VFP 关闭进程
VFP 如何关闭一个已知名称的进程?
在十豆三的贴子内有一个解决方法,但杀毒程序老提示有未知木马:
C:\WINDOWS\SYSTEM32\NTSD.EXE(7548) (瑞星,其它没试过)
不知还有其它方法没?
代码如下:
******只有System、SMSS.EXE和CSRSS.EXE不能结束。前两个是纯内核态的,最后那个是Win32子系统
Exit_ProFileName='sqlservr.exe' && sqlservr.exe为要结束的系统进程名称
IF GetAllProcessID('Process_CurTable')
SELECT Pth32ProcessID INTO ARRAY Exit_id FROM Process_CurTable WHERE ALLTRIM(UPPER(PszExeFile))=UPPER(Exit_ProFileName)
lcString='RUN /N7 ntsd -c q -p '+ALLTRIM(STR(Exit_id))
&lcString
ENDIF
* -------------------------------------
* 枚举当前所有进程
* -------------------------------------
FUNCTION GetAllProcessID ( lpProcTable )
lpProcTable = IIF(PARAMETERS()=1 AND TYPE([lpProcTable])=[C], lpProcTable, [AllProclists] )
DECLARE INTEGER CreateToolhelp32Snapshot IN kernel32 INTEGER lFlags, INTEGER lProcessID
DECLARE INTEGER Process32First IN kernel32 INTEGER hSnapShot, STRING @PROCESSENTRY32_uProcess
DECLARE INTEGER Process32Next IN kernel32 INTEGER hSnapShot, STRING @PROCESSENTRY32_uProcess
DECLARE INTEGER CloseHandle IN kernel32 INTEGER hObject
DECLARE INTEGER GetLastError IN kernel32
CREA CURSOR (lpProcTable) (PdwSize N(3), PcntUsage N(12), ;
Pth32ProcessID N(12), Pth32DefaultHeapID N(12), ;
Pth32ModuleID N(12), PcntThreads N(12), ;
Pth32ParentProcessID N(12), PpcPriClassBase N(3), ;
PdwFlags N(3), PszExeFile C(254) )
lnHand = 0
lnHand = CreateToolhelp32Snapshot(3,0)
IF lnHand>0
dwSize = Num2Dword(296)
cntUsage = Num2Dword(0)
th32ProcessID = Num2Dword(0)
th32DefaultHeapID = Num2Dword(0)
th32ModuleID = Num2Dword(0)
cntThreads = Num2Dword(0)
th32ParentProcessID = Num2Dword(0)
pcPriClassBase = Num2Dword(0)
dwFlags = Num2Dword(0)
szExeFile = REPLI(CHR(0), 260)
lcTitle = dwSize + cntUsage + th32ProcessID + th32DefaultHeapID ;
+ th32ModuleID + cntThreads + th32ParentProcessID ;
+ pcPriClassBase + dwFlags + szExeFile
IF Process32First(lnHand,@lcTitle) > 0 && 第一个进程是 kernel32.dll,没必要列出
DO WHILE Process32Next(lnHand,@lcTitle)> 0
INSERT INTO (lpProcTable) (PdwSize, PcntUsage, Pth32ProcessID, Pth32DefaultHeapID, ;
Pth32ModuleID, PcntThreads, Pth32ParentProcessID, ;
PpcPriClassBase, PdwFlags, PszExeFile) ;
VALUES ( ;
Dword2Num(SUBSTR(lcTitle, 1,4)), ;
Dword2Num(SUBSTR(lcTitle, 5,4)), ;
Dword2Num(SUBSTR(lcTitle, 9,4)), ;
Dword2Num(SUBSTR(lcTitle,13,4)), ;
Dword2Num(SUBSTR(lcTitle,17,4)), ;
Dword2Num(SUBSTR(lcTitle,21,4)), ;
Dword2Num(SUBSTR(lcTitle,25,4)), ;
Dword2Num(SUBSTR(lcTitle,29,4)), ;
Dword2Num(SUBSTR(lcTitle,33,4)), ;
SUBSTR(SUBSTR(lcTitle, 37), 1, AT(CHR(0),SUBSTR(lcTitle, 37))-1) )
ENDDO
ENDIF
= CloseHandle(lnHand)
RETURN .T.
