†PrEDok†
09.12.2010, 06:31
Мне нужна помощь в написании dll'ки которая будет выполнять функцию закрытия nopot.dll в программе...
Если не ошибаюсь эта функция FreeLibrary
Надеюсь на вашу помощь!!!
#include "stdafx.h"
#include "stdafx.h"
#include <Windows.h>
#include <TlHelp32.h>
#include <string>
#include <vector>
enum GLPFM_Error {
GLPFM_SUCCESS = 0,
GLPFM_ERR_SNAP_PROCESSES = 1,
GLPFM_ERR_SNAP_MODULES = 2,
} GetListProcessesForModule(
IN LPCTSTR szModuleName,
OUT std::vector< std::pair< MODULEENTRY32, std::basic_string< TCHAR > > > &vPIDList
)
{
GLPFM_Error eRetCode = GLPFM_ERR_SNAP_PROCESSES;
PROCESSENTRY32 pe = { sizeof( pe) };
HANDLE hSnapP = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0);
if( hSnapP != INVALID_HANDLE_VALUE && Process32First( hSnapP, &pe))
{
BOOL fSnapModules = FALSE;
do {
// We miss [System Process]...
if( !pe.th32ProcessID) continue;
eRetCode = GLPFM_ERR_SNAP_MODULES;
MODULEENTRY32 me = { sizeof( me) };
HANDLE hSnapM = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, pe.th32ProcessID);
if( hSnapM != INVALID_HANDLE_VALUE && Module32First( hSnapM, &me))
{
fSnapModules = TRUE;
do {
if( !_tcsicmp( szModuleName, me.szModule) || !_tcsicmp( szModuleName, me.szExePath))
vPIDList.push_back( std::pair< MODULEENTRY32, std::basic_string< TCHAR > >( me, pe.szExeFile));
} while( Module32Next( hSnapM, &me));
}
if( hSnapM != INVALID_HANDLE_VALUE) CloseHandle( hSnapM);
} while( Process32Next( hSnapP, &pe));
eRetCode = fSnapModules ? GLPFM_SUCCESS : GLPFM_ERR_SNAP_MODULES;
}
if( hSnapP != INVALID_HANDLE_VALUE) CloseHandle( hSnapP);
return eRetCode;
}
enum UM_Error {
UM_SUCCESS = 0,
UM_ERR_OPEN_PROCESS = 1,
UM_ERR_CREATE_THREAD = 2,
UM_ERR_CALL_FREELIB = 3,
} UnloadModule( IN DWORD dwPID, IN HMODULE hModule)
{
typedef BOOL(WINAPI *PFreeLibrary)( HMODULE);
static PFreeLibrary pfnFreeLibrary = PFreeLibrary( GetProcAddress( GetModuleHandle( _T( "kernel32.dll")), "FreeLibrary"));
const DWORD dwProcessAccess = PROCESS_CREATE_THREAD
| PROCESS_QUERY_INFORMATION
| PROCESS_VM_OPERATION
| PROCESS_VM_WRITE
| PROCESS_VM_READ;
HANDLE hProcess = OpenProcess( dwProcessAccess, FALSE, dwPID);
if( !hProcess) return UM_ERR_OPEN_PROCESS;
UM_Error eRetCode = UM_ERR_CREATE_THREAD;
DWORD dwTID = 0;
HANDLE hThread = CreateRemoteThread( hProcess, NULL, 0, LPTHREAD_START_ROUTINE( pfnFreeLibrary), hModule, 0, &dwTID);
if( hThread)
{
WaitForSingleObject( hThread, INFINITE);
DWORD dwExitCode = 0;
GetExitCodeThread( hThread, &dwExitCode);
CloseHandle( hThread);
eRetCode = dwExitCode == 1 ? UM_SUCCESS : UM_ERR_CALL_FREELIB;
}
CloseHandle( hProcess);
return eRetCode;
}
int _tmain(int argc, _TCHAR* argv[])
{
LPCTSTR szModuleName = _T( "Icons.dll"); // Можно только имя, можно полный путь...
for( ;;)
{
std::vector< std::pair< MODULEENTRY32, std::basic_string< TCHAR > > > vPIDList;
GLPFM_Error eCode = GetListProcessesForModule( szModuleName, vPIDList);
if( eCode == GLPFM_SUCCESS)
{
_tprintf( _T( "Module '%s' is loaded in %u processes.\n"), szModuleName, vPIDList.size());
if( vPIDList.size() <= 0) break;
for(
std::vector< std::pair< MODULEENTRY32, std::basic_string< TCHAR > > >::iterator iterV = vPIDList.begin();
iterV != vPIDList.end();
++iterV
)
{
_tprintf( _T( "PID: %08X %s - "),
iterV->first.th32ProcessID,
iterV->second.c_str());
UM_Error eUMCode = UnloadModule( iterV->first.th32ProcessID, iterV->first.hModule);
if( eUMCode == UM_SUCCESS)
_tprintf( _T( "Unloaded\n"));
else
_tprintf( _T( "Error call UnloadModule. Function code: %d\n"), eUMCode);
}
}
else
_tprintf( _T( "Error resolve list. Function code: %d\n"), eCode);
}
return 0;
}
Если не ошибаюсь эта функция FreeLibrary
Надеюсь на вашу помощь!!!
