|
for(ulIndex = 0; ulIndex < pSystemProc->ThreadCount; ulIndex++)
{
pSystemThre = &pSystemProc->Threads[ulIndex];
printf("%-5d",pSystemProc->Threads[ulIndex].ClientId.UniqueThread);
printf("%3d",pSystemProc->Threads[ulIndex].Priority);
printf("%4d",pSystemProc->Threads[ulIndex].BasePriority);
printf("%4d%%",(pSystemProc->Threads[ulIndex].
KernelTime.QuadPart * 100)/
(pSystemProc->KernelTime.QuadPart + pSystemProc->UserTime.QuadPart));
printf("%4d%%",(pSystemProc->Threads[ulIndex].
UserTime.QuadPart * 100)/
(pSystemProc->KernelTime.QuadPart + pSystemProc->UserTime.QuadPart));
llTempTime = pSystemProc->Threads[ulIndex].KernelTime.QuadPart;
llTempTime /= 10000;
printf("%2d:",llTempTime/(60*60*1000));
llTempTime %= 60*60*1000;
printf("%.2d.",llTempTime/(60*1000));
llTempTime %= 60*1000;
printf("%.2d.",llTempTime/1000);
llTempTime %= 100;
printf("%.2d ",llTempTime);
llTempTime = pSystemProc->Threads[ulIndex].UserTime.QuadPart;
llTempTime /= 10000;
printf("%2d:",llTempTime/(60*60*1000));
llTempTime %= 60*60*1000;
printf("%.2d.",llTempTime/(60*1000));
llTempTime %= 60*1000;
printf("%.2d.",llTempTime/1000);
llTempTime %= 100;
printf("%.2d ",llTempTime);
printf(" 0x%.8X",pSystemProc->Threads[ulIndex].StartAddress);
printf("%7d",pSystemProc->Threads[ulIndex].ContextSwitchCount);
switch(pSystemProc->Threads[ulIndex].State)
{
case StateInitialized:
printf("%6s","Init.");
break;
case StateReady:
printf("%6s","Ready");
break;
case StateRunning:
printf("%6s","Run");
break;
case StateStandby:
printf("%6s","StBy.");
break;
case StateTerminated:
printf("%6s","Term.");
break;
case StateWait:
printf("%6s","Wait");
break;
case StateTransition:
printf("%6s","Tran.");
break;
case StateUnknown:
printf("%6s","Unkn.");
break;
default:
printf("%6s","Unkn.");
break;
}
switch(pSystemProc->Threads[ulIndex].WaitReason)
{
case Executive:
printf(" %-8s","Executi.");
break;
case FreePage:
printf(" %-8s","FreePag.");
break;
case PageIn:
printf(" %-8s","PageIn");
break;
case PoolAllocation:
printf(" %-8s","PoolAll.");
break;
case DelayExecution:
printf(" %-8s","DelayEx.");
break;
case Suspended:
printf(" %-8s","Suspend.");
break;
case UserRequest:
printf(" %-8s","UserReq.");
break;
case WrExecutive:
printf(" %-8s","WrExect.");
break;
case WrFreePage:
printf(" %-8s","WrFrePg.");
break;
case WrPageIn:
printf(" %-8s","WrPageIn");
break;
case WrPoolAllocation:
printf(" %-8s","WrPoolA.");
break;
case WrSuspended:
printf(" %-8s","WrSuspe.");
break;
case WrUserRequest:
printf(" %-8s","WrUsReq.");
break;
case WrEventPair:
printf(" %-8s","WrEvent.");
break;
case WrQueue:
printf(" %-8s","WrQueue");
break;
case WrLpcReceive:
printf(" %-8s","WrLpcRv.");
break;
case WrLpcReply:
