[转载]陈辉的文件解锁模块

HoviDelphic

最近很多人玩锁定文件，我就转载个文件解锁吧，代码都是陈辉写的，我只是做了一点点整理。
能对抗使用ZwCreateFile进行文件独占的代码，无论是Ring 3的还是Ring 0的。
顺便爆个料，老马说陈辉现在在微点干。。。
======
modGetAllProcesses.bas

1. 
   
2. Option Explicit
   
3. Private Declare Function ZwQueryInformationProcess Lib "ntdll" (ByVal ProcessHandle As Long, ByVal ProcessInformationClass As Long, ByVal ProcessInformation As Long, ByVal ProcessInformationLength As Long, ByRef ReturnLength As Long) As Long
   
4. Private Declare Function ZwQuerySystemInformation Lib "ntdll" (ByVal SystemInformationClass As Long, ByVal pSystemInformation As Long, ByVal SystemInformationLength As Long, ByRef ReturnLength As Long) As Long
   
5. Private Declare Function ZwDuplicateObject Lib "ntdll" (ByVal SourceProcessHandle As Long, ByVal SourceHandle As Long, ByVal TargetProcessHandle As Long, ByRef TargetHandle As Long, ByVal DesiredAccess As Long, ByVal HandleAttributes As Long, ByVal Options As Long) As Long
   
6. Private Declare Function ZwOpenProcess Lib "ntdll" (ByRef ProcessHandle As Long, ByVal AccessMask As Long, ByRef ObjectAttributes As OBJECT_ATTRIBUTES, ByRef ClientID As CLIENT_ID) As Long
   
7. Private Declare Function ZwClose Lib "ntdll" (ByVal ObjectHandle As Long) As Long
   
8. Private Declare Function RtlAdjustPrivilege Lib "ntdll" (ByVal Privilege As Long, ByVal Enable As Boolean, ByVal Client As Boolean, WasEnabled As Long) As Long
   
9. Private Declare Function EnumProcessModules Lib "psapi" (ByVal hProcess As Long, ByRef lphModule As Long, ByVal cb As Long, ByVal lpcbNeeded As Long) As Long
   
10. Private Declare Function GetModuleFileNameEx Lib "psapi" Alias "GetModuleFileNameExA" (ByVal hProcess As Long, ByVal hModule As Long, ByVal lpFileName As String, ByVal nSize As Long) As Long
    
11. Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)
    
