ProcessClose dont close the process >.<

[yakir]

ProcessClose dont close the process >.<

i have a process i try to close useing processClose but it wont close also this process wont respond to mouseclick or send commend

pls help

[water]

What does ProcessClose return?

$Result = ProcessClose($Process) 
Consolewrite("Result: " & $Result & ", @Error: " & @error & @CRLF)

[yakir]

result : 1 error : 0

but process not closed

[ripdad]

Without knowing what process it is ..

and providing that the code is correct ..

My first guess -- it's a protected process or service.

[yakir]

and if it is "protected" how i can undo it?

or how can i check if it realy is protect

[yakir]

any1?

[Manko]

There are MANY ways to protect a process.

And there are processes which have good reasons for being protected...

There are also many ways to force a process into submission...

But, because many methods are dirty and because of above mentioned argument...

You wont find official support for them here.

..but since I'm qurious, what process do you need killed?

If I know what it is... suggesting something might be easier...

/Manko

[darkjohn20]

#include <NomadMemory.au3>

_NOP(ProcessExists(Process.exe))

Func _NOP($PID)
    Local $MemoryOpen, $BaseAddr, $FinalAddr, $Allow, $Write

    $MemoryOpen = _MemoryOpen($PID)
    $BaseAddr = _MemoryGetBaseAddress($MemoryOpen, 1)

    For $X = 1 To 10000 Step 10
        $FinalAddr = "0x" & Hex($BaseAddr + $X)

        $Allow = DllCall("kernel32.dll", "bool", "VirtualProtectEx", "handle", $MemoryOpen[0], "ptr", $FinalAddr, "ulong_ptr", 4, "dword", 0x40, "dword*", "NULL")
        $Write = _MemoryWrite($FinalAddr, $MemoryOpen, 0x90, "byte")
        If $Write <> 1 Then ConsoleWrite("NOP of " & $FinalAddr & " failed. Error code " & @error & @CRLF)
    Next

    ConsoleWrite("Nopped 0x" & Hex($BaseAddr) & "-" & $FinalAddr & @CRLF)

    _MemoryClose($MemoryOpen)
EndFunc

If it can crash my AntiVirus, I'm pretty sure it will work for most things.

Edited May 2, 2010 by darkjohn20

[Manko]

@darkjohn20: Not very protected if it allows you to "OpenProcess"... You should change anti-virus...

/Manko

[darkjohn20]

It's actually very protective. All I had to do was press allow action on 500000000 things and it worked . The point is for him to kill his own process, in which case he would accept these. If he tried it on somebody else with a good AV, they could easily stop it.

This method basically has a small amount of protection from abuse. I was just surprised because trying anything else would produce a "You're not allowed to do this" type of message. Perhaps it was the VirtualProtectEx that got around this?

[Manko]

It's actually very protective. All I had to do was press allow action on 500000000 things and it worked .

/Manko

[yakir]

hehe

nice anti virus

anyway this process also dont respond to send and mouse click

or even mouse move ~_~ anyway to bypass it?

if it's not a "nice" way pm it to me pls

btw i build a killing scrip to a online game i play at work and i kinda not allow to do so i need fast killing way xD

[darkjohn20]

Press the restart button as fast as you can! (The one on the case that does a very fast and unsafe shutoff!)

[yakir]

yeaa kinda wierd see me run for the rest button

Edited May 4, 2010 by yakir

[Richard Robertson]

You could just not do whatever it is you aren't allowed to do.

[Neno]

You could just not do whatever it is you aren't allowed to do.

#RequireAdmin

[darkjohn20]

You could just not do whatever it is you aren't allowed to do.

This is the AutoIt Help Forum, not Life Help.