uses里加入TLHelp32函数: procedure KillProcess(AProcName: string);//AProcName为进程的名称 var lppe: TProcessEntry32; found: boolean; Hand: THandle; begin Hand := CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0); found := Process32First(Hand, lppe); while found do begin if UpperCase(AProcName) = UpperCase(lppe.szExeFile) then begin TerminateProcess(OpenProcess(PROCESS_TERMINATE, False, lppe.th32ProcessID), 0); found := false; end else found := Process32Next(Hand, lppe); end; end;调用例:KillProcess('QQ.exe');
再提升到DeBug权限就连系统服务都能杀了 function EnablePrivilege(hToken: Cardinal; PrivName: string; bEnable: Boolean): Boolean; var TP: TOKEN_PRIVILEGES; Dummy: Cardinal; begin TP.PrivilegeCount := 1; LookupPrivilegeValue(nil, pchar(PrivName), TP.Privileges[0].Luid); if bEnable then TP.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED else TP.Privileges[0].Attributes := 0; AdjustTokenPrivileges(hToken, False, TP, SizeOf(TP), nil, Dummy); Result := GetLastError = ERROR_SUCCESS; end; var hToken: Cardinal; begin OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES, hToken); result:=EnablePrivilege(hToken, 'SeDebugPrivilege', True); CloseHandle(hToken); end;
procedure KillProcess(AProcName: string);//AProcName为进程的名称
var
lppe: TProcessEntry32;
found: boolean;
Hand: THandle;
begin
Hand := CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0);
found := Process32First(Hand, lppe);
while found do
begin
if UpperCase(AProcName) = UpperCase(lppe.szExeFile) then
begin
TerminateProcess(OpenProcess(PROCESS_TERMINATE, False, lppe.th32ProcessID), 0);
found := false;
end
else
found := Process32Next(Hand, lppe);
end;
end;调用例:KillProcess('QQ.exe');
function EnablePrivilege(hToken: Cardinal; PrivName: string; bEnable: Boolean): Boolean;
var
TP: TOKEN_PRIVILEGES;
Dummy: Cardinal;
begin
TP.PrivilegeCount := 1;
LookupPrivilegeValue(nil, pchar(PrivName), TP.Privileges[0].Luid);
if bEnable then
TP.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED
else TP.Privileges[0].Attributes := 0;
AdjustTokenPrivileges(hToken, False, TP, SizeOf(TP), nil, Dummy);
Result := GetLastError = ERROR_SUCCESS;
end;
var
hToken: Cardinal;
begin
OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES, hToken);
result:=EnablePrivilege(hToken, 'SeDebugPrivilege', True);
CloseHandle(hToken);
end;