怎么建立一个让其它程序检测不到我的进程,不是隐藏进程
解决方案 »
- TDataSource 里的dataset 找不到 TADOQuery..?
- 100分求助关于dbexpress连接MSSQL查询表的问题
- 如何取得当前所有进程及线程的各自的CPU占用率和所花的CPU时间
- 200分征求 VGA 数据格式的详细说明
- 数据库取值
- 救急呀!!pos端串口通信!在线!!!1
- 如何知道數據表中的記錄是新插入的,修改過的和未改變過的?要求高效率的判斷語句.OnLine
- 用adoquery来查询,限制某一时间段时(按照时间字段),不对,查出来的时间不对
- 1放分300-->关于一个超级问题,请教大家,欢迎高手指点!!!菜鸟也可以来学习~~~~~~~
- 请问哪位高手知道dephi发送email时,用户检验怎么办?
- string转换到char类型?
- 很簡單的一個問題
在2K以下的版本不可用,xp可以,2003没测试过
共有9个参数ZwCreateProcess(
OUT PHANDLE ProcessHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN HANDLE InheritFromProcessHandle,
IN BOOLEAN InheritHandles,
IN HANDLE SectionHandle OPTIONAL,
IN HANDLE DebugPort OPTIONAL,
IN HANDLE ExceptionPort OPTIONAL
);
这玩意是写病毒和木马用的
希望不要拿去干坏事
能给我一个便子吗????
ProcessHandle
Points to a variable that will receive the process object handle if the call is successful.
DesiredAccess
Specifies the type of access that the caller requires to the process object.This parameter
can be zero, or any combination of the following flags:
PROCESS_TERMINATE Terminate process
PROCESS_CREATE_THREAD Create threads in process
PROCESS_SET_SESSIONID Set process session id
PROCESS_VM_OPERATION Protect and lock memory of process
PROCESS_VM_READ Read memory of process
PROCESS_VM_WRITE Write memory of process
PROCESS_DUP_HANDLE Duplicate handles of process
PROCESS_CREATE_PROCESS Bequeath address space and handles to
new process
Processes: ZwCreateProcess 134
PROCESS_SET_QUOTA Set process quotas
PROCESS_SET_INFORMATION Set information about process
PROCESS_QUERY_INFORMATION Query information about process
PROCESS_SET_PORT Set process exception or debug port
PROCESS_ALL_ACCESS All of the preceding +
STANDARD_RIGHTS_ALL
ObjectAttributes
Points to a structure that specifies the object’s attributes. OBJ_PERMANENT, OBJ_EXCLUSIVE,
and OBJ_OPENIF are not valid attributes for a process object.
InheritFromProcessHandle
A handle to the process object from which virtual address space and handles can be
inherited.The handle must grant PROCESS_CREATE_PROCESS access.
InheritHandles
Specifies whether open inheritable handles should be inherited from the process
referred to by InheritFromProcessHandle.
SectionHandle
Optionally specifies a handle to an image section that grants SECTION_MAP_EXECUTE
access. If this value is zero, the new process inherits the address space from the process
referred to by InheritFromProcessHandle. In Windows 2000 the lowest bit specifies
(when set) that the process should not be associated with the job of the
InheritFromProcessHandle process.
DebugPort
Optionally specifies a handle to a port that will receive debug messages. If this value is
zero, no debug messages are sent.The handle need not grant any particular access.The
circumstances under which messages are sent to the debug port and their content are
described in Chapter 20,“Exceptions and Debugging.”
ExceptionPort
Optionally specifies a handle to a port that will receive exception messages. If this
value is zero, no exception messages are sent.The handle need not grant any particular
access.The circumstances under which messages are sent are sent to the exception port
and their content is described in Chapter 20.
Return Value
Returns STATUS_SUCCESS or an error status, such as STATUS_ACCESS_DENIED or
STATUS_INVALID_HANDLE.
Related Win32 Functions
CreateProcess, CreateProcessAsUser.