?? unit1.~pas
字號:
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs,TLHELP32;
type
TForm1 = class(TForm)
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
//98下檢查程序父進程是否為EXPLORER.EXE.NT/XP下檢查是否為CMD.EXE
PROCEDURE CHECK_PARENTPROC;//檢查自己的父進程
VAR
PN:TPROCESSENTRY32;
SHANDLE:THANDLE;
H,EXPLPROC,PARENTPROC:HWND;
FOUND:BOOLEAN;
BUFFER:ARRAY[0..1023]OF CHAR;
PATH:STRING;
BEGIN
H:=0;
EXPLPROC:=0;
PARENTPROC:=0;
//得到系統的目錄
SETSTRING(PATH,BUFFER,GETWINDOWSDIRECTORY(BUFFER,SIZEOF(BUFFER)-1));
PATH:=UPPERCASE(PATH)+'\EXPLORER.EXE';//得到EXPLORER.EXE的路徑
//得到所有進程的快照
SHANDLE:=CREATETOOLHELP32SNAPSHOT(TH32CS_SNAPALL,0);
FOUND:=PROCESS32FIRST(SHANDLE,PN); //查找進程
WHILE FOUND DO
BEGIN
IF PN.szExeFile =PARAMSTR(0) THEN //自己的進程
BEGIN
PARENTPROC:=PN.th32ProcessID;//得到父進程ID
H:=OPENPROCESS(PROCESS_ALL_ACCESS,TRUE,PN.th32ProcessID);
//父進程句柄
END
ELSE
BEGIN
IF UPPERCASE(PN.szExeFile)=PATH THEN
BEGIN
EXPLPROC:=PN.th32ProcessID;//EXPLOREX的ID
FOUND:=PROCESS32NEXT(SHANDLE,PN);
END;
END;
IF PARENTPROC<>EXPLPROC THEN
BEGIN
TERMINATEPROCESS(H,0);//殺之
//這里可以寫入死機的代碼
END;
END;
END;
end.
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -