'有些声明自己找找了 'Kill process by executable procedure name for VS Friend Function KillProcedure(ByVal sExeName As String) As Boolean Dim lSnapShot As IntPtr Dim lNextProcess As IntPtr Dim tPE As PROCESSENTRY32 On Error GoTo ErrMsg 'Create snapshot lSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0&) If lSnapShot.ToInt32 <> -1 Then 'Length of the structure tPE.dwSize = Len(tPE) 'Find first process lNextProcess = Process32First(lSnapShot, tPE) Do While lNextProcess.ToInt32 'Found specified process If sExeName = Left$(tPE.szExeFile, Len(sExeName)) And Len(sExeName) > 0 Then Dim lProcess As IntPtr Dim lExitCode As Long 'Open process lProcess = OpenProcess(PROCESS_ALL_ACCESS, False, tPE.th32ProcessID) 'Terminate process TerminateProcess(lProcess, lExitCode) 'Close Handle CloseHandle(lProcess) End If 'Get next process lNextProcess = Process32Next(lSnapShot, tPE) Loop 'Close Handle Call CloseHandle(lSnapShot) Else Call MsgBox("Cannot enumerate running process!") Call MsgBox(Err.Description, MsgBoxStyle.OKOnly + MsgBoxStyle.Information, RTX_MESSAGE_TITLE) Return False End If Return True Exit FunctionErrMsg: Call MsgBox(Err.Description, MsgBoxStyle.OKOnly + MsgBoxStyle.Information, RTX_MESSAGE_TITLE) End Function
Declare Function TerminateProcess Lib "kernel32" Alias "TerminateProcess" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long
说明
结束一个进程
在VB里使用
可以使用,但尽量不用
返回值
Long,非零表示成功,零表示失败。会设置GetLastError
参数表
参数 类型及说明
hProcess Long,指定要中断的一个进程的句柄
uExitCode Long,进程的一个退出代码
HANDLE WINAPI CreateToolhelp32Snapshot(
DWORD dwFlags,
DWORD th32ProcessID
);
具体参数查询一下MSDN就知道了。定义一个PROCESSENTRY32类型结构体 pe32
Dim hProcessSnap As HANDLE
Dim bMore As Bool
bMore=Process32First(hProcessSnap,pe32)While bMore=True ’循环体开始 判断pe32里面的字符串成员szExeFile中是否含有“1.exe”这个子字符串
如果没有
bMore=Process32Next(hProcessSnap,pe32)
否则
bMore=False
Wend ’循环体结束调用API OpenProcess,返回值赋给hProcessSnap,
’打开该进程块,对于第二个参数可以使用pe32结构体中的th32ProcessID
’作为目标进程的ID,第一个参数可以设置成完全权限
调用API TerminateProcess, ’可以用hProcessSnap变量作为该进程的句柄,uExitCode参数可以省略
CloseHandle(hProcessSnap)'-----用于关闭进程句柄=====================================================
总体算法构想----先获取所有进程的快照,然后逐个遍历进程块,判断进程块中的进程完全路径(包含进程名)中是否含有“1.exe”,如果没有,继续遍历其他的进程块,如果有,则当前进程就是要找的1.exe。可以用OpenProcess这个API获取对这个进程的完全操作权限,并且通过保留该API的返回值可以获得该进程的准确句柄,然后调用TerminateProcess API,以刚才的句柄作为参数,强制立即关闭该进程,且不保留该进程的任何信息,此后,关闭该句柄。======================================================
下面的结构体定义可以参考一下
typedef struct tagPROCESSENTRY32 {
DWORD dwSize;
DWORD cntUsage;
DWORD th32ProcessID;
DWORD th32DefaultHeapID;
DWORD th32ModuleID;
DWORD cntThreads;
DWORD th32ParentProcessID;
LONG pcPriClassBase;
DWORD dwFlags;
char szExeFile[MAX_PATH];
} PROCESSENTRY32;
typedef PROCESSENTRY32 * PPROCESSENTRY32;
typedef PROCESSENTRY32 * LPPROCESSENTRY32; 不太详细,lz凑合着参考吧。:)
'Kill process by executable procedure name for VS
Friend Function KillProcedure(ByVal sExeName As String) As Boolean
Dim lSnapShot As IntPtr
Dim lNextProcess As IntPtr
Dim tPE As PROCESSENTRY32 On Error GoTo ErrMsg 'Create snapshot
lSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0&)
If lSnapShot.ToInt32 <> -1 Then
'Length of the structure
tPE.dwSize = Len(tPE) 'Find first process
lNextProcess = Process32First(lSnapShot, tPE)
Do While lNextProcess.ToInt32
'Found specified process
If sExeName = Left$(tPE.szExeFile, Len(sExeName)) And Len(sExeName) > 0 Then
Dim lProcess As IntPtr
Dim lExitCode As Long
'Open process
lProcess = OpenProcess(PROCESS_ALL_ACCESS, False, tPE.th32ProcessID)
'Terminate process
TerminateProcess(lProcess, lExitCode)
'Close Handle
CloseHandle(lProcess)
End If 'Get next process
lNextProcess = Process32Next(lSnapShot, tPE)
Loop 'Close Handle
Call CloseHandle(lSnapShot)
Else
Call MsgBox("Cannot enumerate running process!")
Call MsgBox(Err.Description, MsgBoxStyle.OKOnly + MsgBoxStyle.Information, RTX_MESSAGE_TITLE)
Return False
End If
Return True
Exit FunctionErrMsg:
Call MsgBox(Err.Description, MsgBoxStyle.OKOnly + MsgBoxStyle.Information, RTX_MESSAGE_TITLE)
End Function
shell "ntsd -c q -pn 1.exe"
估计lz是想找一段现成的代码学习一下,不过,最好还是让查资料、编码和debug的过程痛苦一点吧,不然的话,会错过很多价值不菲的“副产品”……