Obtain windows information about Windows APIs

1. Window Information
Ms provides functions for opening a specific desktop and enumerating a desktop window.
Hdesk = opendesktop (lpszdesktop, 0, false, reply top_enumerate );
// Open our default desktop;
Enumdesktopwindows (hdesk, (wndenumproc) enumwindowproc, 0 );
// Enumeration opens all windows on the desktop and is implemented by the callback function.
Bool _ stdcall enumwindowproc (hwnd, lparam );
// In the callback function, we can obtain the title of the window, related processes, and thread information;
Getwindowtext (hwnd, szwindowtext, dwmaxcount );
Getwindowthreadprocessid (hwnd, & dwpid );

2. device drive information (the service is similar to the device drive and is not repeated here)
The device driver information is managed by the Service Control Manager (SCM). I want to open the Service Control Manager and enumerate all the device drivers.
Openscmanager (null, null, SC _manager_all_access );
// Open the Service Control Manager with all permissions;
Enumservicesstatus (schmanager, dwdevicetype, dwdevicestate,
Enumstatus, dwbufsize, & dwbytesneeded, & dwdevicesreturned, & dwresumehandle ))
// Enumerate the current status of all devices;
Closeservicehandle (schmanager );
// Remember to close the Service handle after the access is completed;
Openservice (schmanager, szdevicename, service_all_access );
// Open the drive of the specified device;
Queryserviceconfig (schdevice, lpdeviceconfig, 1024*8, & dwbytesneeded );
// Query the service configuration information of the drive;
Queryservicestatus (schdevice, & devicestatus );
// Query the current status of the drive;
Queryserviceconfig2 (schdevice, service_config_description, (lpbyte) lpdevicedescription, 8*1024, & dwbytesneeded)
// Query the device description;
Startservice (schdevice, 0, null );
// Start the device;
Controlservice (schdevice, service_control_stop, & devicestatus );
// Stop the device;
Deleteservice (schdevice );
// Delete a device;

3. Disk Information
We hope to obtain information about all the disks in the system, including floppy disks, hard disks, and optical disks;
Getlogicaldrivestrings (dwbufferlength, lpbuffer );
// Obtain the information of the logical device;
Getvolumeinformation (lprootpathname, lpvolumenamebuffer, dwvolumenamesize, & dwvolumeserialnumber,
& Dwmaximumcomponentlength, & dwfilesystemflags, lpfilesystemnamebuffer, dwfilesystemnamesize );
// Obtain the disk volume information, including the volume name and format type;
Getdiskfreespaceex (lprootpathname, & freebytesavailable, & totalnumberofbytes, & totalnumberoffreebytes );
// Test disk space usage;

4. Environment Variables
We can obtain the environment block information from the Registry: hkey_local_machinesystemcurrentcontrolsetcontrolsession managerenvironment. Of course, we must use the registry function.
Regopenkeyex (HKEY_LOCAL_MACHINE, regkey, 0, key_query_value, & hkey );
// Open the registry key;
Regenumvalue (hkey, dwindex, environvariable, & dwvariablelength, null );
// Query the required information values;
Getenvironmentvariable (environvariable, environstring, 1024 );
// Obtain the string information of the environment variable;

5. event record information
Openeventlog (null, szlog );
// Enable the time log record;
Getoldesteventlogrecord (hevent, & dwthisrecord );
// Obtain the latest log information to continue searching;
Readeventlog (hevent, eventlog_forwards_read │ eventlog_sequential_read,
0. peventlogrecord, 1024*32, & dwread, & dwneeded );
// Read the log information;
Lookupaccountsid (null, psid, szname, & dwname, szdomain, & dwdomain, & snu );
// Obtain the account Sid to obtain the account user name;
Getnumberofeventlogrecords (hevent, & dwtotal );
// Obtain the total number of Event Logs;
Closeeventlog (hevent );
// Do not forget to close the event handle;