printf(" %-8s","WrLpcRp.");
break;
case WrVertualMemory:
printf(" %-8s","WrVerMm.");
break;
case WrPageOut:
printf(" %-8s","WrPgOut.");
break;
case WrRendezvous:
printf(" %-8s","WrRende.");
break;
case WrKernel:
printf(" %-8s","WrKernel");
break;
default:
printf(" %-8s","Unknown");
break;
}
printf("\n");
}
printf("----------------------------\n\n");
printf("Total %d Thread(s) !\n\n",ulIndex);
dwTotalProcess ++;
break;
}
pSystemProc = (PSYSTEM_PROCESSES)((char *)pSystemProc +
pSystemProc->NextEntryDelta);
}
}
__finally
{
if(dwTotalProcess == 0)
{
printf("Could not found the %d Process !\n",dwPID);
}
else
{
printf("TID:\t\t====>\tThread Identification\n");
printf("Pri:\t\t====>\tPriority\n");
printf("BPr:\t\t====>\tBase Priority\n");
printf("Priv:\t\t====>\tPrivilege\n");
printf("StartAddr:\t====>\tThread Start Address\n");
printf("CSwitC:\t\t====>\tContext Switch Count\n");
printf("WtReason:\t====>\tWait Reason\n");
}
if(lpSystemInfo != NULL)
{
free(lpSystemInfo);
}
if(hNtDll != NULL)
{
FreeLibrary(hNtDll);
}
}
return 0;
}
VOID Start()
{
printf("T-PMList, by TOo2y\n");
printf("E-mail: TOo2y@safechina.net\n");
printf("HomePage: www.safechina.net\n");
printf("Date: 05-10-2003\n\n");
return ;
}
VOID Usage()
{
printf("Usage:\tT-PMList [-e] │ [-s PID]\n");
printf(" -e\t Enumerate All Processes\n");
printf(" -s PID Show Special Process Information with PID\n\n");
return ;
}
#endif
2.T-PMPerf的头文件源代码:
#ifndef T_PMPERF_H
#define T_PMPERF_H
#include "windows.h"
#include "stdio.h"
#define SYSTEM_PERF_INFO 0x02
#define SYSTEM_PROC_TIME 0x08
#define SYSTEM_PAGE_INFO 0x12
#define SYSTEM_CACHE_INFO 0x15
#define MAX_INFO_BUF_LEN 0x500000
#define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
typedef LONG NTSTATUS;
typedef DWORD SYSTEM_INFORMATION_CLASS;
typedef struct _LSA_UNICODE_STRING
{
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;
}LSA_UNICODE_STRING,*PLSA_UNICODE_STRING;
typedef LSA_UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;
typedef struct _SYSTEM_PERFORMANCE_INFORMATION
{
LARGE_INTEGER IdleTime;
LARGE_INTEGER ReadTransferCount;
LARGE_INTEGER WriteTransferCount;
LARGE_INTEGER OtherTransferCount;
ULONG ReadOperationCount;
ULONG WriteOperationCount;
ULONG OtherOperationCount;
ULONG AvailablePages;
ULONG TotalCommittedPages;
ULONG TotalCommitLimit;
ULONG PeakCommitment;
ULONG PageFaults;
ULONG WriteCopyFaults;
ULONG TransitionFaults;
ULONG Reserved1;
ULONG DemandZeroFaults;
ULONG PagesRead;
ULONG PageReadIos;
ULONG Reserved2[2];
ULONG PagefilePagesWritten;
ULONG PagefilePageWriteIos;
ULONG MappedFilePagesWritten;
ULONG MappedFileWriteIos;
ULONG PagedPoolUsage;
ULONG NonPagedPoolUsage;
ULONG PagedPoolAllocs;
