15,471
社区成员
发帖
与我相关
我的任务
分享
#include "TLHELP32.H"
void Fun_TerminateProcess(CString strProcessName)
{
try
{
HANDLE hSnapshot = NULL;
//获得某一时刻系统的进程、堆(heap)、模块(module)或线程的快照信息
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hSnapshot != NULL)
{
PROCESSENTRY32 processListStr;
processListStr.dwSize = sizeof(PROCESSENTRY32);
BOOL bReturnValue;
bReturnValue = Process32First(hSnapshot, &processListStr);
CString strExeFile = processListStr.szExeFile;
DWORD dwProcessID = processListStr.th32ProcessID;
int iThreadCnt = processListStr.cntThreads;
while (bReturnValue)
{
if (strExeFile.CompareNoCase(strProcessName) == 0)
{
//先获得该进程句柄,通过进程标识
HANDLE hProcessHandle;
hProcessHandle = OpenProcess(PROCESS_ALL_ACCESS,FALSE,dwProcessID);
//利用数组ID指定的获得存在的一个进程的句柄
if (hProcessHandle)
{
TerminateProcess(hProcessHandle, 0);
}
CloseHandle (hProcessHandle);
//break;//是否全部查杀还是, 只杀第一个
}
//获得系统进程链表中下一个进程的信息
bReturnValue = Process32Next(hSnapshot,&processListStr);
iThreadCnt = processListStr.cntThreads;
dwProcessID = processListStr.th32ProcessID;
strExeFile = processListStr.szExeFile;
}
CloseHandle(hSnapshot);
}
}
catch (...)
{
}
}
void KillProcessById(DWORD processID)
{
TCHAR szProcessName[MAX_PATH] = {0};
HANDLE hProcess = OpenProcess(PROCESS_TERMINATE | PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, processID);
if(NULL != hProcess)
{
DWORD cbNeeded = 0;
HMODULE hModule = NULL;
if(EnumProcessModules(hProcess, &hModule, sizeof(hModule), &cbNeeded))
{
GetModuleBaseName(hProcess, hModule, szProcessName, sizeof(szProcessName)/sizeof(szProcessName[0]));
if(0 == _tcscmp(szProcessName, _T("QQ.exe")))
{
TerminateProcess(hProcess, 0);
}
}
}
}
// 调用杀掉QQ.exe进程
DWORD aProcesses[1024] = {0};
DWORD cbNeeded = 0;
DWORD cProcessed = 0;
if(EnumProcesses(aProcesses, sizeof(aProcesses), &cbNeeded))
{
cProcessed = cbNeeded / sizeof(DWORD);
TCHAR szProcessName[MAX_PATH] = {0};
DWORD dwProcessId = 0;
for(size_t i=0; i<cProcessed; i++)
{
dwProcessId = aProcesses[i];
if(0 != dwProcessId)
{
KillProcessById(dwProcessId);
}
}
}
PROCESSENTRY32 stProcessEntry={0};
HANDLE hProcessSnap=NULL;
BOOL bFlag=TRUE;
stProcessEntry.dwSize=sizeof(stProcessEntry);
hProcessSnap=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); //快照当前进程
bFlag=Process32FirstW(hProcessSnap,&stProcessEntry);
for (;bFlag;)
{
if(0==wcsicmp(L"qq.exe",stProcessEntry.szExeFile);
//得到QQ的PID stProcessEntry.th32ProcessID
bFlag=Process32NextW(hProcessSnap,&stProcessEntry);
}
//提升自身到debug权限
//提升自身到Debug权限
BOOL MyEnableDebugPriority(VOID)
{
HANDLE hTokenHandle=NULL;
TOKEN_PRIVILEGES TokenPrivileges;
BOOL bFlag=FALSE;
//打开自身进程令牌
bFlag=OpenProcessToken(GetCurrentProcess(),TOKEN_QUERY|TOKEN_ADJUST_PRIVILEGES,&hTokenHandle);
if (!bFlag)
{
bFlag=FALSE;
}
else
{
//查询Debug权限
bFlag=LookupPrivilegeValueW(NULL,SE_DEBUG_NAME,&TokenPrivileges.Privileges[0].Luid);
if (!bFlag)
{
bFlag=FALSE;
}
else
{
TokenPrivileges.PrivilegeCount=1;
TokenPrivileges.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED; //我是想获得权限
bFlag=AdjustTokenPrivileges(hTokenHandle,FALSE,&TokenPrivileges,0,(PTOKEN_PRIVILEGES)NULL,0); //提升权限
}
}
if (hTokenHandle!=NULL)
{
CloseHandle(hTokenHandle);
}
return bFlag;
}
//杀进程
HANDLE hProcess=OpenProcess(PROCESS_ALL_ACCESS,FALSE,QQ进程的PID);
TerminateProcess(hProcess,1);