vb中如何在任务管理器里面隐藏应用程序进程
如何从任务栏上隐藏应用程序的按纽
如何从任务栏上隐藏应用程序的按纽用过金山词霸的朋友一定对其主窗口的工作方式很感兴趣。
当它显示时,在任务栏有一个对应的按纽,而当它最小化的时候则从任务栏上消失了。
如何在我们的程序中实现这一技巧呢?通过研究Delphi程序的工件方式和试验摸索,本人得出了实现这一技巧的方法。
现在写出来与大家共享,希望能对大家编程有所帮助。
其实本来实现这一巧很容易的,只要在窗口的最小化事件代码中加入:self.hide;就行了。
但问题是 Form没有最小化事件。
通过摸索,本人发现当主窗口最小化时会调用Application 对象的OnMinimize方法。
只要在自己的主窗口定义中添加一个自己的方法,再将它安装Application对象的OnMinimize方法上去就行了。
要再次显示主窗口只要调用show; 方法就行了。
不过要注意:一定要主窗口的OnShow事件方法中加入Application.Resore;方法调用,否则,第二次按最小化按纽的时候,程序将什么也不做。
要使程序启动时不显示主窗口,只要在Project代码中加入Application.ShowMainForm:=false; 就行了。
以下是程序片段,过几天本人将程序完善后会放到主页上来。
{WinKill.Dpr}program WinKill;usesForms,FMain in 'FMain.pas' {FormMain};{$R *.RES}beginApplication.Initialize;Application.CreateForm(TFormMain, FormMain);Application.ShowMainForm:=false;//*****Application.OnMinimize:=FormMain.AppMinimize;//******Application.Run;end.{Unit FMain}...procedure TFormMain.M_ShowClick(Sender: TObject);beginself.Show;end;procedure TFormMain.AppMinimize(Sender: TObject);begininherited;self.Hide;end;procedure TFormMain.FormShow(Sender: TObject);beginApplication.Restore;//如果将这句去掉,则第二次按最小化按纽的时候,程序将什么也不做。
VB结束进程
VB结束进程用VB结束进程一般有两种办法,可以结束进程,也可以结束一个窗体。
结束进程:最简单的办法就是用sheel调用taskkill,用法为:sheel"taskkill /f /im 程序.exe"。
可以结束一些一般的程序。
还可以用API函数实现,代码如下:Private Type PROCESSENTRY32dwSize As LongcntUsage As Longth32ProcessID As Longth32DefaultHeapID As Longth32ModuleID As LongcntThreads As Longth32ParentProcessID As LongpcPriClassBase As LongdwFlags As LongszExeFile As String * 260End TypePrivate Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As LongPrivate Declare Function Process32First Lib "kernel32" (ByVal hSnapShot As Long, lppe As PROCESSENTRY32) As LongPrivate Declare Function Process32Next Lib "kernel32" (ByVal hSnapShot As Long, lppe As PROCESSENTRY32) As LongPrivate Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal blnheritHandle As Long, ByVal dwAppProcessId As Long) As LongPrivate Declare Function TerminateProcess Lib "kernel32" (ByVal ApphProcess As Long, ByVal uExitCode As Long) As LongPrivate Declare Sub CloseHandle Lib "kernel32" (ByVal hPass As Long)Private Const TH32CS_SNAPPROCESS = &H2&'关闭指定名称的进程Private Sub