VC获取进程启动和结束时间

void CProcessTimeDlg::AddProcessToList(DWORD processID )
{
//
// Adds the process name and ID to the ListCtrl
//
// first update the process time
UpdateProcessTime();
CListCtrl *pList = (CListCtrl*)GetDlgItem(IDC_LSTPROCESS);
int nCount = pList->GetItemCount();

ST_PROCESSINFO *pstProcessInfo;
char szBuff[MAX_PATH];
char szProcessName[MAX_PATH] = "unknown";
// in case EnumProcessModules fails
char szItemString[MAX_PATH+64];
// open the process to query the time information
//   this handle will remain open until ClearProcessList call
//   This should remain open to get the process terminated time
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_READ,
FALSE, processID);
if(!hProcess)
return;

for(int i=0;i<nCount; i++)
{
ST_PROCESSINFO *pstPrvProcessInfo =
(ST_PROCESSINFO *)pList->GetItemData(i);

// If the passed process id is same
// as the already updated process in the ListCtrl
//    then check whether it is a terminated process
//     if not then return immediately
//        without updating (to avoid flicker)
if(pstPrvProcessInfo->dwProcessId == processID)
{
CString cszText = pList->GetItemText(i,4);
cszText.TrimRight();
if(cszText == "")
return;
}
}

HMODULE hMod;
DWORD cbNeeded;
if(EnumProcessModules( hProcess, &hMod, sizeof(hMod), &cbNeeded))
GetModuleBaseName( hProcess, hMod, szProcessName,
sizeof(szProcessName));
wsprintf(szItemString, "%u", processID);
wsprintf(szBuff,"%d", nCount);
// fill the structure and store the info for later updates
pstProcessInfo        = new ST_PROCESSINFO();
pstProcessInfo->dwProcessId    = processID;
pstProcessInfo->hProcess    = hProcess;
pList->InsertItem(nCount,szItemString);
pList->SetItemText(nCount,2,szProcessName);
pList->SetItemText(nCount,1,szBuff);
pList->SetItemData(nCount,(DWORD)pstProcessInfo);
}

// this will update the process start time and end time
// (end time, only if the process has terminated)
void CProcessTimeDlg::UpdateProcessTime()
{
CListCtrl *pList = (CListCtrl*)GetDlgItem(IDC_LSTPROCESS);
FILETIME ftCreate, ftExit, ftKernel, ftUser;

int nCount = pList->GetItemCount();
// loop all the process in the list box
for(int i=0;i<nCount;i++)
{
ST_PROCESSINFO *pstProcessInfo =
(ST_PROCESSINFO *)pList->GetItemData(i);
if(!pstProcessInfo->hProcess)
continue;
if(GetProcessTimes(pstProcessInfo->hProcess,
&ftCreate, &ftExit, &ftKernel, &ftUser))
{
// Horrible, disgusting hack!
// The two lines below basically grab the
// contents of a FILETIME structure
// and store it in a 64 bit integer.
LONGLONG tUser64 = *(LONGLONG *)&ftUser;
LONGLONG tKernel64 = *(LONGLONG *)&ftKernel;

DWORD tUser, tKernel;
// The LONGLONGs contain the time in 100 nanosecond intervals (now
// there's a useful unit of measurement...).  Divide each of them by
// 10000 to convert into milliseconds, and store the results in a
// DWORD.  This means that the max time before overflowing is around
// 4 Million seconds (about 49 days)
tUser = (DWORD)(tUser64 / 10000);
tKernel = (DWORD)(tKernel64 / 10000);

// Format the user and kernel times, and add to the process node
char szItem[128];
char szFileDate[32] = { 0 };
char szFileTime[32] = { 0 };
if(!ftCreate.dwHighDateTime&&!ftCreate.dwLowDateTime)
{
strcpy(szFileDate,"");
strcpy(szFileTime,"");
}
else
{    // formatting the date & time
GetFileDateAsString(&ftCreate, szFileDate, sizeof(szFileDate));
GetFileTimeAsString(&ftCreate, szFileTime, sizeof(szFileTime));
}
wsprintf(szItem, "%s %s", szFileDate, szFileTime);
CString cszText = pList->GetItemText(i,3);
// if already exists then don't update, this will reduce the flicker
if(cszText != szItem)
pList->SetItemText(i,3,szItem);
if(!ftExit.dwHighDateTime&&!ftExit.dwLowDateTime)
{
strcpy(szFileDate,"");
strcpy(szFileTime,"");
}
else
{    // formatting the date & time
GetFileDateAsString(&ftExit, szFileDate, sizeof(szFileDate));
GetFileTimeAsString(&ftExit, szFileTime, sizeof(szFileTime));
}
wsprintf(szItem, "%s %s", szFileDate, szFileTime);
cszText = pList->GetItemText(i,4);
// if already exists then don't update, this will reduce the flicker
if(cszText != szItem)
pList->SetItemText(i,4,szItem);
}
}
}