删除被锁定的文件
来源:互联网 发布:杀毒软件 for mac 编辑:程序博客网 时间:2024/04/28 04:08
Deleting Locked Files
Zoltan Csizmadia
For more information, check out the CodeGuru article entitled, Examine Information on Windows NT System Level Primitives.
Start a remote thread (CreateRemoteThread) to close the given handle in every found process (#1)
Code
The following code closes a handle in a remote process. The handle must be remote process specific.
Zoltan Csizmadia
For more information, check out the CodeGuru article entitled, Examine Information on Windows NT System Level Primitives.
Start a remote thread (CreateRemoteThread) to close the given handle in every found process (#1)
Code
The following code closes a handle in a remote process. The handle must be remote process specific.
[Copy to clipboard] [ - ]
CODE:/*
Note: 1. SE_DEBUG privilege must be enabled.
2. The function works with every kind of HANDLE
3. It will bother the remote process :)
4. The handles will be invalid after you closed
them remotely
*/
//Close a handle in a remote process
DWORD CloseRemoteHandle( DWORD processID, HANDLE handle )
{
HANDLE ht = 0;
DWORD rc = 0;
_tprintf( _T("Closing handle in process #%d ... "),
processID );
// open the process
HANDLE hProcess = OpenProcess( PROCESS_CREATE_THREAD
| PROCESS_VM_OPERATION
| PROCESS_VM_WRITE
| PROCESS_VM_READ,
FALSE, processID );
if ( hProcess == NULL )
{
rc = GetLastError();
_tprintf( _T("OpenProcess() failed/n") );
return rc;
}
// load kernel32.dll
HMODULE hKernel32 = LoadLibrary( _T("kernel32.dll") );
// CreateRemoteThread()
ht = CreateRemoteThread(
hProcess,
0,
0,
(DWORD(__stdcall *)(void*))GetProcAddress(hKernel32,"CloseHandle"),
handle,
0,
&rc );
if ( ht == NULL )
{
//Something is wrong with the privileges,
//or the process doesn't like us
rc = GetLastError();
_tprintf( _T("CreateRemoteThread() failed/n") );
goto cleanup;
}
switch ( WaitForSingleObject( ht, 2000 ) )
{
case WAIT_OBJECT_0:
//Well done
rc = 0;
_tprintf( _T("Ok/n"), rc );
break;
default:
//Oooops, shouldn't be here
rc = GetLastError();
_tprintf( _T("WaitForSingleObject() failed/n") );
goto cleanup;
break;
}
cleanup:
//Closes the remote thread handle
CloseHandle( ht );
//Free up the kernel32.dll
if ( hKernel32 != NULL)
FreeLibrary( hKernel32 );
//Close the process handle
CloseHandle( hProcess );
return rc
Note: 1. SE_DEBUG privilege must be enabled.
2. The function works with every kind of HANDLE
3. It will bother the remote process :)
4. The handles will be invalid after you closed
them remotely
*/
//Close a handle in a remote process
DWORD CloseRemoteHandle( DWORD processID, HANDLE handle )
{
HANDLE ht = 0;
DWORD rc = 0;
_tprintf( _T("Closing handle in process #%d ... "),
processID );
// open the process
HANDLE hProcess = OpenProcess( PROCESS_CREATE_THREAD
| PROCESS_VM_OPERATION
| PROCESS_VM_WRITE
| PROCESS_VM_READ,
FALSE, processID );
if ( hProcess == NULL )
{
rc = GetLastError();
_tprintf( _T("OpenProcess() failed/n") );
return rc;
}
// load kernel32.dll
HMODULE hKernel32 = LoadLibrary( _T("kernel32.dll") );
// CreateRemoteThread()
ht = CreateRemoteThread(
hProcess,
0,
0,
(DWORD(__stdcall *)(void*))GetProcAddress(hKernel32,"CloseHandle"),
handle,
0,
&rc );
if ( ht == NULL )
{
//Something is wrong with the privileges,
//or the process doesn't like us
rc = GetLastError();
_tprintf( _T("CreateRemoteThread() failed/n") );
goto cleanup;
}
switch ( WaitForSingleObject( ht, 2000 ) )
{
case WAIT_OBJECT_0:
//Well done
rc = 0;
_tprintf( _T("Ok/n"), rc );
break;
default:
//Oooops, shouldn't be here
rc = GetLastError();
_tprintf( _T("WaitForSingleObject() failed/n") );
goto cleanup;
break;
}
cleanup:
//Closes the remote thread handle
CloseHandle( ht );
//Free up the kernel32.dll
if ( hKernel32 != NULL)
FreeLibrary( hKernel32 );
//Close the process handle
CloseHandle( hProcess );
return rc
- 删除被锁定的文件
- 删除被锁定的文件(类似Unlocker的方法)
- FilExile:强制删除被进程锁定的文件及文件夹
- 删除被锁定的Datastage Job
- 手动删除svn锁定文件
- 通过【偷取此锁定】或【破除锁定】解锁SVN被锁定的文件的控制权
- svn【偷取此锁定】或【破除锁定】解锁SVN被锁定的文件的控制权
- 解锁svn中被锁定的文件
- 查询被锁定的对象,并删除锁
- 文件被锁定
- 删除任务栏锁定,任务栏图标的位置,查找可行性文件的方式
- Jetty锁定文件的问题
- PHP 文件的锁定机制
- PHP文件的锁定机制
- 解除文件的独占锁定
- PHP文件的锁定机制
- PHP文件的锁定机制
- 解开被锁定的.reg与.inf文件
- Delphi将表中数据导入EXCEL中来的代码
- delphi中函数指针的用法
- Byte[]和stream 快速转换
- 被占用文件操作三法
- Delphi的快捷键
- 删除被锁定的文件
- SQLServer 2005触发器调用批处理文件
- Api基础知识
- JSTL1.0和JSTL1.1的区别
- 老婆对不起我错了我爱你
- -承接转让计算机类毕业设计、论文
- 有关SQLDMO
- 风声日期时间选择器的一些小小的使用心得
- 文件上传的方法