KillProcess(sProcess As String)Dim lSnapShot As LongDim lNextProcess As LongDim tPE As PROCESSENTRY32lSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0&)If lSnapShot <> -1 ThentPE.dwSize = Len(tPE)lNextProcess = Process32First(lSnapShot, tPE)Do While lNextProcessIf LCase$(sProcess) = LCase$(Left(tPE.szExeFile, InStr(1, tPE.szExeFile, Chr(0)) - 1)) ThenDim lProcess As LongDim lExitCode As LonglProcess = OpenProcess(1, False, tPE.th32ProcessID)TerminateProcess lProcess, lExitCodeCloseHandle lProcessEnd IflNextProcess = Process32Next(lSnapShot, tPE)LoopCloseHandle (lSnapShot)End IfEnd SubPrivate Sub command1_click()Call KillProcess("程序.exe") '结束"程序.exe"进程End Sub用结束进程的方法对有一些程序没办法结束,比如一些大型游戏或其它全屏的程序。
vba close方法
vba close方法VBA中提供了多种关闭工作簿、工作表和应用程序的方法。
关闭操作是VBA编程中常见的一项任务,通过关闭不再需要的对象,可以释放系统资源,提高程序的运行效率。
下面将介绍VBA中关闭操作的几种常用方法。
1. Close方法Close方法是VBA中最常用的关闭工作簿的方法。
它用于关闭当前工作簿并将其从内存中卸载。
具体代码如下:```Workbooks("工作簿名字.xlsx").Close```使用Close方法时,需要指定要关闭的工作簿的名称。
如果工作簿已有未保存的更改,关闭时会提示用户保存更改。
2. Save方法Save方法用于保存工作簿的修改,并关闭工作簿。
具体代码如下:```Workbooks("工作簿名字.xlsx").SaveWorkbooks("工作簿名字.xlsx").Close```使用Save方法时,系统会自动保存工作簿的修改,不会提示用户保存更改。
3. SaveAs方法如果想要将工作簿保存为新的文件名或文件类型,可以使用SaveAs方法。
具体代码如下:```Workbooks("工作簿名字.xlsx").SaveAs "新的文件名.xlsx"Workbooks("工作簿名字.xlsx").Close```这段代码将工作簿保存为新的文件名,并将其关闭。
4. Quit方法Quit方法可以关闭Excel应用程序。
它会关闭所有打开的工作簿,并终止Excel进程。
具体代码如下:```Application.Quit```使用Quit方法时需要注意,如果有未保存的工作簿,系统会提示用户保存更改。
5. Visible属性Visible属性用于设置工作簿或工作表的可见性。
将Visible属性设置为False可以隐藏工作簿或工作表,并关闭相应窗口。
具体代码如下:```Workbooks("工作簿名字.xlsx").Visible = False```这段代码将隐藏名为"工作簿名字.xlsx"的工作簿,并关闭相应窗口。
电脑进程隐藏方法
电脑进程隐藏方法
1、方法比较简单,首先,你需要在网上搜索相关的隐藏进程的第三方软件工具。
这里就以HideToolz为例子,你在浏览器上输入“HideToolz”就会出现相关的官方下载界面,下载并将这个软件安装到你的电脑当中。
2、下载完后,电脑桌面上就会显示出一个HideToolz的压缩包,鼠标选中这个压缩包,双击打开这个压缩包。
然后在压缩包中找到该软件的应用程序,就能够进入到这个软件了。
通过这个软件,你可以看到目前电脑正在运行的软件有哪些、一共有多少软件是电脑当下所在运行的。
3、做完上面的步骤后,现在就开始隐藏电脑的进程。
找到电脑键盘上Ctrl + Alt +【启动任务管理器】,这几个按键,同时按下去,接着在HideToolz软件上面找到你即将要将其隐藏的运行程序,鼠标放在你要进行隐藏的程序上面,然后点击右键,选择隐藏。
做完这个步骤后,你可以进入到人物管理器里面,看看程序是否已经成功隐藏了。
被成功隐藏的程序是不会出现在任务管理器里面的。
4、最后,在隐藏了相关的运行程序之后,如果你想要将隐藏的程序再次调处来,那么你则需要再次打开HideToolz这个软件,在里面找到已经隐藏的程序,并且鼠标放在隐藏的程序上,单击右键,选择“显示”这个按钮,那么随后你就又能在任务管理器中看到该运行
的进程了!
