在开发某些软件的时候,为了保护程序自身,就需要用到隐藏程序进程。以下通过实例来讲解隐藏程序进程的方法:
1、创建一个新的项目 Project1
选择File,New Application。在表单Form1上放一Memo组件,一个OK按钮组件,改变OK按钮组件的Cation属性为 CreateProcess。再放一个timer组件。设置timer组件的Interval值为1000,每秒检查一次进程是否终止。
2、在Unit1 Use节的Type后定义一个过程
procedure EstablishProcess;
在Unit1 Use节的Var后定义一个变量:
piProcInfoGPS:PROCESS_INFORMATION;
3、在Unit1 implementation节中编写EstablishProcess过程的实现代码如下:
procedure EstablishProcess;
Var
siStartupInfSTARTUPINFO;
saProcess,saThread:SECURITY_ATTRIBUTES;
fSuccess:boolean;
begin
fSuccess:=false;
ZeroMemory(@siStartupInfo,sizeof(siStartupInfo));
siStartupInfo.cb:=sizeof(siStartupInfo);
saProcess.nLength:=sizeof(saProcess);
saProcess.lpSecurityDescriptor:=PChar(nil);
saProcess.bInheritHandle:=true;
saThread.nLength:=sizeof(saThread);
saThread.lpSecurityDescriptor:=PChar(nil);
saThread.bInheritHandle:=true;
fSuccess:=CreateProcess(PChar(nil),‘c:\sr350\Sr350buff‘,@saProcess,@saThread,false,
CREATE_DEFAULT_ERROR_MODE,Pchar(nil),Pchar(nil),siStartupInfo,piProcInfoGPS);
if( not fSuccess)then
Form1.Memo1.Lines.Add(‘Create Process Sr350buff fail.‘)
else
Form1.Memo1.Lines.Add(‘Create Process Sr350buff success.‘)
end;
4、在CreateProcess按钮的OnClick事件中调用过程
EstablishProcess;
5、为Timer1的OnTimer事件编写代码:
Procedure TForm1.Timer1Timer(Sender: TObject);
Var
dwExitCode:DWORD;
fprocessExit:boolean;
Begin
dwExitCode:=0;
fprocessExit:=false;
fprocessExit:=GetExitCodeProcess(piProcInfoGPS.hProcess,dwExitCode);
if(fprocessExit and (dwExitCode<>STILL_ACTIVE))then
begin
Memo1.Lines.Add(‘SR350buff.exe进程终止‘);
CloseHandle(piProcInfoGPS.hThread);
CloseHandle(piProcInfoGPS.hProcess);
EstablishProcess;
end;
End;
6、程序中设可执行文件名为c:\sr350\sr350buff.exe,所以c:盘\sr350目录下需有sr350buff.exe文件。
7、编译联接,运行project1,单击CreateProcess可见c:\sr350\sr350buff.exe启动。关掉sr350buff.exe进程,可见sr350buff.exe自动再启动。
时间: 2024-11-07 00:56:17