ULONG PagedPoolFrees;
ULONG NonPagedPoolAllocs;
ULONG NonPagedPoolFress;
ULONG TotalFreeSystemPtes;
ULONG SystemCodePage;
ULONG TotalSystemDriverPages;
ULONG TotalSystemCodePages;
ULONG SmallNonPagedLookasideListAllocateHits;
ULONG SmallPagedLookasideListAllocateHits;
ULONG Reserved3;
ULONG MmSystemCachePage;
ULONG PagedPoolPage;
ULONG SystemDriverPage;
ULONG FastReadNoWait;
ULONG FastReadWait;
ULONG FastReadResourceMiss;
ULONG FastReadNotPossible;
ULONG FastMdlReadNoWait;
ULONG FastMdlReadWait;
ULONG FastMdlReadResourceMiss;
ULONG FastMdlReadNotPossible;
ULONG MapDataNoWait;
ULONG MapDataWait;
ULONG MapDataNoWaitMiss;
ULONG MapDataWaitMiss;
ULONG PinMappedDataCount;
ULONG PinReadNoWait;
ULONG PinReadWait;
ULONG PinReadNoWaitMiss;
ULONG PinReadWaitMiss;
ULONG CopyReadNoWait;
ULONG CopyReadWait;
ULONG CopyReadNoWaitMiss;
ULONG CopyReadWaitMiss;
ULONG MdlReadNoWait;
ULONG MdlReadWait;
ULONG MdlReadNoWaitMiss;
ULONG MdlReadWaitMiss;
ULONG ReadAheadIos;
ULONG LazyWriteIos;
ULONG LazyWritePages;
ULONG DataFlushes;
ULONG DataPages;
ULONG ContextSwitches;
ULONG FirstLevelTbFills;
ULONG SecondLevelTbFills;
ULONG SystemCall;
}SYSTEM_PERFORMANCE_INFORMATION,*PSYSTEM_PERFORMANCE_INFORMATION;
typedef struct __SYSTEM_PROCESSOR_TIMES
{
LARGE_INTEGER IdleTime;
LARGE_INTEGER KernelTime;
LARGE_INTEGER UserTime;
LARGE_INTEGER DpcTime;
LARGE_INTEGER InterruptTime;
ULONG InterruptCount;
}SYSTEM_PROCESSOR_TIMES,*PSYSTEM_PROCESSOR_TIMES;
typedef struct _SYSTEM_PAGEFILE_INFORMATION
{
ULONG NetxEntryOffset;
ULONG CurrentSize;
ULONG TotalUsed;
ULONG PeakUsed;
UNICODE_STRING FileName;
}SYSTEM_PAGEFILE_INFORMATION,*PSYSTEM_PAGEFILE_INFORMATION;
typedef struct _SYSTEM_CACHE_INFORMATION
{
ULONG SystemCacheWsSize;
ULONG SystemCacheWsPeakSize;
ULONG SystemCacheWsFaults;
ULONG SystemCacheWsMinimum;
ULONG SystemCacheWsMaximum;
ULONG TransitionSharedPages;
ULONG TransitionSharedPagesPeak;
ULONG Reserved[2];
}SYSTEM_CACHE_INFORMATION,*PSYSTEM_CACHE_INFORMATION;
typedef NTSTATUS (__stdcall * NTQUERYSYSTEMINFORMATION)
(IN SYSTEM_INFORMATION_CLASS,
IN OUT PVOID,
INT ULONG,
OUT PULONG OPTION);
NTQUERYSYSTEMINFORMATION NtQuerySystemInformation;
DWORD PerfInfo()
{
SYSTEM_PERFORMANCE_INFORMATION SystemPerfInfo;
HMODULE hNtDll = NULL;
DWORD dwNumberBytes;
DWORD dwReturnLength;
NTSTATUS Status;
LONGLONG llTempTime;
__try
{
hNtDll = LoadLibrary("NtDll.dll");
if(hNtDll == NULL)
{
printf("LoadLibrary Error: %d\n",GetLastError());
__leave;
}
NtQuerySystemInformation = (NTQUERYSYSTEMINFORMATION)
GetProcAddress(hNtDll,"NtQuerySystemInformation");
if(NtQuerySystemInformation == NULL)
{
printf("GetProcAddress for NtQuerySystemInformation
Error: %d\n",GetLastError());
__leave;
} |