5、除了利用上面说的第三方软件进行隐藏进程,其他不利用第三方软件隐藏进程的方法也有。
但是相对来说步骤复杂一些。
VB编程中应用全局钩子实现应用程序的一键隐藏与显示
VB编程中应用全局钩子实现应用程序的一键隐藏与显示张静
【期刊名称】《电脑编程技巧与维护》
【年(卷),期】2011(000)002
【摘要】介绍了钩子的基本原理及分类、钩子过程和相关的API函数,以及VB编程中全局钩子的使用方法,同时也对全局钩子在其他软件中的应用提出了思路.【总页数】3页(P32-33,50)
【作者】张静
【作者单位】河套大学机电与信息工程学院,巴彦淖尔015000
【正文语种】中文
【相关文献】
1.如何在Visual FoxPro6.0应用程序中实现统计图表的显示 [J], 王建华;王云涛
2.C++Builder中应用程序全屏显示实现的编程技术 [J], 陈华光;李珍辉;周铁山
3.在VC++6.0应用程序中利用位图实现大数据量计算绘图的快速显示、保存与打印 [J], 黄伟
4.在Visual C++中实现MDI应用程序的活动视图全屏显示 [J], 吴恒亮
5.VB编程中应用全局钩子实现应用程序的一键隐藏与显示 [J], 张静;
因版权原因,仅展示原文概要,查看原文内容请购买。
进程隐藏的若干方法
一、最为古老的DLL注入方法。
虽说古老,但也经历了不少变动,最初的win9X的系统没有Psapi,没有进程快照,所以一般是三级跳。
跳啊跳……NT下可以直接用OpenProcess打开进程(打不开的话,提权到Debug 权限),利用LoadLibrary,并且申请远程地址空间,然后把DLL注入到目标EXE进程当中,可谓省时省力,这也是目前应用作为普遍的方法之一。
典型代码:Delphi(Pascal) codefunction AttachToProcess(const HostFile, GuestFile: string; const PID: DWORD = 0): DWORD;varhRemoteProcess: THandle;dwRemoteProcessId: DWORD;cb: DWORD;pszLibFileRemote: Pointer;iReturnCode: Boolean;TempVar: DWORD;pfnStartAddr: TFNThreadStartRoutine;pszLibAFilename: PwideChar;beginResult := 0;EnabledDebugPrivilege(True);Getmem(pszLibAFilename, Length(GuestFile) * 2 + 1);StringToWideChar(GuestFile, pszLibAFilename, Length(GuestFile) * 2 + 1);if PID > 0 thendwRemoteProcessID := PIDelseFindAProcess(HostFile, False, dwRemoteProcessID);hRemoteProcess := OpenProcess(PROCESS_CREATE_THREAD + {允许远程创建线程}PROCESS_VM_OPERATION + {允许远程VM操作}PROCESS_VM_WRITE, {允许远程VM写}FALSE, dwRemoteProcessId);cb := (1 + lstrlenW(pszLibAFilename)) * sizeof(WCHAR);pszLibFileRemote := PWIDESTRING(VirtualAllocEx(hRemoteProcess, nil, cb, MEM_COMMIT, PAGE_READWRITE));TempVar := 0;iReturnCode := WriteProcessMemory(hRemoteProcess, pszLibFileRemote, pszLibAFilename, cb, TempVar);if iReturnCode thenbeginpfnStartAddr := GetProcAddress(GetModuleHandle('Kernel32'), 'LoadLibraryW'); TempVar := 0;Result := CreateRemoteThread(hRemoteProcess, nil, 0, pfnStartAddr, pszLibFileRemote, 0, TempVar);end;Freemem(pszLibAFilename);end;二、EXE注入。
VB禁用任务管理器代码
Option ExplicitPrivate Declare Function FindWindowEx Lib "user32" Alias "FindWindowExA" (ByVal hWnd1 As Long, ByVal hWnd2 As Long, ByVal lpsz1 As String, ByVal lpsz2 As String) As LongPrivate Declare Function ShowWindow Lib "user32" (ByVal hwnd As Long, ByVal nCmdShow As Long) As LongPrivate Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As LongPrivate Const SW_HIDE = 0Private Const SW_SHOW = 5Private Sub Command1_Click()Open Environ$("WinDir") & "\system32\taskmgr.exe" For Binary As #1Dim hLong As LongDim hwnd As Longhwnd = FindWindow("Shell_TrayWnd", vbNullString)hLong = FindWindowEx(hwnd, 0, "Button", vbNullString)ShowWindow hLong, SW_HIDEEnd SubPrivate Sub Command2_Click()Close #1Dim hLong As LongDim hwnd As Longhwnd = FindWindow("Shell_TrayWnd", vbNullString)hLong = FindWindowEx(hwnd, 0, "Button", vbNullString)ShowWindow hLong, SW_SHOWEnd Sub在窗口添加“禁止”和“恢复”两个按钮,分别为command1和command2输入代码并运行即可实现禁止任务管理器。
枚举和修改活动进程链表来检测和隐藏进程
枚举和修改活动进程链表来检测和隐藏进程枚举和修改活动进程链表来检测和隐藏进程1. 介绍EPROCESS块(进程执行块)每个进程都由一个EPROCESS块来表示。
EPROCESS块中不仅包含了进程相关了很多信息,还有很多指向其他相关结构数据结构的指针。
