\t%-10d\t",SystemPerfInfo.CopyReadWaitMiss);
printf("CopyReadNoWaitMiss:\t%-10d\n",
SystemPerfInfo.CopyReadNoWaitMiss);
printf("MdlReadWait:\t\t%-10d\t",SystemPerfInfo.MdlReadWait);
printf("MdlReadNoWait:\t\t%d\n",SystemPerfInfo.MdlReadNoWait);
printf("MdlReadWaitMiss:\t%-10d\t",SystemPerfInfo.MdlReadWaitMiss);
printf("MdlReadNoWaitMiss:\t%d\n",SystemPerfInfo.MdlReadNoWaitMiss);

printf("LazyWriteIos:\t\t%-10d\t",SystemPerfInfo.LazyWriteIos);
printf("LazyWritePages:\t\t%d\n",SystemPerfInfo.LazyWritePages);
printf("DataPages:\t\t%-10d\t",SystemPerfInfo.DataPages);
printf("DataFlushes:\t\t%d\n",SystemPerfInfo.DataFlushes);
printf("FirstLevelTbFills:\t%-10d\t",SystemPerfInfo.FirstLevelTbFills);
printf("SecondLevelTbFills:\t%d\n",SystemPerfInfo.SecondLevelTbFills);
printf("ContextSwitches:\t%-10d\t",SystemPerfInfo.ContextSwitches);
printf("SytemCall:\t\t%d\n",SystemPerfInfo.SystemCall);

printf("MemorySystemCachePage:\t\t\t%d\n",
SystemPerfInfo.MmSystemCachePage);
printf("SmallPagedLookasideListAllocateHits:\t%d\n",
SystemPerfInfo.SmallPagedLookasideListAllocateHits);
printf("SmallNonPagedLookasideListAllocateHits:\t%d\n",
SystemPerfInfo.SmallNonPagedLookasideListAllocateHits);

}
__finally
{
if(hNtDll != NULL)
{
FreeLibrary(hNtDll);
}
}

return 0;
}

DWORD ProcTime()
{
SYSTEM_PROCESSOR_TIMES  SystemProcTime;
HMODULE                 hNtDll = NULL;
DWORD                   dwNumberBytes;
DWORD                   dwReturnLength;
NTSTATUS                Status;
LONGLONG                llTempTime;

__try
{
hNtDll = LoadLibrary("NtDll.dll");
          if(hNtDll == NULL)
{
                 printf("LoadLibrary Error: %d\n",GetLastError());
                 __leave;
}

NtQuerySystemInformation = (NTQUERYSYSTEMINFORMATION)
GetProcAddress(hNtDll,"NtQuerySystemInformation");
if(NtQuerySystemInformation == NULL)
{
printf("GetProcAddress for NtQuerySystemInformation 
Error: %d\n",GetLastError());
__leave;
}

dwNumberBytes = sizeof(SYSTEM_PROCESSOR_TIMES);
NtQuerySystemInformation = (NTQUERYSYSTEMINFORMATION)
GetProcAddress(hNtDll,"NtQuerySystemInformation");
if(NtQuerySystemInformation == NULL)
{
printf("GetProcAddress Error: %d\n",GetLastError());
__leave;
}

Status = NtQuerySystemInformation(SYSTEM_PROC_TIME,
                       &SystemProcTime,
  dwNumberBytes,
  &dwReturnLength);
if(Status != STATUS_SUCCESS)
{
printf("NtQuerySystemInformation for Processor 
Time Error: %d\n",GetLastError());
__leave;
}

printf("IdleTime:\t\t");
llTempTime  = SystemProcTime.IdleTime.QuadPart;
llTempTime /= 10000;
printf("%d:",llTempTime/(60*60*1000));
llTempTime %= 60*60*1000;
printf("%.2d:",llTempTime/(60*1000));
llTempTime %= 60*1000;
printf("%.2d.",llTempTime/1000);
llTempTime %= 1000;
printf("%.3d\n",llTempTime);

printf("KernelTime:\t\t");
llTempTime  = SystemProcTime.KernelTime.QuadPart;
llTempTime /= 10000;
printf("%d:",llTempTime/(60*60*1000));
llTempTime %= 60*60*1000;
printf("%.2d:",llTempTime/(60*1000));
llTempTime %= 60*1000;
printf("%.2d.",llTempTime/1000);
llTempTime %= 1000;
printf("%.3d\n",llTempTime);

printf("UserTime:\t\t");
llTempTime  = SystemProcTime.UserTime.QuadPart;
llTempTime /= 10000;
printf("%d:",llTempTime/(60*60*1000));
llTempTime %= 60*60*1000;
printf("%.2d:",llTempTime/(60*1000));
llTempTime %= 60*1000;
printf("%.2d.",llTempTime/1000);
llTempTime %= 1000;
printf("%.3d\n",llTempTime);

printf("DpcTime:\t\t");
llTempTime  = SystemProcTime.DpcTime.QuadPart;
llTempTime /= 10000;
printf("%d:",llTempTime/(60*60*1000));
llTempTime %= 60*60*1000;
printf("%.2d:",llTempTime/(60*1000));
llTempTime %= 60*1000;
printf("%.2d.",llTempTime/1000);
llTempTime %= 1000;
printf("%.3d\n",llTempTime);

printf("InterruptTime:\t\t");
llTempTime  = SystemProcTime.InterruptTime.QuadPart;
llTempTime /= 10000;
printf("%d:",llTempTime/(60*60*1000));
llTempTime %= 60*60*1000;
printf("%.2d:",llTempTime/(60*1000));
llTempTime %= 60*1000;
printf("%.2d.",llTempTime/1000);
llTempTime %= 1000;
printf("%.3d\n",llTempTime);

printf("InterruptCount:\t\t%d\n",SystemProcTime.InterruptCount);

