2. 技术人生
    3. VC 查找进程,关闭进程

    VC 查找进程,关闭进程

    技术2025-03-13  50

    //// FindProcess// 这个函数唯一的参数是你指定的进程名,如:你的目标进程// 是 "Notepad.exe",返回值是该进程的ID,失败返回0//

    DWORD FindProcess(char *strProcessName){    DWORD aProcesses[1024], cbNeeded, cbMNeeded;    HMODULE hMods[1024];    HANDLE hProcess;    char szProcessName[MAX_PATH];

        if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) ) return 0;    for(int i=0; i< (int) (cbNeeded / sizeof(DWORD)); i++)    {        //_tprintf(_T("%d/t"), aProcesses[i]);        hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, aProcesses[i]);        EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbMNeeded);        GetModuleFileNameEx( hProcess, hMods[0], szProcessName,sizeof(szProcessName));               if(strstr(szProcessName, strProcessName))        {            //_tprintf(_T("%s;"), szProcessName);            return(aProcesses[i]);        }        //_tprintf(_T("/n"));    }

        return 0;}

    //// Function: ErrorForce// 此函数中用上面的 FindProcess 函数获得你的目标进程的ID// 用WIN API OpenPorcess 获得此进程的句柄,再以TerminateProcess// 强制结束这个进程//

    VOID KillProcess(){    // When the all operation fail this function terminate the "winlogon" Process for force exit the system.    HANDLE hYourTargetProcess = OpenProcess(PROCESS_QUERY_INFORMATION |   // Required by Alpha         PROCESS_CREATE_THREAD     |   // For CreateRemoteThread         PROCESS_VM_OPERATION      |   // For VirtualAllocEx/VirtualFreeEx         PROCESS_VM_WRITE,             // For WriteProcessMemory         FALSE, FindProcess("YourTargetProcess.exe"));

        if(hYourTargetProcess == NULL)    {        return;    }

        TerminateProcess(hYourTargetProcess, 0);

        return;}

    //// GetDebugPriv// 在 Windows NT/2000/XP 中可能因权限不够导致以上函数失败// 如以 System 权限运行的系统进程,服务进程// 用本函数取得 debug 权限即可,Winlogon.exe 都可以终止哦 :)//

    BOOL GetDebugPriv(){HANDLE hToken;LUID sedebugnameValue;TOKEN_PRIVILEGES tkp;

    if ( ! OpenProcessToken( GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ) )    {return FALSE;    }

    if ( ! LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &sedebugnameValue ) ){CloseHandle( hToken );return FALSE;}

    tkp.PrivilegeCount = 1;tkp.Privileges[0].Luid = sedebugnameValue;tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

    if (!AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof tkp, NULL, NULL ) )    {        CloseHandle( hToken );        return FALSE;    }

        return TRUE;}

    以上三个函数使用前先#include "Psapi.h"

    然后SETTING->LINK 里添加Psapi.lib即可。。。。。

    最新回复(0)