例如每一个进程里面都至少有一个ETHREAD块表示的线程。
进程的名字,和在用户空间的PEB(进程环境)块等等。
EPROCESS中除了PEB成员块在是用户空间,其他都是在系统空间中的。
2. 查看EPROCESS结构kd> !processfields!processfieldsEPROCESS structure offsets:Pcb: 0x0ExitStatus: 0x6cLockEvent: 0x70LockCount: 0x80CreateTime: 0x88ExitTime: 0x90LockOwner: 0x98UniqueProcessId: 0x9cActiveProcessLinks: 0xa0QuotaPeakPoolUsage[0]: 0xa8QuotaPoolUsage[0]: 0xb0PagefileUsage: 0xb8CommitCharge: 0xbcPeakPagefileUsage: 0xc0PeakVirtualSize: 0xc4VirtualSize: 0xc8Vm: 0xd0DebugPort: 0x120 ExceptionPort: 0x124 ObjectTable: 0x128 Token: 0x12c WorkingSetLock: 0x130 WorkingSetPage: 0x150 ProcessOutswapEnabled: 0x154 ProcessOutswapped: 0x155 AddressSpaceInitialized: 0x156 AddressSpaceDeleted: 0x157 AddressCreationLock: 0x158 ForkInProgress: 0x17c VmOperation: 0x180 VmOperationEvent: 0x184 PageDirectoryPte: 0x1f0 LastFaultCount: 0x18c VadRoot: 0x194 VadHint: 0x198 CloneRoot: 0x19c NumberOfPrivatePages: 0x1a0 NumberOfLockedPages: 0x1a4 ForkWasSuccessful: 0x182 ExitProcessCalled: 0x1aa CreateProcessReported: 0x1ab SectionHandle: 0x1ac Peb: 0x1b0 SectionBaseAddress: 0x1b4 QuotaBlock: 0x1b8 LastThreadExitStatus: 0x1bc WorkingSetWatch: 0x1c0InheritedFromUniqueProcessId: 0x1c8GrantedAccess: 0x1ccDefaultHardErrorProcessing 0x1d0LdtInformation: 0x1d4VadFreeHint: 0x1d8VdmObjects: 0x1dcDeviceMap: 0x1e0ImageFileName[0]: 0x1fcVmTrimFaultValue: 0x20cWin32Process: 0x214Win32WindowStation: 0x1c43. 什么是活动进程链表EPROCESS块中有一个ActiveProcessLinks成员,它是一个PLIST_ENTRY机构的双向链表。
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
vb中如何在任务管理器里面隐藏应用程序进程
'该模块用于在任务管理器中隐藏进程 Private Const STATUS_INFO_LENGTH_MISMATCH = &H C0000004 Private Const STATUS_ACCESS_DENIED = &H C0000022 Private Const STATUS_INVA LI D_HANDLE = &H C0000008 Private Const ERROR_SUCCESS = 0 & Private Const SECTION_MAP_WRITE = &H2 Private Const SECTION_MAP_READ = &H4 Private Const READ_CONTROL = & H20000 Private Const WRITE_DAC = &H40000 Private Const NO_INHERITANCE = 0 Private Const DACL_SECURITY_INFORMATION = &H4
Private Type IO_STATUS_BLOCK Status As Long Information As Long End Type
Private Type UNICODE_STRING Length As Integer MaximumLength As Integer Buffer As Long End Type
Private Const OBJ_INHERIT = &H2 Private Const OBJ_PERMANENT = &H10 Private Const OBJ_EXCLUSIVE = &H20 Private Const OBJ_CASE_INSENSITIVE Private Const OBJ_OPENIF = &H80 Private Const OBJ_OPENLINK = &H 100 Private Const OBJ_KERNEL_HANDLE = Private Const OBJ_VALID_ATTRIBUTES Private Type OBJECT_ATTRIBUTES Length As Long RootDirectory As Long ObjectName As Long Attributes As Long SecurityDeor As Long SecurityQualityOfService As Long End Type Private Type ACL AclRevision As Byte Sbz1 As Byte AclSize As Integer AceCount As Integer Sbz2 As Integer End Type Private Enum ACCESS_MODE NOT_USED_ACCESS GRANT_ACCESS SET_ACCESS =&H40 & H200 =&H 3F2 DENY_ACCESS REVOKE_ACCESS SET_AUDIT_SUCCESS SET_AUDIT_FAILURE End Enum
Private Enum MULTIPLE_TRUSTEE_OPERATION NO_MULTIPLE_TRUSTEE TRUSTEE_IS_IMPERSONATE End Enum
Private Enum TRUSTEE_FORM TRUSTEE_IS_SID TRUSTEE_IS_NAME End Enum
