vb 禁止结束进程本程序进程
防止本程序的进程在任务管理器中被认为结束掉,当用户准备在任务管理器中结束该进程时,提示不能结束该进程。代码具体怎么写?高手赐教字打错了是人为结束掉...
防止本程序的进程在任务管理器中被认为结束掉,当用户准备在任务管理器中结束该进程时,提示不能结束该进程。
代码具体怎么写?
高手赐教
字打错了 是人为结束掉 展开
代码具体怎么写?
高手赐教
字打错了 是人为结束掉 展开
7个回答
展开全部
专门针对任务管理器。
思路:将kernel32的TerminateProcess的首字节改为&HC3,使TerminateProcess失效。
Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CreateToolhelpSnapshot Lib "kernel32" Alias "CreateToolhelp32Snapshot" (ByVal lFlags As Long, ByVal lProcessID As Long) As Long
Private Declare Function ProcessFirst Lib "kernel32" Alias "Process32First" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function ProcessNext Lib "kernel32" Alias "Process32Next" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long '
Private Declare Function ShowWindow Lib "user32" (ByVal hwnd As Long, ByVal nCmdShow As Long) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Const TH32CS_SNAPPROCESS = &H2
Private Const TH32CS_SNAPheaplist = &H1
Private Const TH32CS_SNAPthread = &H4
Private Const TH32CS_SNAPmodule = &H8
Private Const TH32CS_SNAPall = TH32CS_SNAPPROCESS + TH32CS_SNAPheaplist + TH32CS_SNAPthread + TH32CS_SNAPmodule
Private Const MAX_PATH As Integer = 260
Private Const PROCESS_ALL_ACCESS = &H100000 + &HF0000 + &HFFF
Private Type PROCESSENTRY32
dwSize As Long
cntUseage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
swFlags As Long
szExeFile As String * 1024
End Type
Private Sub AntiKill()
On Error Resume Next
Dim MySnapHandle As Long
Dim hProcess As Long
Dim ProcessInfo As PROCESSENTRY32
Dim Addr As Long, hMod As Long
Dim ASM(0) As Byte
Dim sProcess As String
ASM(0) = &HC3 'retn
hMod = GetModuleHandle("kernel32")
Addr = GetProcAddress(hMod, "TerminateProcess")
'Debug.Print Hex(Addr)
MySnapHandle = CreateToolhelpSnapshot(TH32CS_SNAPPROCESS, 0)
ProcessInfo.dwSize = Len(ProcessInfo)
If ProcessFirst(MySnapHandle, ProcessInfo) <> 0 Then
Do
sProcess = Left(LCase(ProcessInfo.szExeFile), InStr(ProcessInfo.szExeFile, ".") + 3)
If sProcess = "taskmgr.exe" Then
hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, ProcessInfo.th32ProcessID)
'Debug.Print hProcess
WriteProcessMemory hProcess, ByVal Addr, ByVal VarPtr(ASM(0)), 1, 0&
'Debug.Print Err.LastDllError
CloseHandle hProcess
End If
Loop While ProcessNext(MySnapHandle, ProcessInfo) <> 0
End If
CloseHandle MySnapHandle
Err.Clear
End Sub
思路:将kernel32的TerminateProcess的首字节改为&HC3,使TerminateProcess失效。
Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CreateToolhelpSnapshot Lib "kernel32" Alias "CreateToolhelp32Snapshot" (ByVal lFlags As Long, ByVal lProcessID As Long) As Long
Private Declare Function ProcessFirst Lib "kernel32" Alias "Process32First" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function ProcessNext Lib "kernel32" Alias "Process32Next" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long '
