NewsForumsCodeLogsGallerySpecsSearch

how to terminate a process?

Archives Forums/Win32 Discussion/how to terminate a process?

pexe(Posted 2005) [#1]
I'm using kernel32.dll functions, and i need to terminate a process of a given executable...

I know about a function called TerminateProcess but i don't know what i need to write on propertys..

anybody can help me?

I need to terminate a process of a file called cmd.dll (it's a trojan).. then i can delete it..


xlsior(Posted 2005) [#2]
No idea on how to proceed if you need to do it from within your own application, but for general use:

If you do a search online, you can probably find the microsoft utility 'kill.exe'. It can terminate pretty much any process, even if the task manager won't let you. Usage: kill -f <programname>

I got a copy years ago as part of the NT4 resource kit, and still works great under win2000/WinXP. Free download at: http://support.microsoft.com/default.aspx?scid=kb;en-us;206848

Indispensible, especially when cleaning trojans from a machine.


BlitzSupport(Posted 2005) [#3]
From your own app...


; ------------------------------------------------------------------------------
; Create kernel32.decls in Blitz/userlibs or add to existing one (remove ; from 3 lines below)...
; ------------------------------------------------------------------------------
; OpenProcess% (access, handleinherit, processid)
; TerminateProcess% (processhandle, exitcode)
; CloseHandle% (Object)
; ------------------------------------------------------------------------------

Const PROCESS_TERMINATE = $1
Const PROCESS_CREATE_THREAD = $2
Const PROCESS_VM_OPERATION = $8
Const PROCESS_VM_READ = $10
Const PROCESS_VM_WRITE = $20
Const PROCESS_DUP_HANDLE = $40
Const PROCESS_CREATE_PROCESS = $80
Const PROCESS_SET_QUOTA = $100
Const PROCESS_SET_INFORMATION = $200
Const PROCESS_QUERY_INFORMATION = $400
Const SYNCHRONIZE = 1048576
Const STANDARD_RIGHTS_REQUIRED = 983040
Const PROCESS_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or $FFF

; This appears to be pretty much how Windows kills a program if you 'End Process'
; from the Task Manager. Note that this is 'unfriendly'!

Function KillProcess (pid)
    phandle = OpenProcess (PROCESS_TERMINATE, False, pid)
    If phandle <> 0
        If TerminateProcess (phandle, 1)
            result = 1
        EndIf
        CloseHandle (phandle)
    EndIf
    Return result
End Function

; ------------------------------------------------------------------------------
; D E M O . . .
; ------------------------------------------------------------------------------
; Enter process ID here! I suggest going to Task Manager,
; making sure PIDs are shown (try View menu -> Select columns if
; they are not listed), then run a program and enter its number here...
; ------------------------------------------------------------------------------

DebugLog KillProcess (-1) ; Change to process ID you want to kill.


To test it, I'd suggest running a program specifically to be killed. Use the Task Manager to get its 'process ID' and enter that in the KillProcess parameters of the above demo...

The code archive example below will get a list of running processes too, showing which processes have spawned others. You can get other information such as the process ID -- see the PrintProc function. Ugly but it does the job!

Process Tree

Use at your own risk!


solitaire(Posted 2005) [#4]
Is it possible to get the ProcessID
from within Blitz3d?


xlsior(Posted 2006) [#5]
Or here's the BlitzMax conversion:



However... Like Solitaire asked: Does anyone know how to get the ProcessID? (From within BlitzMax)

More specifically, I'm hoping to find a way to get the process ID for a program that has a slightly dynamic window title, although the name and location of the .EXE itself is known... I do know how to get the hWND's of all running processes, but not how to find the associated PID. I've been looking at the GetWindowThreadProcessId API call, but I must be doing something wrong, since the information it returns to be doesn't seem to match the PIDs listed in the task manager...

Any help would be much appreciated.


jfk EO-11110(Posted 2006) [#6]
xlsior - I tried to dl the NT4 resource kit, no way:

We’re sorry, but we were unable to service your request. You may wish to choose from the links below for information about Microsoft products and services.


Found it here:
http://www.filewatcher.com/m/sp4rk_i386.exe.7220896.0.0.html
Not sure if this path is permanent.


Paul "Taiphoz"(Posted 2007) [#7]
isnt kill.exe in windows XP Pro as taskkill.com or .exe dont recall the extention but iv used it a lot. dont have XP Pro here at the moment so cant confirm it.