12. Private Declare Function VarPtrArray Lib "msvbvm60" Alias "VarPtr" (Ptr() As Any) As Long
    
13. Private Type PROCESS_BASIC_INFORMATION
    
14.     ExitStatus As Long
    
15.     PebBaseAddress As Long
    
16.     AffinityMask As Long
    
17.     BasePriority As Long
    
18.     UniqueProcessId As Long
    
19.     InheritedFromUniqueProcessId As Long
    
20. End Type
    
21. Private Type SYSTEM_HANDLE_TABLE_ENTRY_INFO
    
22.     UniqueProcessId As Integer
    
23.     CreatorBackTraceIndex As Integer
    
24.     ObjectTypeIndex As Byte
    
25.     HandleAttributes As Byte
    
26.     HandleValue As Integer
    
27.     pObject As Long
    
28.     GrantedAccess As Long
    
29. End Type
    
30. Private Type OBJECT_ATTRIBUTES
    
31.     Length As Long
    
32.     RootDirectory As Long
    
33.     ObjectName As Long
    
34.     Attributes As Long
    
35.     SecurityDescriptor As Long
    
36.     SecurityQualityOfService As Long
    
37. End Type
    
38. Private Type CLIENT_ID
    
39.     UniqueProcess As Long
    
40.     UniqueThread As Long
    
41. End Type
    
42. Private Type LARGE_INTEGER
    
43.     LowPart As Long
    
44.     HighPart As Long
    
45. End Type
    
46. Private Type UNICODE_STRING
    
47.     Length As Integer
    
48.     MaximumLength As Integer
    
49.     Buffer As Long
    
50. End Type
    
51. Private Type IO_COUNTERSEX
    
52.     ReadOperationCount As LARGE_INTEGER
    
53.     WriteOperationCount As LARGE_INTEGER
    
54.     OtherOperationCount As LARGE_INTEGER
    
55.     ReadTransferCount As LARGE_INTEGER
    
56.     WriteTransferCount As LARGE_INTEGER
    
57.     OtherTransferCount As LARGE_INTEGER
    
58. End Type
    
59. Private Type VM_COUNTERS
    
60.     PeakVirtualSize As Long
    
61.     VirtualSize As Long
    
62.     PageFaultCount As Long
    
63.     PeakWorkingSetSize As Long
    
64.     WorkingSetSize As Long
    
65.     QuotaPeakPagedPoolUsage As Long
    
66.     QuotaPagedPoolUsage As Long
    
67.     QuotaPeakNonPagedPoolUsage As Long
    
68.     QuotaNonPagedPoolUsage As Long
    
69.     PagefileUsage As Long
    
70.     PeakPagefileUsage As Long
    
71. End Type
    
72. Private Enum THREAD_STATE
    
73.     StateInitialized
    
74.     StateReady
    
75.     StateRunning
    
76.     StateStandby
    
77.     StateTerminated
    
78.     StateWait
    
79.     StateTransition
    
80.     StateUnknown
    
81. End Enum
    
82. Private Enum KWAIT_REASON
    
83.     Executive
    
84.     FreePage
    
85.     PageIn
    
86.     PoolAllocation
    
87.     DelayExecution
    
88.     Suspended
    
89.     UserRequest
    
90.     WrExecutive
    
91.     WrFreePage
    
92.     WrPageIn
    
93.     WrPoolAllocation
    
94.     WrDelayExecution
    
95.     WrSuspended
    
96.     WrUserRequest
    
97.     WrEventPair
    
98.     WrQueue
    
99.     WrLpcReceive
    
100.     WrLpcReply
     
101.     WrVirtualMemory
     
102.     WrPageOut
     
103.     WrRendezvous
     
104.     Spare2
     
105.     Spare3
     
106.     Spare4
     
107.     Spare5
     
108.     Spare6
     
109.     WrKernel
     
110.     MaximumWaitReason
     
111. End Enum
     
112. Private Type SYSTEM_THREADS
     
113.     KernelTime As LARGE_INTEGER
     
114.     UserTime As LARGE_INTEGER
     
115.     CreateTime As LARGE_INTEGER
     
116.     WaitTime As Long
     
117.     StartAddress As Long
     
118.     ClientID As CLIENT_ID
     
119.     Priority As Long
     
120.     BasePriority As Long
     
121.     ContextSwitchCount As Long
     
122.     State As THREAD_STATE
     
123.     WaitReason As KWAIT_REASON
     
124. End Type
     
125. Private Type SYSTEM_PROCESSES
     
126.     NextEntryDelta As Long
     
127.     ThreadCount As Long
     
128.     Reserved1(5) As Long
     
129.     CreateTime As LARGE_INTEGER
     
130.     UserTime As LARGE_INTEGER
     
131.     KernelTime As LARGE_INTEGER
     
132.     ProcessName As UNICODE_STRING
     
133.     BasePriority As Long
     
134.     ProcessId As Long
     
135.     InheritedFromProcessId As Long
     
136.     HandleCount As Long
     
137.     SessionId As Long
     
138.     Reserved2 As Long
     
139.     VmCounters As VM_COUNTERS
     
140.     PrivatePageCount As Long
     
141.     IoCounters As IO_COUNTERSEX
     
142.     Threads(0) As SYSTEM_THREADS
     
143. End Type
     
144. Private Type SafeArray
     
145.     cDims As Integer
     
146.     fFeatures As Integer
     
147.     cbElements As Long
     
148.     cLocks As Long
     
149.     pvData As Long
     
150.     cElements As Long
     
151.     lLbound As Long
     
152. End Type
     
153. Private Const STATUS_INFO_LENGTH_MISMATCH = &HC0000004
     
154. Private Const DUPLICATE_CLOSE_SOURCE = &H1
     
155. Private Const DUPLICATE_SAME_ACCESS = &H2
     
156. Private Const DUPLICATE_SAME_ATTRIBUTES = &H4
     
157. Private Const PROCESS_VM_READ = &H10&
     
158. Private Const PROCESS_QUERY_INFORMATION As Long = &H400
     
159. Private Const PROCESS_ALL_ACCESS = &H1F0FFF
     
160. Private Const PROCESS_DUP_HANDLE As Long = &H40
     
161. Private Const SE_DEBUG_PRIVILEGE = 20
     
162. Private Const FADF_AUTO As Integer = 1
     
163. Private Const FADF_FIXEDSIZE As Integer = 16
     
164. Public Function NT_SUCCESS(ByVal Status As Long) As Boolean
     
165.     NT_SUCCESS = (Status >= 0)
     
166. End Function
     
167. Public Sub GetAllProcessA(ByRef lpProcessIdAry() As Long)
     
168.     Dim st As Long
     
169.     Dim BytBuf() As Byte
     
170.     Dim sp() As SYSTEM_PROCESSES
     
171.     Dim pArray As SafeArray
     
172.     Dim NextEntry As Long
     
173.     Dim NumOfProcess As Long
     
174.     Dim ArySize As Long
     
175.     Erase lpProcessIdAry
     
176.     ArySize = 1
     
177.     Do
     
178.         ReDim BytBuf(ArySize)
     
179.         st = ZwQuerySystemInformation(5, VarPtr(BytBuf(0)), ArySize, 0) '5 - SystemProcessInformation
     
180.         If (Not NT_SUCCESS(st)) Then
     
181.            If (st <> STATUS_INFO_LENGTH_MISMATCH) Then
     
182.               Erase BytBuf
     
183.               Exit Sub
     
184.            End If
     
185.         Else
     
186.            Exit Do
     
187.         End If
     
188.         ArySize = ArySize * 2
     
189.         ReDim BytBuf(ArySize)
     
190.     Loop
     
191.     With pArray
     
192.         .cDims = 1
     
193.         .fFeatures = FADF_AUTO Or FADF_FIXEDSIZE
     
194.         .cbElements = 244
     
195.         .cElements = 1
     
196.         .lLbound = 0
     
197.     End With
     
198.     CopyMemory ByVal VarPtrArray(sp), VarPtr(pArray), 4
     
199.     Do
     
200.         pArray.pvData = VarPtr(BytBuf(NextEntry))
     
201.         NumOfProcess = NumOfProcess + 1
     
202.         ReDim Preserve lpProcessIdAry(NumOfProcess - 1)
     
203.         lpProcessIdAry(NumOfProcess - 1) = sp(0).ProcessId
     
204.         If sp(0).NextEntryDelta = 0 Then
     
205.             Exit Do
     
206.         Else
     
207.             NextEntry = NextEntry + sp(0).NextEntryDelta
     
208.         End If
     
209.     Loop
     
210.     Erase sp
     
211.     Erase BytBuf
     
212.     CopyMemory ByVal VarPtr(pArray), 0, Len(pArray)
     
213. End Sub
     

复制代码

modLockFileInfo.bas

1. 
   
