Kill.exe and EnableDebugPriv()

The last few days, I have been looking into a solution to kill a process in c/c++ – but not just any process, a ScreenSaver running while the computer is locked. Most examples on MSDN and such terminiate processes by sending close messages to them, and 99% of the time that works. It even works for ScreenSavers that are running while the computer is locked. Thing is, I didnt want to bundle kill.exe that comes on the Windows NT Resource kit. Off to search google, pskill by sysinternals works too, but again with the bundling. Search the net some more, I found a link to the kill.exe source code from MSDN. The big difference in this code compared to all other kill examples, is this

//
// Obtain the ability to manipulate other processes
//
EnableDebugPriv();

That opened the door for the kill.exe to stop a process when the computer was locked 100% of the time. Im sure there is some long explination dealing with user mode and kernel mode code, maybe someone can comment on and shed some more light on the subject. I have attached the source code that I found here just in case the site it was on goes down. Well, in the end, we ended up getting the program to kill the process while the computer was locked, so it worked out well :)

Advertisements

6 thoughts on “Kill.exe and EnableDebugPriv()”

  1. Hmm, well, depending on the version of the OS, not quite so weird. The screensaver runs on its own desktop, so I think you have to do something special in that case. But you’ve got a working solution, which is a good deal (though I don’t think I want to know what it is you’re trying to accomplish).

    Like

  2. Hi Steve,

    Do you use this script to kill screensavers running on remote machines?
    I have been looking for a way to do so without having to list the PID and then kill it via the pstools. The screensaver can vary as well but they are all .scr

    If you know of anyway or can be of help, please email me!

    Peace!

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s