如何终止卡在UAC授权循环中的病毒而不注销Windows?

bttbmeg0  于 2023-08-07  发布在  Windows
关注(0)|答案(1)|浏览(109)

下面的C++代码不断地请求管理员权限。当Windows提示用户帐户控制(UAC)授权时,我们无法执行任何操作,这意味着我们无法打开任务管理器来终止此程序。那么,我们如何才能在不注销的情况下退出程序?

#include<windows.h>
int main()
{
    ShowWindow(GetConsoleWindow(), SW_HIDE);
    BOOL isAdmin = FALSE;
    SID_IDENTIFIER_AUTHORITY ntAuthority = SECURITY_NT_AUTHORITY;
    PSID adminGroup;

    if (AllocateAndInitializeSid(&ntAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &adminGroup))
    {
        CheckTokenMembership(NULL, adminGroup, &isAdmin);
        FreeSid(adminGroup);
    }
    if (isAdmin) {
        MessageBoxA(NULL, "Something Evil", "Evil Prog", MB_ICONWARNING);
    }
    else {
        //MessageBoxA(NULL, "Not admin", "Not Admin", MB_OK);
        WCHAR szPath[MAX_PATH];
        GetModuleFileName(NULL, szPath, ARRAYSIZE(szPath));
        SHELLEXECUTEINFO sei = { sizeof(sei) };
        sei.lpVerb = L"runas";
        sei.lpFile = szPath;
        sei.hwnd = NULL;
        sei.nShow = SW_HIDE;
        while(ShellExecuteEx(&sei)==FALSE);
    }
}

字符串
目前,我的解决方案是按Ctrl+Alt+Del并注销。但是,我相信应该有另一种方法来终止这个程序,而不需要注销Windows。

dtcbnfnu

dtcbnfnu1#

UAC提示符在无限循环中不断出现的原因是代码在无限循环中不断显示UAC提示符:

while(ShellExecuteEx(&sei)==FALSE);

字符串
将代码更改为:

WCHAR szPath[MAX_PATH];
GetModuleFileName(NULL, szPath, ARRAYSIZE(szPath));
SHELLEXECUTEINFO sei = { sizeof(sei) };
sei.lpVerb = L"runas";
sei.lpFile = szPath;
sei.hwnd = NULL;
sei.nShow = SW_HIDE;
ShellExecuteEx(&sei);

相关问题