6. Network Sharing
We use the second-level Internet shared search;
NetShareEnum (null, dwlevel, (pbyte *) & pbuf, max_preferred_length, & entriesread, & totalentries, & resume );
// List all shared directories and related information;
Netapibufferfree (pbuf );
// Release the buffer;
Netincludel (null, (char *) lpsharenamew, 0 );
// Delete the shared network directory;

7. network adapter Information
We need to detect Nic information and network traffic;
Getadaptersinfo (& adapterinfo, & outbuflen );
// Obtain the adapter information;

8. System Performance
Obtain the memory usage of the system;
Getperformanceinfo (& perfinfo, sizeof (effecmace_information ))
// Obtain system performance information;

9. Process/thread/module information
Here we use tool help functions (toolhelp32) and systems
Openprocesstoken (getcurrentprocess (), token_query │ token_adjust_privileges, & htoken );
// Open the process token to raise the permission;
Adjusttokenprivileges (htoken, false, & tokenprivileges, sizeof (token_privileges), null, null );
// Escalate process permissions to support debugging (Debug );
Createconlhelp32snapshot (th32cs_snapprocess, 0 );
// Create a process snapshot;
Process32first (hprocesssnap, & processentry32 );
Process32first (hprocesssnap, & processentry32 );
// Enumerate all processes;
OpenProcess (process_query_information, false, processentry32.th32processid );
// Open a specific process to query process-related information;
Getprocesstimes (hprocess, & createtime, & exittime, & kerneltime, & usertime );
// Obtain the time information of the process;
Getprocessmemoryinfo (hprocess, & pmcounter, sizeof (pmcounter ));
// Obtain the stored area information of a process;
Getpriorityclass (hprocess );
// Obtain the priority of a process;
Getprocessiocounters (hprocess, & iocounters );
// Obtain the IO usage of the process;
Createconlhelp32snapshot (th32cs_snapmodule, dwprocessid );
// Create a module snapshot;
Module32first (hmodulesnap, & moduleentry32 );
Module32next (hmodulesnap, & moduleentry32 );
// Enumerate process module information;
Createconlhelp32snapshot (th32cs_snapthread, 0 );
// Create a thread snapshot;
Thread32first (hthreadsnap, & threadentry32 );
Thread32next (hthreadsnap, & threadentry32 );
// Enumerate thread information;
Openthread (thread_all_access, false, threadentry32.th32threadid );
// Open the thread and obtain the function address by yourself;
Terminateprocess (hprocess, 0 );
// Terminate the process;
Suspendthread (hthread );
// Suspension thread;
Resumethread (hthread );
// Activate the thread;

10. Shutdown
Adjusttokenprivileges (htoken, false, & tokenprivileges, sizeof (token_privileges), null, null );
// Adjust the process token to enable shutdown;
Exitwindowsex (ewx_logoff, 0 );
// Log out of the system;
Lockworkstation ();
// Lock the system;
Initiatesystemshutdown (null, szmessage, dwtimeout, false, bsig );
// Supports shutdown/restart when the message is recorded and displayed;
Setsystempowerstate (bsig, false );
// System sleep/hibernation;

11. User Information
Netuserenum (null, dwlevel, filter_normal_account, (lpbyte *) & pbuf,
Dwprefmaxlen, & dwentriesread, & dwtotalentries, & dwresumehandle );
// Enumerate system user information;
Netuserdel (null, lpusernamew );
// Delete a specified user;

12. System Version Information
Getversionex (lposversioninfo) & osviex );
// Obtain the version information of the operating system;
You can also obtain related information through the registry (hkey_local_machinesoftwaremicrosoftwindows ntcurrentversion:
Gettickcount ();
// Obtain the start time;
Getcomputername (szinfo, & dwinfo );
// Obtain the computer name;
GetUserName (szinfo, & dwinfo );
// Obtain the computer user name;
Getwindowsdirectory (szinfo, max_path + 1 );
// Obtain the Windows directory;
Getsystemdirectory (szinfo, max_path + 1 );

// Obtain the system directory;

Http://club.sohu.com/read_elite.php? B = Program & A = 566539