2. Option Explicit
   
3. Private Declare Function NtQueryInformationProcess Lib "NTDLL.DLL" (ByVal ProcessHandle As Long, _
   
4.                                 ByVal ProcessInformationClass As PROCESSINFOCLASS, _
   
5.                                 ByVal ProcessInformation As Long, _
   
6.                                 ByVal ProcessInformationLength As Long, _
   
7.                                 ByRef ReturnLength As Long) As Long
   
8. Private Enum PROCESSINFOCLASS
   
9.     ProcessBasicInformation = 0
   
10.     ProcessQuotaLimits
    
11.     ProcessIoCounters
    
12.     ProcessVmCounters
    
13.     ProcessTimes
    
14.     ProcessBasePriority
    
15.     ProcessRaisePriority
    
16.     ProcessDebugPort
    
17.     ProcessExceptionPort
    
18.     ProcessAccessToken
    
19.     ProcessLdtInformation
    
20.     ProcessLdtSize
    
21.     ProcessDefaultHardErrorMode
    
22.     ProcessIoPortHandlers
    
23.     ProcessPooledUsageAndLimits
    
24.     ProcessWorkingSetWatch
    
25.     ProcessUserModeIOPL
    
26.     ProcessEnableAlignmentFaultFixup
    
27.     ProcessPriorityClass
    
28.     ProcessWx86Information
    
29.     ProcessHandleCount
    
30.     ProcessAffinityMask
    
31.     ProcessPriorityBoost
    
32.     ProcessDeviceMap
    
33.     ProcessSessionInformation
    
34.     ProcessForegroundInformation
    
35.     ProcessWow64Information
    
36.     ProcessImageFileName
    
37.     ProcessLUIDDeviceMapsEnabled
    
38.     ProcessBreakOnTermination
    
39.     ProcessDebugObjectHandle
    
40.     ProcessDebugFlags
    
41.     ProcessHandleTracing
    
42.     ProcessIoPriority
    
43.     ProcessExecuteFlags
    
44.     ProcessResourceManagement
    
45.     ProcessCookie
    
46.     ProcessImageInformation
    
47.     MaxProcessInfoClass
    
48. End Enum
    
49. Private Type PROCESS_BASIC_INFORMATION
    
50.     ExitStatus As Long 'NTSTATUS
    
51.     PebBaseAddress As Long 'PPEB
    
52.     AffinityMask As Long 'ULONG_PTR
    
53.     BasePriority As Long 'KPRIORITY
    
54.     UniqueProcessId As Long 'ULONG_PTR
    
55.     InheritedFromUniqueProcessId As Long 'ULONG_PTR
    
56. End Type
    
57. Private Type FILE_NAME_INFORMATION
    
58.      FileNameLength As Long
    
59.      FileName(3) As Byte
    
60. End Type
    
61. Private Type NM_INFO
    
62.     Info As FILE_NAME_INFORMATION
    
63.     strName(259) As Byte
    
64. End Type
    
65. Private Enum FileInformationClass
    
66.     FileDirectoryInformation = 1
    
67.     FileFullDirectoryInformation = 2
    
68.     FileBothDirectoryInformation = 3
    
69.     FileBasicInformation = 4
    
70.     FileStandardInformation = 5
    
71.     FileInternalInformation = 6
    
72.     FileEaInformation = 7
    
73.     FileAccessInformation = 8
    
74.     FileNameInformation = 9
    
75.     FileRenameInformation = 10
    
76.     FileLinkInformation = 11
    
77.     FileNamesInformation = 12
    
78.     FileDispositionInformation = 13
    
79.     FilePositionInformation = 14
    
80.     FileFullEaInformation = 15
    
81.     FileModeInformation = 16
    
82.     FileAlignmentInformation = 17
    
83.     FileAllInformation = 18
    
84.     FileAllocationInformation = 19
    
85.     FileEndOfFileInformation = 20
    
86.     FileAlternateNameInformation = 21
    
87.     FileStreamInformation = 22
    
88.     FilePipeInformation = 23
    
89.     FilePipeLocalInformation = 24
    
90.     FilePipeRemoteInformation = 25
    
91.     FileMailslotQueryInformation = 26
    
92.     FileMailslotSetInformation = 27
    
93.     FileCompressionInformation = 28
    
94.     FileObjectIdInformation = 29
    
95.     FileCompletionInformation = 30
    
96.     FileMoveClusterInformation = 31
    
97.     FileQuotaInformation = 32
    
98.     FileReparsePointInformation = 33
    
99.     FileNetworkOpenInformation = 34
    
100.     FileAttributeTagInformation = 35
     
101.     FileTrackingInformation = 36
     
102.     FileMaximumInformation
     
103. End Enum
     
104. Private Declare Function NtQuerySystemInformation Lib "NTDLL.DLL" (ByVal SystemInformationClass As SYSTEM_INFORMATION_CLASS, _
     
105.                                 ByVal pSystemInformation As Long, _
     
106.                                 ByVal SystemInformationLength As Long, _
     
107.                                 ByRef ReturnLength As Long) As Long
     
108.                               
     