ELSE
RETURN .F.
ENDIF
ENDFUNC
FUNCTION Num2Dword ( lpnNum )
DECLARE INTEGER RtlMoveMemory IN kernel32 AS RtlCopyDword STRING @pDeststring, INTEGER @pVoidSource, INTEGER nLength
lcDword = SPACE(4)
= RtlCopyDword(@lcDword, BITOR(lpnNum,0), 4)
RETURN lcDword
ENDFUNC
FUNCTION Dword2Num ( tcDword )
DECLARE INTEGER RtlMoveMemory IN kernel32 AS RtlCopyNum INTEGER @DestNumeric, STRING @pVoidSource, INTEGER nLength
lnNum = 0
=RtlCopyNum(@lnNum, tcDword, 8)
RETURN lnNum
ENDFUNC
[解决办法]
不错,来顶一个,沙发。
[解决办法]
pass by
[解决办法]
VFP中如何结束(系统)进程?*-----------------------------------------参考文章:http://www.onlyred.com/computer/system/windows/200512/96.html-----------------------------方法一:可以结束除System、SMSS.EXE和CSRSS.EXE外所有进程******只有System、SMSS.EXE和CSRSS.EXE不能结束。前两个是纯内核态的,最后那个是Win32子系统Exit_ProFileName='sqlservr.exe' && sqlservr.exe为要结束的系统进程名称IF GetAllProcessID('Process_CurTable') SELECT Pth32ProcessID INTO ARRAY Exit_id FROM Process_CurTable WHERE ALLTRIM(UPPER(PszExeFile))=UPPER(Exit_ProFileName) lcString='RUN /N7 ntsd -c q -p '+ALLTRIM(STR(Exit_id)) &lcStringENDIF* -------------------------------------* 枚举当前所有进程* -------------------------------------FUNCTION GetAllProcessID ( lpProcTable ) lpProcTable = IIF(PARAMETERS()=1 AND TYPE([lpProcTable])=[C], lpProcTable, [AllProclists] ) DECLARE INTEGER CreateToolhelp32Snapshot IN kernel32 INTEGER lFlags, INTEGER lProcessID DECLARE INTEGER Process32First IN kernel32 INTEGER hSnapShot, STRING @PROCESSENTRY32_uProcess DECLARE INTEGER Process32Next IN kernel32 INTEGER hSnapShot, STRING @PROCESSENTRY32_uProcess DECLARE INTEGER CloseHandle IN kernel32 INTEGER hObject DECLARE INTEGER GetLastError IN kernel32 CREA CURSOR (lpProcTable) (PdwSize N(3), PcntUsage N(12), ; Pth32ProcessID N(12), Pth32DefaultHeapID N(12), ; Pth32ModuleID N(12), PcntThreads N(12), ; Pth32ParentProcessID N(12), PpcPriClassBase N(3), ; PdwFlags N(3), PszExeFile C(254) ) lnHand = 0 lnHand = CreateToolhelp32Snapshot(3,0) IF lnHand>0 dwSize = Num2Dword(296) cntUsage = Num2Dword(0) th32ProcessID = Num2Dword(0) th32DefaultHeapID = Num2Dword(0) th32ModuleID = Num2Dword(0) cntThreads = Num2Dword(0) th32ParentProcessID = Num2Dword(0) pcPriClassBase = Num2Dword(0) dwFlags = Num2Dword(0) szExeFile = REPLI(CHR(0), 260) lcTitle = dwSize + cntUsage + th32ProcessID + th32DefaultHeapID ; + th32ModuleID + cntThreads + th32ParentProcessID ; + pcPriClassBase + dwFlags + szExeFile IF Process32First(lnHand,@lcTitle) > 0 && 第一个进程是 kernel32.dll,没必要列出 DO WHILE Process32Next(lnHand,@lcTitle)> 0 INSERT INTO (lpProcTable) (PdwSize, PcntUsage, Pth32ProcessID, Pth32DefaultHeapID, ; Pth32ModuleID, PcntThreads, Pth32ParentProcessID, ; PpcPriClassBase, PdwFlags, PszExeFile) ; VALUES ( ; Dword2Num(SUBSTR(lcTitle, 1,4)), ; Dword2Num(SUBSTR(lcTitle, 5,4)), ; Dword2Num(SUBSTR(lcTitle, 9,4)), ; Dword2Num(SUBSTR(lcTitle,13,4)), ; Dword2Num(SUBSTR(lcTitle,17,4)), ; Dword2Num(SUBSTR(lcTitle,21,4)), ; Dword2Num(SUBSTR(lcTitle,25,4)), ; Dword2Num(SUBSTR(lcTitle,29,4)), ; Dword2Num(SUBSTR(lcTitle,33,4)), ; SUBSTR(SUBSTR(lcTitle, 37), 1, AT(CHR(0),SUBSTR(lcTitle, 37))-1) ) ENDDO ENDIF = CloseHandle(lnHand) RETURN .T. ELSE RETURN .F. ENDIFENDFUNCFUNCTION Num2Dword ( lpnNum ) DECLARE INTEGER RtlMoveMemory IN kernel32 AS RtlCopyDword STRING @pDeststring, INTEGER @pVoidSource, INTEGER nLength lcDword = SPACE(4) = RtlCopyDword(@lcDword, BITOR(lpnNum,0), 4) RETURN lcDwordENDFUNCFUNCTION Dword2Num ( tcDword ) DECLARE INTEGER RtlMoveMemory IN kernel32 AS RtlCopyNum INTEGER @DestNumeric, STRING @pVoidSource, INTEGER nLength lnNum = 0 =RtlCopyNum(@lnNum, tcDword, 8) RETURN lnNumENDFUNC-----------------------------方法二:可以结束非系统进程Exit_ProFileName='QQ.exe' && QQ.exe为要结束的系统进程名称IF GetAllProcessID('Process_CurTable') SELECT Pth32ProcessID INTO ARRAY Exit_id FROM Process_CurTable WHERE ALLTRIM(UPPER(PszExeFile))=UPPER(Exit_ProFileName) IF ExitProcessId(Exit_id) MESSAGEBOX('结束进程成功!',64,'信息提示') ELSE MESSAGEBOX('结束进程失败!',16,'信息提示') ENDIFENDIF* -------------------------------------* 枚举当前所有进程* -------------------------------------FUNCTION GetAllProcessID ( lpProcTable ) lpProcTable = IIF(PARAMETERS()=1 AND TYPE([lpProcTable])=[C], lpProcTable, [AllProclists] ) DECLARE INTEGER CreateToolhelp32Snapshot IN kernel32 INTEGER lFlags, INTEGER lProcessID DECLARE INTEGER Process32First IN kernel32 INTEGER hSnapShot, STRING @PROCESSENTRY32_uProcess DECLARE INTEGER Process32Next IN kernel32 INTEGER hSnapShot, STRING @PROCESSENTRY32_uProcess DECLARE INTEGER CloseHandle IN kernel32 INTEGER hObject DECLARE INTEGER GetLastError IN kernel32 CREA CURSOR (lpProcTable) (PdwSize N(3), PcntUsage N(12), ; Pth32ProcessID N(12), Pth32DefaultHeapID N(12), ; Pth32ModuleID N(12), PcntThreads N
[解决办法]
来顶~~~~下去