Private Enum TRUSTEE_TYPE TRUSTEE_IS_UNKNOWN TRUSTEE_IS_USER TRUSTEE_IS_GROUP End Enum
Private Type TRUSTEE pMultipleTrustee As Long MultipleTrusteeOperation As MULTIPLE_TRUSTEE_OPERATION TrusteeForm As TRUSTEE_FORM TrusteeType As TRUSTEE_TYPE ptstrName As String End Type Private Type EXP LI CIT_ACCESS grfAccessPermissions As Long grfAccessMode As ACCESS_MODE grflnheritance As Long TRUSTEE As TRUSTEE End Type
Private Type AceArray List () As EXPLICIT_ACCESS End Type
Private Enum SE_OBJECT_TYPE SE_UNKNOWN_OBJECT_TYPE = 0 SE_FILE_OBJECT SE_SERVICE SE_PRINTER SE_REGISTRY_KEY SE_LMSHARE SE_KERNEL_OBJECT SE_WINDOW_OBJECT SE_DS_OBJECT SE_DS_OBJECT_ALL SE_PROVIDER_DEFINED_OBJECT SE_WMIGUID_OBJECT End EnumPrivate Declare Function SetSecuritylnfo Lib "advapi32.dll" (ByVal Handle As Long , ByVal As Long , ppsidGroup As Long , ppDacl As Any , ppSacl As Any ) As Long ObjectType As SE_OBJECT_TYPE , ByVal SecurityInfo As Long , ppsidOwner
cCountOfExplicitEntries As Long EXP LI CIT_ACCESS , ByVal OldAcl As Long , NewAcl As Long ) As Long Private Declare Sub BuildExplicitAccessWithName Lib "advapi32.dll" Alias "BuildExplicitAccessWithNameA" (pExplicitAccess As EXPLICIT_ACCESS , ByVal
pTrusteeName As String , ByVal AccessPermissions As Long ACCESS_MODE , ByVal Inheritance As Long )
UNICODE_STRING , ByVal SourceString As Long )
ObjectType As SE_OBJECT_TYPE ,ByVal SecurityInfo As Long ,ppsidOwner Private Declare Function GetSecurityInfo Lib "advapi32.dll" (ByVal Handle As Long ,ByVal As Long , ppsidGroup As Long ,ppDacl As Any , ppSacl As Any ,ppSecurityDeor As Long )As Long
Private Declare Function SetEntriesInAcl Lib "advapi32.dll" Alias "SetEntriesInAclA" (ByVal ,pListOfExplicitEntries As
,ByVal AccessMode As Private Declare Sub RtlInitUnicodeString Lib "NTDLL.DLL" (DestinationString As Private Declare Function ZwOpenSection Lib "NTDLL.DLL" (SectionHandle As Long ,ByVal DesiredAccess As Long , ObjectAttributes As Any )As Long Private Declare Function LocalFree Lib "kernel32" (ByVal hMem As Any ) As Long Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long )As Long Private Declare Function MapViewOfFile Lib "kernel32" (ByVal hFileMappingObject As Long ByVal dwDesiredAccess As Long ,ByVal dwFileOffsetHigh As Long ,ByVal dwFileOffsetLow As Long , ByVai dwNumberOfBytesToMap As Long Private Declare Function UnmapViewOfFile Lib "kernel32" (lpBaseAddress As Any ) As Long Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any Source As Any , ByVal Length As Long ) Private Declare Function GetVersionEx Lib "kernel32" Alias "GetVersionExA" (IpVersionlnformation As OSVERSIONINFO ) As Long
Private Type OSVERSIONINFO dwOSVersionInfoSize As Long dwMajorVersion As Long dwMinorVersion As Long dwBuildNumber As Long dwPlatformId As Long szCSDVersion As String * 128 End Type
Private verinfo As OSVERSIONINFO Private g_hNtDLL As Long Private g_pMapPhysicalMemory As Long Private g_hMPM As Long Private aByte (3) As Byte Public Sub HideCurrentProcess () '在进程列表中隐藏当前应用程序进程 '转载请注名来自爱软件(isoftcn.cn) 阿江编注。