109. Private Enum SYSTEM_INFORMATION_CLASS
     
110.     SystemBasicInformation
     
111.     SystemProcessorInformation             '// obsolete...delete
     
112.     SystemPerformanceInformation
     
113.     SystemTimeOfDayInformation
     
114.     SystemPathInformation
     
115.     SystemProcessInformation
     
116.     SystemCallCountInformation
     
117.     SystemDeviceInformation
     
118.     SystemProcessorPerformanceInformation
     
119.     SystemFlagsInformation
     
120.     SystemCallTimeInformation
     
121.     SystemModuleInformation
     
122.     SystemLocksInformation
     
123.     SystemStackTraceInformation
     
124.     SystemPagedPoolInformation
     
125.     SystemNonPagedPoolInformation
     
126.     SystemHandleInformation
     
127.     SystemObjectInformation
     
128.     SystemPageFileInformation
     
129.     SystemVdmInstemulInformation
     
130.     SystemVdmBopInformation
     
131.     SystemFileCacheInformation
     
132.     SystemPoolTagInformation
     
133.     SystemInterruptInformation
     
134.     SystemDpcBehaviorInformation
     
135.     SystemFullMemoryInformation
     
136.     SystemLoadGdiDriverInformation
     
137.     SystemUnloadGdiDriverInformation
     
138.     SystemTimeAdjustmentInformation
     
139.     SystemSummaryMemoryInformation
     
140.     SystemMirrorMemoryInformation
     
141.     SystemPerformanceTraceInformation
     
142.     SystemObsolete0
     
143.     SystemExceptionInformation
     
144.     SystemCrashDumpStateInformation
     
145.     SystemKernelDebuggerInformation
     
146.     SystemContextSwitchInformation
     
147.     SystemRegistryQuotaInformation
     
148.     SystemExtendServiceTableInformation
     
149.     SystemPrioritySeperation
     
150.     SystemVerifierAddDriverInformation
     
151.     SystemVerifierRemoveDriverInformation
     
152.     SystemProcessorIdleInformation
     
153.     SystemLegacyDriverInformation
     
154.     SystemCurrentTimeZoneInformation
     
155.     SystemLookasideInformation
     
156.     SystemTimeSlipNotification
     
157.     SystemSessionCreate
     
158.     SystemSessionDetach
     
159.     SystemSessionInformation
     
160.     SystemRangeStartInformation
     
161.     SystemVerifierInformation
     
162.     SystemVerifierThunkExtend
     
163.     SystemSessionProcessInformation
     
164.     SystemLoadGdiDriverInSystemSpace
     
165.     SystemNumaProcessorMap
     
166.     SystemPrefetcherInformation
     
167.     SystemExtendedProcessInformation
     
168.     SystemRecommendedSharedDataAlignment
     
169.     SystemComPlusPackage
     
170.     SystemNumaAvailableMemory
     
171.     SystemProcessorPowerInformation
     
172.     SystemEmulationBasicInformation
     
173.     SystemEmulationProcessorInformation
     
174.     SystemExtendedHandleInformation
     
175.     SystemLostDelayedWriteInformation
     
176.     SystemBigPoolInformation
     
177.     SystemSessionPoolTagInformation
     
178.     SystemSessionMappedViewInformation
     
179.     SystemHotpatchInformation
     
180.     SystemObjectSecurityMode
     
181.     SystemWatchdogTimerHandler
     
182.     SystemWatchdogTimerInformation
     
183.     SystemLogicalProcessorInformation
     
184.     SystemWow64SharedInformation
     
185.     SystemRegisterFirmwareTableInformationHandler
     
186.     SystemFirmwareTableInformation
     
187.     SystemModuleInformationEx
     
188.     SystemVerifierTriageInformation
     
189.     SystemSuperfetchInformation
     
190.     SystemMemoryListInformation
     
191.     SystemFileCacheInformationEx
     
192.     MaxSystemInfoClass  '// MaxSystemInfoClass should always be the last enum
     
193. End Enum
     
194. Private Type SYSTEM_HANDLE
     
195.     UniqueProcessId As Integer
     
196.     CreatorBackTraceIndex As Integer
     
197.     ObjectTypeIndex As Byte
     
198.     HandleAttributes As Byte
     
199.     HandleValue As Integer
     
200.     pObject As Long
     
201.     GrantedAccess As Long
     
202. End Type
     
203. Private Const STATUS_INFO_LENGTH_MISMATCH = &HC0000004
     
204. Private Enum SYSTEM_HANDLE_TYPE
     
205.     OB_TYPE_UNKNOWN = 0
     
206.     OB_TYPE_TYPE = 1
     
207.     OB_TYPE_DIRECTORY
     
208.     OB_TYPE_SYMBOLIC_LINK
     
209.     OB_TYPE_TOKEN
     
210.     OB_TYPE_PROCESS
     
211.     OB_TYPE_THREAD
     
212.     OB_TYPE_UNKNOWN_7
     
213.     OB_TYPE_EVENT
     
214.     OB_TYPE_EVENT_PAIR
     
215.     OB_TYPE_MUTANT
     
216.     OB_TYPE_UNKNOWN_11
     
217.     OB_TYPE_SEMAPHORE
     
218.     OB_TYPE_TIMER
     
219.     OB_TYPE_PROFILE
     
220.     OB_TYPE_WINDOW_STATION
     
221.     OB_TYPE_DESKTOP
     
222.     OB_TYPE_SECTION
     
223.     OB_TYPE_KEY
     
224.     OB_TYPE_PORT
     
225.     OB_TYPE_WAITABLE_PORT
     
226.     OB_TYPE_UNKNOWN_21
     
227.     OB_TYPE_UNKNOWN_22
     
228.     OB_TYPE_UNKNOWN_23
     
229.     OB_TYPE_UNKNOWN_24
     
230.     OB_TYPE_IO_COMPLETION
     
231.     OB_TYPE_FILE
     
232. End Enum
     
233. 'typedef struct _SYSTEM_HANDLE_INFORMATION
     
234. '{
     
235. '   ULONG           uCount;
     
236. '   SYSTEM_HANDLE   aSH[];
     
237. '} SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;
     
238. Private Type SYSTEM_HANDLE_INFORMATION
     
239.     uCount As Long
     
240.     aSH() As SYSTEM_HANDLE
     
241. End Type
     
242. Private Declare Function NtDuplicateObject Lib "NTDLL.DLL" (ByVal SourceProcessHandle As Long, _
     
243.                                 ByVal SourceHandle As Long, _
     
244.                                 ByVal TargetProcessHandle As Long, _
     
245.                                 ByRef TargetHandle As Long, _
     
246.                                 ByVal DesiredAccess As Long, _
     
247.                                 ByVal HandleAttributes As Long, _
     
248.                                 ByVal Options As Long) As Long
     
249. Private Const DUPLICATE_CLOSE_SOURCE = &H1
     
250. Private Const DUPLICATE_SAME_ACCESS = &H2
     
251. Private Const DUPLICATE_SAME_ATTRIBUTES = &H4
     
252. Private Declare Function NtOpenProcess Lib "NTDLL.DLL" (ByRef ProcessHandle As Long, _
     
253.                                 ByVal AccessMask As Long, _
     
254.                                 ByRef ObjectAttributes As OBJECT_ATTRIBUTES, _
     
255.                                 ByRef ClientID As CLIENT_ID) As Long
     
256. Private Type OBJECT_ATTRIBUTES
     
257.     Length As Long
     
258.     RootDirectory As Long
     
259.     ObjectName As Long
     
260.     Attributes As Long
     
261.     SecurityDescriptor As Long
     
262.     SecurityQualityOfService As Long
     
263. End Type
     
264. Private Type CLIENT_ID
     
265.     UniqueProcess As Long
     
266.     UniqueThread  As Long
     
267. End Type
     
268. Private Type IO_STATUS_BLOCK
     
269.     Status As Long
     
270.     uInformation As Long
     
271. End Type
     
272. Private Const PROCESS_CREATE_THREAD = &H2
     
273. Private Const PROCESS_VM_WRITE = &H20
     
274. Private Const PROCESS_VM_OPERATION = &H8
     
275. Private Const PROCESS_QUERY_INFORMATION As Long = (&H400)
     
276. Private Const STANDARD_RIGHTS_REQUIRED As Long = &HF0000
     
277. Private Const SYNCHRONIZE As Long = &H100000
     
278. Private Const PROCESS_ALL_ACCESS As Long = (STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or &HFFF)
     
279. Private Const PROCESS_DUP_HANDLE As Long = (&H40)
     
280. Private Declare Function NtClose Lib "NTDLL.DLL" (ByVal ObjectHandle As Long) As Long
     
281. Private Declare Sub CopyMemory Lib "kernel32.dll" Alias "RtlMoveMemory" (ByRef Destination As Any, _
     
282.                                       ByRef Source As Any, _
     
283.                                       ByVal Length As Long)
     
284.                                       
     
285. Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Any, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long
     
286. Private Enum OBJECT_INFORMATION_CLASS
     
287.     ObjectBasicInformation = 0
     
288.     ObjectNameInformation
     
289.     ObjectTypeInformation
     
290.     ObjectAllTypesInformation
     
291.     ObjectHandleInformation
     
292. End Enum
     
293. Private Type UNICODE_STRING
     
294.     uLength As Integer
     
295.     uMaximumLength As Integer
     
296.     pBuffer(3) As Byte
     
297. End Type
     
298. Private Type OBJECT_NAME_INFORMATION
     
299.     pName As UNICODE_STRING
     
300. End Type
     
301. Private Const STATUS_INFO_LEN_MISMATCH = &HC0000004
     
302. Private Const HEAP_ZERO_MEMORY = &H8
     
303. Public Declare Function GetCurrentProcessId Lib "kernel32" () As Long
     
304. Private Declare Function GetCurrentProcess Lib "kernel32" () As Long
     
305. Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long
     
306. Private Declare Function GetProcessHeap Lib "kernel32" () As Long
     
307. Private Declare Function HeapFree Lib "kernel32" (ByVal hHeap As Long, ByVal dwFlags As Long, lpMem As Any) As Long
     
308. Private Declare Function HeapReAlloc Lib "kernel32" (ByVal hHeap As Long, ByVal dwFlags As Long, lpMem As Any, ByVal dwBytes As Long) As Long
     
309. Private Declare Function HeapAlloc Lib "kernel32" (ByVal hHeap As Long, ByVal dwFlags As Long, ByVal dwBytes As Long) As Long
     
310. Private Declare Function NtQueryObject Lib "NTDLL.DLL" (ByVal ObjectHandle As Long, _
     
311.                                                         ByVal ObjectInformationClass As OBJECT_INFORMATION_CLASS, _
     
312.                                                         ByVal ObjectInformation As Long, ByVal ObjectInformationLength As Long, _
     
313.                                                         ReturnLength As Long) As Long
     
314. Private Declare Function lstrlenW Lib "kernel32" (ByVal lpString As Long) As Long
     
315. Private Declare Function QueryDosDevice Lib "kernel32" Alias "QueryDosDeviceA" (ByVal lpDeviceName As String, ByVal lpTargetPath As String, ByVal ucchMax As Long) As Long
     
316. Private Declare Function GetLogicalDriveStrings Lib "kernel32" Alias "GetLogicalDriveStringsA" (ByVal nBufferLength As Long, ByVal lpBuffer As String) As Long
     
317. Private Declare Function lstrcpyW Lib "kernel32" (ByVal lpString1 As String, ByVal lpString2 As Long) As Long
     
318. Public Declare Function MessageBox Lib "user32" Alias "MessageBoxA" (ByVal hWnd As Long, ByVal lpText As String, ByVal lpCaption As String, ByVal wType As Long) As Long
     
319. Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, lpThreadAttributes As Any, ByVal dwStackSize As Long, lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadId As Long) As Long
     
320. Private Declare Function WaitForSingleObject Lib "kernel32" (ByVal hHandle As Long, ByVal dwMilliseconds As Long) As Long
     
321. Private Declare Function GetExitCodeThread Lib "kernel32" (ByVal hThread As Long, lpExitCode As Long) As Long
     
322. Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long
     
323. Private Declare Function FreeLibrary Lib "kernel32" (ByVal hLibModule As Long) As Long
     
324. Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
     
325. Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
     
326. Private Declare Function TerminateThread Lib "kernel32" (ByVal hThread As Long, ByVal dwExitCode As Long) As Long
     
327. Private Declare Function GetFileType Lib "kernel32" (ByVal hFile As Long) As Long
     
328. Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
     
329. Private Function NT_SUCCESS(ByVal nStatus As Long) As Boolean
     
330.     NT_SUCCESS = (nStatus >= 0)
     
331. End Function
     
332. Public Function GetFileFullPath(ByVal hFile As Long) As String
     
333.     Dim hHeap As Long, dwSize As Long, objName As UNICODE_STRING, pName As Long
     
334.     Dim ntStatus As Long, i As Long, lngNameSize As Long, strDrives As String, strArray() As String
     
335.     Dim dwDriversSize As Long, strDrive As String, strTmp As String, strTemp As String
     
336.     On Error GoTo ErrHandle
     
337.     hHeap = GetProcessHeap
     
338.     pName = HeapAlloc(hHeap, HEAP_ZERO_MEMORY, &H1000)
     
339.     ntStatus = NtQueryObject(hFile, ObjectNameInformation, pName, &H1000, dwSize)
     
340.     If (NT_SUCCESS(ntStatus)) Then
     
341.         i = 1
     
342.         Do While (ntStatus = STATUS_INFO_LEN_MISMATCH)
     
343.             pName = HeapReAlloc(hHeap, HEAP_ZERO_MEMORY, pName, &H1000 * i)
     
344.             ntStatus = NtQueryObject(hFile, ObjectNameInformation, pName, &H1000, ByVal 0)
     
345.             i = i + 1
     
346.         Loop
     
347.     End If
     
348.     HeapFree hHeap, 0, pName
     
349.     strTemp = String(512, Chr(0))
     
350.     lstrcpyW strTemp, pName + Len(objName)
     
351.     strTemp = StrConv(strTemp, vbFromUnicode)
     
352.     strTemp = Left(strTemp, InStr(strTemp, Chr(0)) - 1)
     
353.     strDrives = String(512, Chr(9))
     
354.     dwDriversSize = GetLogicalDriveStrings(512, strDrives)
     
355.     If dwDriversSize Then
     
356.         strArray = Split(strDrives, Chr(0))
     
357.         For i = 0 To UBound(strArray)
     
358.             If strArray(i) <> "" Then
     
359.                 strDrive = Left(strArray(i), 2)
     
360.                 strTmp = String(260, Chr(0))
     
361.                 Call QueryDosDevice(strDrive, strTmp, 256)
     
362.                 strTmp = Left(strTmp, InStr(strTmp, Chr(0)) - 1)
     
