C++获取系统启动时间

这里写自定义目录标题

• • 获取系统启动时间
  • 转换时间戳
• code

这里写自定义目录标题

• • 获取系统启动时间
  • 转换时间戳
• code

获取系统启动时间

转换时间戳

code

#include<stdio.h> 
#include<windows.h>  
#include <ctime>

#include <iostream>
#define NT_SUCCESS(x) ((x)>=0) 
const UINT SystemTimeInformation = 3;

typedef struct {
	LARGE_INTEGER liKeBootTime;
	LARGE_INTEGER liKeSystemTime;
	LARGE_INTEGER liExpTimeZoneBias;
	ULONG uCurrentTimeZoneId;
	DWORD dwReserved;
} SYSTEM_TIME_INFORMATION;

typedef long(__stdcall *fnNtQuerySystemInformation)(
	IN  UINT SystemInformationClass,
	OUT PVOID SystemInformation,
	IN  ULONG SystemInformationLength,
	OUT PULONG ReturnLength OPTIONAL);

static fnNtQuerySystemInformation NtQuerySystemInformation = NULL;

int main(void)
{
	NtQuerySystemInformation = (fnNtQuerySystemInformation)GetProcAddress(LoadLibrary("ntdll.dll"),
		"NtQuerySystemInformation");
	if (NtQuerySystemInformation == NULL)
	{
		printf("Get NtQuerySystemInformation Addr Failed,err=%u\n", GetLastError());
		return 0;
	}
	LONG status;
	SYSTEM_TIME_INFORMATION sti;
	status = NtQuerySystemInformation(SystemTimeInformation, &sti, sizeof(sti), 0);
	if (NO_ERROR != status)
	{
		printf("NtQuerySystemInformation Failed!n");
		return 0;
	}
	FILETIME ft1, ft2;
	SYSTEMTIME st;
	memcpy_s(&ft1, sizeof(ft1), &sti.liKeBootTime, sizeof(sti.liKeBootTime));
	//将其转为文件时间  
	//将一个FILETIME结构转换成本地时间  
	if (0 == FileTimeToLocalFileTime(&ft1, &ft2))
	{
		printf("FileTimeToLocalFileTime Failed err=%u\nn", GetLastError());
		return 0;
	}
	//将文件时间转为系统时间
	if (0 == FileTimeToSystemTime(&ft2, &st))
	{
		printf("FileTimeToSystemTimeFailed err=%u\nn", GetLastError());
		return 0;
	}
	printf("Date: %02d-%02d-%04d Time: %02d:%02d:%02d \n", st.wMonth, st.wDay, st.wYear, st.wHour, st.wMinute, st.wSecond);



	LARGE_INTEGER li;
	li.LowPart = ft1.dwLowDateTime;
	li.HighPart = ft1.dwHighDateTime;

	// 需要对LARGE_INTEGER结构的值进行校正，因为FILETIME以100纳秒为单位，
	// 而Unix时间戳以秒为单位。同时需要考虑从1601年1月1日到1970年1月1日的时间偏移。
	li.QuadPart -= 116444736000000000ULL; // 116444736000000000 = 100纳秒 * (3600 * 24 * 365 * 30 + 3600 * 24 * 15)
	LONG64 timestamp = (LONG64)(li.QuadPart / 10000000); // 
	printf("Unix timestamp: %ld\n", timestamp);





	// 计算时间戳
	FILETIME epoch;
	ZeroMemory(&epoch, sizeof(FILETIME));
	SYSTEMTIME stEpoch = { 1970, 1, 0, 1, 0, 0, 0, 0 };
	SystemTimeToFileTime(&stEpoch, &epoch);

	ULARGE_INTEGER ullBootTime;
	ULARGE_INTEGER ullEpoch;
	ullBootTime.LowPart = ft2.dwLowDateTime;
	ullBootTime.HighPart = ft2.dwHighDateTime;
	ullEpoch.LowPart = epoch.dwLowDateTime;
	ullEpoch.HighPart = epoch.dwHighDateTime;

	// 计算时间戳（单位：秒）
	LONG64 nSysStartRunTime = static_cast<LONG64>((ullBootTime.QuadPart - ullEpoch.QuadPart) / 10000000);
	std::cout << "系统启动时间： " << nSysStartRunTime << std::endl;

	getchar();
	return 0;
}