Solved

Terminate Processes

Posted on 2004-07-30
7
2,107 Views
Last Modified: 2009-02-12
Hi All,

I am able to get a list of running processes, but I am having trouble terminating targeted processes.

I have a list of the running processes, and I want to terminate a process according to the process name.

For example, if explorer.exe is running and iexplore.exe is running with a bunch of other processes, what I want is to target explorer.exe and iexplorer.exe and end those processes without ending the others in the list.

I have tried the TerminateProcess function and I cannot get it to work.

If you have a function that will work by my passing a process name to it I would greatly appreciate it.

For example:  Call EndProcess("explorer.exe")

Thanks

RichW

0
Comment
Question by:RichW
7 Comments
 
LVL 10

Expert Comment

by:vadim63
Comment Utility
0
 
LVL 17

Expert Comment

by:zzzzzooc
Comment Utility
Try the below. The type of enumeration used will work on NT-based systems (2k, XP, etc.).


Form1:
------------
Option Explicit

Private Declare Function CloseHandle Lib "Kernel32.dll" (ByVal Handle As Long) As Long
Private Declare Function OpenProcess Lib "Kernel32.dll" (ByVal dwDesiredAccessas As Long, ByVal bInheritHandle As Long, ByVal dwProcId As Long) As Long
Private Declare Function EnumProcesses Lib "psapi.dll" (ByRef lpidProcess As Long, ByVal cb As Long, ByRef cbNeeded As Long) As Long
Private Declare Function GetModuleFileNameExA Lib "psapi.dll" (ByVal hProcess As Long, ByVal hModule As Long, ByVal ModuleName As String, ByVal nSize As Long) As Long
Private Declare Function EnumProcessModules Lib "psapi.dll" (ByVal hProcess As Long, ByRef lphModule As Long, ByVal cb As Long, ByRef cbNeeded As Long) As Long
Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long

Private Const PROCESS_TERMINATE = &H1
Private Const PROCESS_QUERY_INFORMATION = 1024
Private Const PROCESS_VM_READ = 16
Private Sub Form_Load()
    Dim intCnt As Integer
    intCnt = KillProcByName("\calc.exe")
    Call MsgBox("Program was terminated " & intCnt & " time(s).")
End Sub
Private Function KillProcByName(ByVal strProcName As String) As Integer
    Dim lngRet As Long
    Dim lngCb As Long, lngCbNeeded As Long, lngCbNeeded2 As Long
    Dim intLoop As Integer
    Dim lngProc As Long, lngProcIDs() As Long
    Dim lngModules(0) As Long, strModule As String
    lngCb = 8
    lngCbNeeded = 96
    Do While lngCb <= lngCbNeeded
        lngCb = lngCb * 2
        ReDim lngProcIDs(lngCb / 4) As Long
        lngRet = EnumProcesses(lngProcIDs(0), lngCb, lngCbNeeded)
    Loop
    For intLoop = 1 To (lngCbNeeded / 4)
        lngProc = OpenProcess(PROCESS_QUERY_INFORMATION Or PROCESS_VM_READ Or PROCESS_TERMINATE, 0, lngProcIDs(intLoop))
        If lngProc <> 0 Then
            lngRet = EnumProcessModules(lngProc, lngModules(0), 1, lngCbNeeded2)
            If lngRet <> 0 Then
                strModule = Space(256)
                Call GetModuleFileNameExA(lngProc, lngModules(0), strModule, Len(strModule))
                strModule = Left(strModule, InStr(1, strModule, vbNullChar) - 1)
                If StrComp(Right(strModule, Len(strProcName)), strProcName, vbTextCompare) = 0 Then
                    Call TerminateProcess(lngProc, 0)
                    KillProcByName = KillProcByName + 1
                End If
            End If
        End If
        Call CloseHandle(lngProc)
    Next intLoop
End Function
0
 
LVL 14

Accepted Solution

by:
aelatik earned 500 total points
Comment Utility
try using WMI

Function EndProcess(filename As String) As Boolean
    Dim Process As Variant
    For Each Process In GetObject("winmgmts:").ExecQuery("select * from Win32_Process")
        If LCase(Process.Name) = LCase(filename) Then
            Process.Terminate
            EndProcess = True
        End If
    Next
End Function

Private Sub Form_Load()
    MsgBox EndProcess("notepad.exe")
End Sub
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 4

Author Comment

by:RichW
Comment Utility
vadim63, I already tried that and could not get it to work.  It doesn't find the processes I'm trying to close.

zzzzzooc, your's didn't work either.  I tried the following:

Dim intCnt As Integer
   intCnt = KillProcByName("\explorer.exe")

And it did not terminate Windows Explorer, or any other process name placed in there.


aelatik, your's works on simple processes like Windows Explorer, but not on all processes, like lexbces.exe, which is a printer process I have running.

0
 
LVL 17

Expert Comment

by:zzzzzooc
Comment Utility
What OS and privileges do you have while trying to run these?

>>which is a printer process I have running.
If it's a service, you'll probably have to terminate it using a different method.
0
 
LVL 4

Author Comment

by:RichW
Comment Utility
aelatik's answer was the only one that I could get to work.

zzzzzooc, I still could not get your code to close even Windows Explorer, but I appreciate your trying to help.

Thanks to all!

RichW
0
 

Expert Comment

by:xjake88x
Comment Utility
Use the OpenProcess API to open  a handle on the process with PROCESS_ALL_ACCESS, and then use TerminateProcess on its process ID  (with exit code 0), and then close the handle.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

There are many ways to remove duplicate entries in an SQL or Access database. Most make you temporarily insert an ID field, make a temp table and copy data back and forth, and/or are slow. Here is an easy way in VB6 using ADO to remove duplicate row…
Have you ever wanted to restrict the users input in a textbox to numbers, and while doing that make sure that they can't 'cheat' by pasting in non-numeric text? Of course you can do that with code you write yourself but it's tedious and error-prone …
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now