363.                 If InStr(LCase(strTemp), LCase(strTmp)) = 1 Then
     
364.                     GetFileFullPath = strDrive & Mid(strTemp, Len(strTmp) + 1, Len(strTemp) - Len(strTmp))
     
365.                     Exit Function
     
366.                 End If
     
367.             End If
     
368.         Next
     
369.     End If
     
370. ErrHandle:
     
371. End Function
     
372. Public Function CloseLockFileHandle(ByVal strFileName As String, ByVal dwProcessId As Long) As Boolean
     
373.     Dim ntStatus As Long
     
374.     Dim objCid As CLIENT_ID
     
375.     Dim objOa As OBJECT_ATTRIBUTES
     
376.     Dim lngHandles As Long
     
377.     Dim i As Long
     
378.     Dim objInfo As SYSTEM_HANDLE_INFORMATION, lngType As Long
     
379.     Dim hProcess As Long, hProcessToDup As Long, hFileHandle As Long
     
380.     Dim hFile As Long
     
381.     'Dim objIo As IO_STATUS_BLOCK, objFn As FILE_NAME_INFORMATION, objN As NM_INFO
     
382.     Dim bytBytes() As Byte, strSubPath As String, strTmp As String
     
383.     Dim blnIsOk As Boolean
     
384.     strSubPath = Mid(strFileName, 3, Len(strFileName) - 2)
     
385.     hFile = CreateFile("NUL", &H80000000, 0, ByVal 0&, 3, 0, 0)
     
386.     If hFile = -1 Then
     
387.         CloseLockFileHandle = False
     
388.         Exit Function
     
389.     End If
     
390.     objOa.Length = Len(objOa)
     
391.     objCid.UniqueProcess = dwProcessId
     
392.     ntStatus = 0
     
393.     Dim BytBuf() As Byte
     
394.     Dim nSize As Long
     
395.     nSize = 1
     
396.     Do
     
397.         ReDim BytBuf(nSize)
     
398.         ntStatus = NtQuerySystemInformation(SystemHandleInformation, VarPtr(BytBuf(0)), nSize, 0&)
     
399.         If (Not NT_SUCCESS(ntStatus)) Then
     
400.             If (ntStatus <> STATUS_INFO_LENGTH_MISMATCH) Then
     
401.                 Erase BytBuf
     
402.                 Exit Function
     
403.             End If
     
404.         Else
     
405.             Exit Do
     
406.         End If
     
407.         nSize = nSize * 2
     
408.         ReDim BytBuf(nSize)
     
409.     Loop
     
410.     lngHandles = 0
     
411.     CopyMemory objInfo.uCount, BytBuf(0), 4
     
412.     lngHandles = objInfo.uCount
     
413.     ReDim objInfo.aSH(lngHandles - 1)
     
414.     Call CopyMemory(objInfo.aSH(0), BytBuf(4), Len(objInfo.aSH(0)) * lngHandles)
     
415.     For i = 0 To lngHandles - 1
     
416.         If objInfo.aSH(i).HandleValue = hFile And objInfo.aSH(i).UniqueProcessId = GetCurrentProcessId Then
     
417.             lngType = objInfo.aSH(i).ObjectTypeIndex
     
418.             Exit For
     
419.         End If
     
420.     Next
     
421.     NtClose hFile
     
422.     blnIsOk = True
     
423.     For i = 0 To lngHandles - 1
     
424.         If objInfo.aSH(i).ObjectTypeIndex = lngType And objInfo.aSH(i).UniqueProcessId = dwProcessId Then
     
425.             ntStatus = NtOpenProcess(hProcessToDup, PROCESS_DUP_HANDLE, objOa, objCid)
     
426.             If hProcessToDup <> 0 Then
     
427.                 ntStatus = NtDuplicateObject(hProcessToDup, objInfo.aSH(i).HandleValue, GetCurrentProcess, hFileHandle, 0, 0, DUPLICATE_SAME_ATTRIBUTES)
     
428.                 If (NT_SUCCESS(ntStatus)) Then
     
429.                     '这里如果直接调用NtQueryObject可能会挂起解决方法是用线程去处理当线程处理时间超过一定时间就把它干掉
     
430.                     '由于VB对多线程支持很差，其实应该说是对CreateThread支持很差，什么原因不要问我，相信网上也写有不少
     
431.                     '文件是关于它的,这里我选择了另一个函数也可以建立线程但是它是建立远程线程的，不过它却很稳定正好解决了
     
432.                     '我们这里的问题它就是CreateRemoteThread,^_^还记得我说过它很强大吧~~哈哈。
     
433.                     ntStatus = MyGetFileType(hFileHandle)
     
434.                     If ntStatus Then
     
435.                         strTmp = GetFileFullPath(hFileHandle)
     
436.                     End If
     
437.                     NtClose hFileHandle
     
438.                     If InStr(LCase(strTmp), LCase(strFileName)) Then
     
439.                         If Not CloseRemoteHandle(dwProcessId, objInfo.aSH(i).HandleValue, strFileName) Then
     
440.                             blnIsOk = False
     
441.                         End If
     
442.                     End If
     
443.                 End If
     
444.             End If
     
445.         End If
     
446.     Next
     
447.     CloseLockFileHandle = blnIsOk
     
448. End Function
     
449. '检测所有进程
     
450. Public Function CloseLoackFiles(ByVal strFileName As String) As Boolean
     
451.     Dim ntStatus As Long
     
452.     Dim objCid As CLIENT_ID
     
453.     Dim objOa As OBJECT_ATTRIBUTES
     
454.     Dim lngHandles As Long
     
455.     Dim i As Long
     
456.     Dim objInfo As SYSTEM_HANDLE_INFORMATION, lngType As Long
     
457.     Dim hProcess As Long, hProcessToDup As Long, hFileHandle As Long
     
458.     Dim hFile As Long, blnIsOk As Boolean, strProcessName As String
     
459.     'Dim objIo As IO_STATUS_BLOCK, objFn As FILE_NAME_INFORMATION, objN As NM_INFO
     
460.     Dim bytBytes() As Byte, strSubPath As String, strTmp As String
     
461.     strSubPath = Mid(strFileName, 3, Len(strFileName) - 2)
     
462.     hFile = CreateFile("NUL", &H80000000, 0, ByVal 0&, 3, 0, 0)
     
463.     If hFile = -1 Then
     
464.         CloseLoackFiles = False
     
465.         Exit Function
     
466.     End If
     
467.     objOa.Length = Len(objOa)
     