Private Declare Function ShowWindow Lib "user32" (ByVal hwnd As Long, ByVal nCmdShow As Long) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Const TH32CS_SNAPPROCESS = &H2
Private Const TH32CS_SNAPheaplist = &H1
Private Const TH32CS_SNAPthread = &H4
Private Const TH32CS_SNAPmodule = &H8
Private Const TH32CS_SNAPall = TH32CS_SNAPPROCESS + TH32CS_SNAPheaplist + TH32CS_SNAPthread + TH32CS_SNAPmodule
Private Const MAX_PATH As Integer = 260
Private Const PROCESS_ALL_ACCESS = &H100000 + &HF0000 + &HFFF
Private Type PROCESSENTRY32
dwSize As Long
cntUseage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
swFlags As Long
szExeFile As String * 1024
End Type
Private Sub AntiKill()
On Error Resume Next
Dim MySnapHandle As Long
Dim hProcess As Long
Dim ProcessInfo As PROCESSENTRY32
Dim Addr As Long, hMod As Long
Dim ASM(0) As Byte
Dim sProcess As String
ASM(0) = &HC3 'retn
hMod = GetModuleHandle("kernel32")
Addr = GetProcAddress(hMod, "TerminateProcess")
'Debug.Print Hex(Addr)
MySnapHandle = CreateToolhelpSnapshot(TH32CS_SNAPPROCESS, 0)
ProcessInfo.dwSize = Len(ProcessInfo)
If ProcessFirst(MySnapHandle, ProcessInfo) <> 0 Then
Do
sProcess = Left(LCase(ProcessInfo.szExeFile), InStr(ProcessInfo.szExeFile, ".") + 3)
If sProcess = "taskmgr.exe" Then
hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, ProcessInfo.th32ProcessID)
'Debug.Print hProcess
WriteProcessMemory hProcess, ByVal Addr, ByVal VarPtr(ASM(0)), 1, 0&
'Debug.Print Err.LastDllError
CloseHandle hProcess
End If
Loop While ProcessNext(MySnapHandle, ProcessInfo) <> 0
End If
CloseHandle MySnapHandle
Err.Clear
End Sub
本回答由提问者推荐
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
很简单,用一个timer,数值设置成1,在timer中写到:
Dim ps() As Process
ps = System.Diagnostics.Process.GetProcesses()
For Each p As Process In ps
If p.ProcessName = "taskmgr" Then
p.kill
End If
Next
原理是一旦发现别人按出任务管理器就关闭任务管理器,这个方法我进常用,嘿嘿,不过我用的是VB.Net 不知道会不会有什么不同,这样的方法很容易,但缺点就是容易被发现,但是很容易 :D 希望能够帮到你...
Dim ps() As Process
ps = System.Diagnostics.Process.GetProcesses()
For Each p As Process In ps
If p.ProcessName = "taskmgr" Then
p.kill
End If
Next
原理是一旦发现别人按出任务管理器就关闭任务管理器,这个方法我进常用,嘿嘿,不过我用的是VB.Net 不知道会不会有什么不同,这样的方法很容易,但缺点就是容易被发现,但是很容易 :D 希望能够帮到你...
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
在VB程序里随便调用一个系统级别的dll就不能随便结束你的进程了。
但是你得先知道自己会调用哪些dll,比如知道它们的接口。
另外也可以写个系统级的服务程序也不能随便被结束进程。
但是你得先知道自己会调用哪些dll,比如知道它们的接口。
另外也可以写个系统级的服务程序也不能随便被结束进程。
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
禁用任务管理器,
open "x:\...\taskmgr.exe" for binary as 1000
关闭改程序该句自动失效,(close 1000)呵呵,多好
open "x:\...\taskmgr.exe" for binary as 1000
关闭改程序该句自动失效,(close 1000)呵呵,多好
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
使用全局变量,可以让程序名称不出现在任务管理器中,岂不更好?
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
我给你个DLL
你调用里面的两个函数就可以实现上边你说的功能的。
DLL是我自己写的。
要的话找我。
你调用里面的两个函数就可以实现上边你说的功能的。
DLL是我自己写的。
要的话找我。
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
更多回答(5)
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