}
__finally
{
if(hNtDll != NULL)
{
FreeLibrary(hNtDll);
}
}

return 0;
}

DWORD PagefileInfo()
{
PSYSTEM_PAGEFILE_INFORMATION   pSystemPagefileInfo;
PVOID                          pBuffer;
HMODULE                        hNtDll = NULL;
DWORD                          dwNumberBytes;
DWORD                          dwReturnLength;
           NTSTATUS                       Status;

__try
{
hNtDll = LoadLibrary("NtDll.dll");
           if(hNtDll == NULL)
{
                printf("LoadLibrary Error: %d\n",GetLastError());
                __leave;
}

NtQuerySystemInformation = (NTQUERYSYSTEMINFORMATION)
GetProcAddress(hNtDll,"NtQuerySystemInformation");
if(NtQuerySystemInformation == NULL)
{
printf("GetProcAddress for NtQuerySystemInformation 
Error: %d\n",GetLastError());
__leave;
}

dwNumberBytes = MAX_INFO_BUF_LEN;
pBuffer = (LPVOID)malloc(dwNumberBytes);
Status  = NtQuerySystemInformation(SYSTEM_PAGE_INFO,
                        pBuffer,
  dwNumberBytes,
   &dwReturnLength);
if(Status != STATUS_SUCCESS)
{
printf("NtQuerySystemInformation for 
Pagefile Error: %d\n",GetLastError());
__leave;
}

pSystemPagefileInfo = (PSYSTEM_PAGEFILE_INFORMATION)pBuffer;
do
{
printf("CurrentPagefileSize:\t%d\n",pSystemPagefileInfo->CurrentSize);
printf("TotalPagefileUsed:\t%d\n",pSystemPagefileInfo->TotalUsed);
printf("PeakPagefileUsed:\t%d\n",pSystemPagefileInfo->PeakUsed);
wprintf(L"PagefileFileName:\t%s\n",
pSystemPagefileInfo->FileName.Buffer);

pSystemPagefileInfo = (PSYSTEM_PAGEFILE_INFORMATION)
((char *)pBuffer + pSystemPagefileInfo->NetxEntryOffset);
}while(pSystemPagefileInfo->NetxEntryOffset != 0);
}
__finally
{
if(pBuffer != NULL)
{
free(pBuffer);
} 
if(hNtDll  != NULL)
{
FreeLibrary(hNtDll);
}
}

return 0;
}

DWORD CacheInfo()
{
SYSTEM_CACHE_INFORMATION       SystemCacheInfo;
HMODULE                        hNtDll = NULL;
DWORD                          dwNumberBytes;
DWORD                          dwReturnLength;
           NTSTATUS                       Status;

__try
{
hNtDll = LoadLibrary("NtDll.dll");
           if(hNtDll == NULL)
{
             printf("LoadLibrary Error: %d\n",GetLastError());
               __leave;
}

NtQuerySystemInformation = (NTQUERYSYSTEMINFORMATION)
GetProcAddress(hNtDll,"NtQuerySystemInformation");
if(NtQuerySystemInformation == NULL)
{
printf("GetProcAddress for NtQuerySystemInformation 
Error: %d\n",GetLastError());
__leave;
}

dwNumberBytes = sizeof(SYSTEM_CACHE_INFORMATION);
Status  = NtQuerySystemInformation(SYSTEM_CACHE_INFO,
                        &SystemCacheInfo,
   dwNumberBytes,
   &dwReturnLength);
if(Status != STATUS_SUCCESS)
{
printf("NtQuerySystemInformation 
for Cache Error: %d\n",GetLastError());
__leave;
}

printf("CacheWorkingSetSize:\t\t%d(KB)\n",
SystemCacheInfo.SystemCacheWsSize/1024);
printf("CacheWorkingSetPeakSize:\t%d(KB)\n",SystemCacheInfo.
SystemCacheWsPeakSize/1024);
printf("CacheWorkingSetFaults:\t\t%d\n",SystemCacheInfo.
SystemCacheWsFaults);
printf("CacheWorkingSetMinimum:\t\t%d\n",SystemCacheInfo.
SystemCacheWsMinimum);
printf("CacheWorkingSetMaximum:\t\t%d\n",SystemCacheInfo.
SystemCacheWsMaximum);
printf("TransitionSharedPages:\t\t%d\n",SystemCacheInfo.
TransitionSharedPages);
printf("TransitionSharedPagesPeak:\t%d\n",SystemCacheInfo.
TransitionSharedPagesPeak);

}
__finally
{
if(hNtDll != NULL)
{
FreeLibrary(hNtDll);
}
}

return 0;
}

VOID Start()
{
printf("T-PMPerf, by TOo2y\n");
printf("E-mail: TOo2y@safechina.net\n");
printf("HomePage: www.safechina.net\n");
printf("Date: 05-09-2003\n\n");
return ;
}

VOID Usage()
{
printf("Usage:\tT-PMPerf \n");
printf("Option:\n");
printf("  -Perf   System Performance Information\n");
printf("  -Proc   System Processor Information\n");
printf("  -Page   System Pagefile Information\n");
printf("  -Cache  System Cache Information\n");
return ;
}

#endif

文章转载地址：http://www.cnpaf.net/Class/hack/0512182034521058464.htm