468.     ntStatus = 0
     
469.     Dim BytBuf() As Byte
     
470.     Dim nSize As Long
     
471.     nSize = 1
     
472.     Do
     
473.         ReDim BytBuf(nSize)
     
474.         ntStatus = NtQuerySystemInformation(SystemHandleInformation, VarPtr(BytBuf(0)), nSize, 0&)
     
475.         If (Not NT_SUCCESS(ntStatus)) Then
     
476.             If (ntStatus <> STATUS_INFO_LENGTH_MISMATCH) Then
     
477.                 Erase BytBuf
     
478.                 Exit Function
     
479.             End If
     
480.         Else
     
481.             Exit Do
     
482.         End If
     
483.         nSize = nSize * 2
     
484.         ReDim BytBuf(nSize)
     
485.     Loop
     
486.     lngHandles = 0
     
487.     CopyMemory objInfo.uCount, BytBuf(0), 4
     
488.     lngHandles = objInfo.uCount
     
489.     ReDim objInfo.aSH(lngHandles - 1)
     
490.     Call CopyMemory(objInfo.aSH(0), BytBuf(4), Len(objInfo.aSH(0)) * lngHandles)
     
491.     For i = 0 To lngHandles - 1
     
492.         If objInfo.aSH(i).HandleValue = hFile And objInfo.aSH(i).UniqueProcessId = GetCurrentProcessId Then
     
493.             lngType = objInfo.aSH(i).ObjectTypeIndex
     
494.             Exit For
     
495.         End If
     
496.     Next
     
497.     NtClose hFile
     
498.     blnIsOk = True
     
499.     For i = 0 To lngHandles - 1
     
500.         If objInfo.aSH(i).ObjectTypeIndex = lngType Then
     
501.             objCid.UniqueProcess = objInfo.aSH(i).UniqueProcessId
     
502.             ntStatus = NtOpenProcess(hProcessToDup, PROCESS_DUP_HANDLE, objOa, objCid)
     
503.             If hProcessToDup <> 0 Then
     
504.                 ntStatus = NtDuplicateObject(hProcessToDup, objInfo.aSH(i).HandleValue, GetCurrentProcess, hFileHandle, 0, 0, DUPLICATE_SAME_ATTRIBUTES)
     
505.                 If (NT_SUCCESS(ntStatus)) Then
     
506.                     '这里如果直接调用NtQueryObject可能会挂起解决方法是用线程去处理当线程处理时间超过一定时间就把它干掉
     
507.                     '由于VB对多线程支持很差，其实应该说是对CreateThread支持很差，什么原因不要问我，相信网上也写有不少
     
508.                     '文件是关于它的,这里我选择了另一个函数也可以建立线程但是它是建立远程线程的，不过它却很稳定正好解决了
     
509.                     '我们这里的问题它就是CreateRemoteThread,^_^还记得我说过它很强大吧~~哈哈。
     
510.                     ntStatus = MyGetFileType(hFileHandle)
     
511.                     If ntStatus Then
     
512.                         strTmp = GetFileFullPath(hFileHandle)
     
513.                     Else
     
514.                         strTmp = ""
     
515.                     End If
     
516.                     NtClose hFileHandle
     
517.                     If InStr(LCase(strTmp), LCase(strFileName)) Then
     
518.                         If Not CloseRemoteHandle(objInfo.aSH(i).UniqueProcessId, objInfo.aSH(i).HandleValue, strTmp) Then
     
519.                             blnIsOk = False
     
520.                         End If
     
521.                     End If
     
522.                 End If
     
523.             End If
     
524.         End If
     
525.     Next
     
526.     CloseLoackFiles = blnIsOk
     
527. End Function
     
528. Private Function GetProcessCommandLine(ByVal dwProcessId As Long) As String
     
529.     Dim objCid As CLIENT_ID
     
530.     Dim objOa As OBJECT_ATTRIBUTES
     
531.     Dim ntStatus As Long, hKernel As Long, strName As String
     
532.     Dim hProcess As Long, dwAddr As Long, dwRead As Long
     
533.     objOa.Length = Len(objOa)
     
534.     objCid.UniqueProcess = dwProcessId
     
535.     ntStatus = NtOpenProcess(hProcess, &H10, objOa, objCid)
     
536.     If hProcess = 0 Then
     
537.         GetProcessCommandLine = ""
     
538.         Exit Function
     
539.     End If
     
540.     hKernel = GetModuleHandle("kernel32")
     
541.     dwAddr = GetProcAddress(hKernel, "GetCommandLineA")
     
542.     CopyMemory dwAddr, ByVal dwAddr + 1, 4
     
543.     If ReadProcessMemory(hProcess, ByVal dwAddr, dwAddr, 4, dwRead) Then
     
544.         strName = String(260, Chr(0))
     
545.         If ReadProcessMemory(hProcess, ByVal dwAddr, ByVal strName, 260, dwRead) Then
     
546.             strName = Left(strName, InStr(strName, Chr(0)) - 1)
     
547.             NtClose hProcess
     
548.             GetProcessCommandLine = strName
     
549.             Exit Function
     
550.         End If
     
551.     End If
     
552.     NtClose hProcess
     
553. End Function
     
554. '解锁指定进程的锁定文件
     
555. Public Function CloseRemoteHandle(ByVal dwProcessId, ByVal hHandle As Long, Optional ByVal strLockFile As String = "") As Boolean
     
556.     Dim hMyProcess  As Long, hRemProcess As Long, blnResult As Long, hMyHandle As Long
     
557.     Dim objCid As CLIENT_ID
     
558.     Dim objOa As OBJECT_ATTRIBUTES
     
559.     Dim ntStatus As Long, strProcessName As String, hProcess As Long, strMsg As String
     
560.     objCid.UniqueProcess = dwProcessId
     
561.     objOa.Length = Len(objOa)
     
562.     hMyProcess = GetCurrentProcess()
     
563.     ntStatus = NtOpenProcess(hRemProcess, PROCESS_DUP_HANDLE, objOa, objCid)
     
564.     If hRemProcess Then
     
565.         ntStatus = NtDuplicateObject(hRemProcess, hHandle, GetCurrentProcess, hMyHandle, 0, 0, DUPLICATE_CLOSE_SOURCE Or DUPLICATE_SAME_ACCESS)
     
