本文整理自网络,侵删。
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, untProcessEventThr, PsAPI, ComCtrls, StrUtils;
type
TForm1 = class(TForm)
btnHide: TButton;
edtProcessName: TEdit;
procedure FormClose(Sender: TObject; var Action: TCloseAction);
procedure btnHideClick(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
m_hCommDevice:THandle;
m_hCommEvent:THandle;
end;
var
Form1: TForm1;
implementation
uses Unit2, untConst;
{$R *.dfm}
procedure TForm1.FormClose(Sender: TObject; var Action: TCloseAction);
var
dwReturn:DWORD ;
begin
if(m_hCommDevice <> 0) then
begin
if(m_hCommEvent <> 0) then
begin
DeviceIoControl(m_hCommDevice, IO_DEREFERENCE_EVENT, nil, 0, nil, 0, dwReturn, nil);
CloseHandle(m_hCommEvent);
end;
CloseHandle(m_hCommDevice);
end;
end;
procedure TForm1.btnHideClick(Sender: TObject);
var
dwReturn: DWORD;
proname:array [0..1023] of char;
begin
//创建设备
try
m_hCommDevice := CreateFile('\\.\HideProcess', GENERIC_READ or GENERIC_WRITE, FILE_SHARE_READ, nil,
OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);
except
MessageBox(Handle, '创建设备失败', '隐藏进程启动', MB_OK + MB_ICONWARNING);
end;
//创建事件
try
m_hCommEvent := CreateEvent(nil, false, false, nil);
except
CloseHandle(m_hCommDevice);
MessageBox(Handle, '创建事件失败', '隐藏进程启动', MB_OK + MB_ICONWARNING);
end;
//发送事件句柄给驱动
DeviceIoControl(m_hCommDevice, IO_REFERENCE_EVENT, pointer(m_hCommEvent), 0, nil, 0, dwReturn, nil);
StrPCopy(@proname, Trim(edtProcessName.Text));
DeviceIoControl(m_hCommDevice, IO_PASSBUF, @proname, sizeof(proname), nil, 0, dwReturn, nil);
end;
end.
相关阅读 >>
Delphi kbmmemtable的简单应用(增删改查示例)
Delphi xe android-uri-管理联系人uri
Delphi 缓冲文件流-tbufferedfilestream tfilestream 性能测试
更多相关阅读请进入《Delphi》频道 >>
