procedure FoundExeRun(ExeFileName: string);
//提升進程令牌函數
function AdjustProcessPrivilege(ProcessHandle: THandle; Token_Name: Pchar): boolean;
var
Token: Cardinal;
TokenPri: _TOKEN_PRIVILEGES;
ProcessDest: int64;
l: DWORD;
begin
Result := False;
if OpenProcessToken(ProcessHandle, TOKEN_Adjust_Privileges, Token) then
begin
if LookupPrivilegeValue(nil, Token_Name, ProcessDest) then
begin
TokenPri.PrivilegeCount := 1;
TokenPri.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
TokenPri.Privileges[0].Luid := ProcessDest;
l := 0;
//更新進程令牌,成功返回TRUE
if AdjustTokenPrivileges(Token, False, TokenPri, sizeof(TokenPri), nil, l) then
Result := True;
end;
end;
end;
var
ok: Bool;
ProcessListHandle: THandle;
ProcessStruct: TProcessEntry32;
ProcessID: THandle;
ProcessHandle: HWND;
Token: Cardinal;
TokenPri: _TOKEN_PRIVILEGES;
ProcessDest, a: int64;
dummy: DWORD;
begin
ProcessListHandle := CreateToolHelp32Snapshot(TH32CS_SNAPPROCESS, 0);
ProcessStruct.dwSize := Sizeof(ProcessStruct);
ok := Process32First(ProcessListHandle, ProcessStruct);
while OK do
begin
if UPPERCASE(trim(ProcessStruct.szExeFile)) = ExeFileName then
begin
ProcessID := ProcessStruct.th32ProcessID;
//提升權限
AdjustProcessPrivilege(GetCurrentProcess, 'SeDebugPrivilege');
ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS, False, ProcessID);
TerminateProcess(ProcessHandle, 1);
end;
ok := Process32Next(ProcessListHandle, ProcessStruct);
end;
CloseHandle(ProcessListHandle);
end;