#include "stdafx.h"
#include "stdafx.h"
#include <Windows.h>
#include <TlHelp32.h>
#include <string>
#include <vector>
enum GLPFM_Error {
GLPFM_SUCCESS = 0,
GLPFM_ERR_SNAP_PROCESSES = 1,
GLPFM_ERR_SNAP_MODULES = 2,
} GetListProcessesForModule(
IN LPCTSTR szModuleName,
OUT std::vector< std::pair< MODULEENTRY32, std::basic_string< TCHAR > > > &vPIDList
)
{
GLPFM_Error eRetCode = GLPFM_ERR_SNAP_PROCESSES;
PROCESSENTRY32 pe = { sizeof( pe) };
HANDLE hSnapP = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0);
if( hSnapP != INVALID_HANDLE_VALUE && Process32First( hSnapP, &pe))
{
BOOL fSnapModules = FALSE;
do {
// We miss [System Process]...
if( !pe.th32ProcessID) continue;
eRetCode = GLPFM_ERR_SNAP_MODULES;
MODULEENTRY32 me = { sizeof( me) };
HANDLE hSnapM = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, pe.th32ProcessID);
if( hSnapM != INVALID_HANDLE_VALUE && Module32First( hSnapM, &me))
{
fSnapModules = TRUE;
do {
if( !_tcsicmp( szModuleName, me.szModule) || !_tcsicmp( szModuleName, me.szExePath))
vPIDList.push_back( std::pair< MODULEENTRY32, std::basic_string< TCHAR > >( me, pe.szExeFile));
} while( Module32Next( hSnapM, &me));
}
if( hSnapM != INVALID_HANDLE_VALUE) CloseHandle( hSnapM);
} while( Process32Next( hSnapP, &pe));
eRetCode = fSnapModules ? GLPFM_SUCCESS : GLPFM_ERR_SNAP_MODULES;
}
if( hSnapP != INVALID_HANDLE_VALUE) CloseHandle( hSnapP);
return eRetCode;
}
enum UM_Error {
UM_SUCCESS = 0,
UM_ERR_OPEN_PROCESS = 1,
UM_ERR_CREATE_THREAD = 2,
UM_ERR_CALL_FREELIB = 3,
} UnloadModule( IN DWORD dwPID, IN HMODULE hModule)
{
typedef BOOL(WINAPI *PFreeLibrary)( HMODULE);
static PFreeLibrary pfnFreeLibrary = PFreeLibrary( GetProcAddress( GetModuleHandle( _T( "kernel32.dll")), "FreeLibrary"));
const DWORD dwProcessAccess = PROCESS_CREATE_THREAD
| PROCESS_QUERY_INFORMATION
| PROCESS_VM_OPERATION
| PROCESS_VM_WRITE
| PROCESS_VM_READ;
HANDLE hProcess = OpenProcess( dwProcessAccess, FALSE, dwPID);
if( !hProcess) return UM_ERR_OPEN_PROCESS;
UM_Error eRetCode = UM_ERR_CREATE_THREAD;
DWORD dwTID = 0;
HANDLE hThread = CreateRemoteThread( hProcess, NULL, 0, LPTHREAD_START_ROUTINE( pfnFreeLibrary), hModule, 0, &dwTID);
if( hThread)
{
WaitForSingleObject( hThread, INFINITE);
DWORD dwExitCode = 0;
GetExitCodeThread( hThread, &dwExitCode);
CloseHandle( hThread);
eRetCode = dwExitCode == 1 ? UM_SUCCESS : UM_ERR_CALL_FREELIB;
}
CloseHandle( hProcess);
return eRetCode;
}
int _tmain(int argc, _TCHAR* argv[])
{
LPCTSTR szModuleName = _T( "Icons.dll"); // Можно только имя, можно полный путь...
for( ;;)
{
std::vector< std::pair< MODULEENTRY32, std::basic_string< TCHAR > > > vPIDList;
GLPFM_Error eCode = GetListProcessesForModule( szModuleName, vPIDList);
if( eCode == GLPFM_SUCCESS)
{
_tprintf( _T( "Module '%s' is loaded in %u processes.\n"), szModuleName, vPIDList.size());
if( vPIDList.size() <= 0) break;
for(
std::vector< std::pair< MODULEENTRY32, std::basic_string< TCHAR > > >::iterator iterV = vPIDList.begin();
iterV != vPIDList.end();
++iterV
)
{
_tprintf( _T( "PID: %08X %s - "),
iterV->first.th32ProcessID,
iterV->second.c_str());
UM_Error eUMCode = UnloadModule( iterV->first.th32ProcessID, iterV->first.hModule);
if( eUMCode == UM_SUCCESS)
_tprintf( _T( "Unloaded\n"));
else
_tprintf( _T( "Error call UnloadModule. Function code: %d\n"), eUMCode);
}
}
else
_tprintf( _T( "Error resolve list. Function code: %d\n"), eCode);
}
return 0;
}