566.         If (NT_SUCCESS(ntStatus)) Then
     
567.         'If DuplicateHandle(hRemProcess, hMyProcess, hHandle, hMyHandle, 0, 0, DUPLICATE_CLOSE_SOURCE Or DUPLICATE_SAME_ACCESS) Then
     
568.             blnResult = NtClose(hMyHandle)
     
569.             If blnResult >= 0 Then
     
570.                 strProcessName = GetProcessCommandLine(dwProcessId)
     
571.                 'If InStr(LCase(strProcessName), LCase(strLockFile)) Then
     
572.                 'If InStr(LCase(strProcessName), "explorer.exe") = 0 And dwProcessId <> GetCurrentProcessId Then
     
573.                     'objCid.UniqueProcess = dwProcessId
     
574.                     'ntStatus = NtOpenProcess(hProcess, 1, objOa, objCid)
     
575.                     'If hProcess <> 0 Then TerminateProcess hProcess, 0
     
576.                 'End If
     
577.             End If
     
578.         End If
     
579.         Call NtClose(hRemProcess)
     
580.     End If
     
581.     CloseRemoteHandle = blnResult >= 0
     
582. End Function
     
583. '解锁指定进程的锁定文件
     
584. Public Function CloseRemoteHandleEx(ByVal dwProcessId, ByVal hHandle As Long, Optional ByVal strLockFile As String = "") As Boolean
     
585.     Dim hRemProcess As Long, hThread As Long, lngResult As Long, pfnThreadRtn As Long, hKernel As Long
     
586.     Dim objCid As CLIENT_ID
     
587.     Dim objOa As OBJECT_ATTRIBUTES, strMsg As String
     
588.     Dim ntStatus As Long, strProcessName As String, hProcess As Long
     
589.     objCid.UniqueProcess = dwProcessId
     
590.     objOa.Length = Len(objOa)
     
591.     ntStatus = NtOpenProcess(hRemProcess, PROCESS_QUERY_INFORMATION Or PROCESS_CREATE_THREAD Or PROCESS_VM_OPERATION Or PROCESS_VM_WRITE, objOa, objCid)
     
592. '    hMyProcess = OpenProcess(PROCESS_QUERY_INFORMATION Or PROCESS_CREATE_THREAD Or PROCESS_VM_OPERATION Or PROCESS_VM_WRITE, 0, dwProcessId)
     
593.     If hRemProcess = 0 Then
     
594.         CloseRemoteHandleEx = False
     
595.         Exit Function
     
596.     End If
     
597.     hKernel = GetModuleHandle("kernel32")
     
598.     If hKernel = 0 Then
     
599.         CloseRemoteHandleEx = False
     
600.         Exit Function
     
601.     End If
     
602.     pfnThreadRtn = GetProcAddress(hKernel, "CloseHandle")
     
603.     If pfnThreadRtn = 0 Then
     
604.         FreeLibrary hKernel
     
605.         CloseRemoteHandleEx = False
     
606.         Exit Function
     
607.     End If
     
608.     hThread = CreateRemoteThread(hRemProcess, ByVal 0&, 0&, ByVal pfnThreadRtn, ByVal hHandle, 0, 0&)
     
609.     If hThread = 0 Then
     
610.         FreeLibrary hKernel
     
611.         CloseRemoteHandleEx = False
     
612.         Exit Function
     
613.     End If
     
614.     GetExitCodeThread hThread, lngResult
     
615.     CloseRemoteHandleEx = CBool(lngResult)
     
616.     strProcessName = GetProcessCommandLine(dwProcessId)
     
617.     'If InStr(strProcessName, strLockFile) Then
     
618.     '    objCid.UniqueProcess = dwProcessId
     
619.     '    ntStatus = NtOpenProcess(hProcess, 1, objOa, objCid)
     
620.         'If hProcess <> 0 Then TerminateProcess hProcess, 0
     
621.     'End If
     
622.     NtClose hThread
     
623.     NtClose hRemProcess
     
624.     FreeLibrary hKernel
     
625. End Function
     
626. Private Function MyGetFileType(ByVal hFile As Long) As Long
     
627.     Dim hRemProcess As Long, hThread As Long, lngResult As Long, pfnThreadRtn As Long, hKernel As Long
     
628.     Dim dwEax As Long, dwTimeOut As Long
     
629.     hRemProcess = GetCurrentProcess
     
630.     hKernel = GetModuleHandle("kernel32")
     
631.     If hKernel = 0 Then
     
632.         MyGetFileType = 0
     
633.         Exit Function
     
634.     End If
     
635.     pfnThreadRtn = GetProcAddress(hKernel, "GetFileType")
     
636.     If pfnThreadRtn = 0 Then
     
637.         FreeLibrary hKernel
     
638.         MyGetFileType = 0
     
639.         Exit Function
     
640.     End If
     
641.     hThread = CreateRemoteThread(hRemProcess, ByVal 0&, 0&, ByVal pfnThreadRtn, ByVal hFile, 0, ByVal 0&)
     
642.     dwEax = WaitForSingleObject(hThread, 100)
     
643.     If dwEax = &H102 Then
     
644.         Call GetExitCodeThread(hThread, dwTimeOut)
     
645.         Call TerminateThread(hThread, dwTimeOut)
     
646.         NtClose hThread
     
647.         MyGetFileType = 0
     
648.         Exit Function
     
649.     End If
     
650.     If hThread = 0 Then
     
651.         FreeLibrary hKernel
     
652.         MyGetFileType = False
     
653.         Exit Function
     
654.     End If
     
655.     GetExitCodeThread hThread, lngResult
     
656.     MyGetFileType = lngResult
     
657.     NtClose hThread
     
658.     NtClose hRemProcess
     
659.     FreeLibrary hKernel
     
660. End Function
     

复制代码

modUnlockFile.bas

1. 
   
2. Public Sub UnlockFile(Byval szFileName As String)
   
3.     Dim i As Long
   
4.     Dim pids() As Long
   
5.     Call GetAllProcessA(pids)
   
6.     For i = 0 To UBound(pids)
   
7.         CloseLockFileHandle szFileName, pids(i)
   
8.     Next
   
9.     Erase pids
   
10. End Sub
    

复制代码

HoviDelphic

陈辉博客：http://blog.csdn.net/chenhui530
有很多很有价值的技术文章。

马大哈

陈辉这小子最近比较忙.

阿杰

这个不错,比较实用

乔丹二世

不错的源码