|
发表于 2009-9-18 09:24:45
|
显示全部楼层
#include <LocalSecurityAuthority.au3>
_AdjustToSystem()
Func _AdjustToSystem()
Local $sApp, $sArg, $aPriv[1][2] = [[$SE_RESTORE_NAME, 2]], $hToken
If $CmdLine[0] = 0 or $CmdLine[1] <> "-System" Then
If @Compiled Then
$sApp = @ScriptFullPath
$sArg = " -System"
Else
$sApp = @AutoItExe
$sArg = " " & FileGetShortName(@ScriptFullPath) & " -System"
EndIf
$iPid = _CreateProcessAsSystem($sApp, $sArg, "Winlogon.exe")
Exit
Else
$hToken = _OpenProcessToken(-1)
_AdjustTokenPrivileges($hToken, $aPriv)
_LsaCloseHandle($hToken)
EndIf
EndFunc ;==>_AdjustToSystem
$sUserLogged = _LsaGetUserName(0)
$aProcess = ProcessList("msiexec.exe")
For $i = 1 to $aProcess[0][0]
$hProcess = _OpenProcess($aProcess[$i][1], $READ_CONTROL)
$sOwner = _QueryKernelObjectSecurityOwner($hProcess)
If $sOwner = "Builtin\Administrators" Then $sOwner = "NT AUTHORITY\SYSTEM"
_LsaCloseHandle($hProcess)
$hProcess = 0
If $sOwner = $sUserLogged Then
If Msgbox(1, $aProcess[$i][0] & " - " & $aProcess[$i][1], "Whether terminate?") = 1 Then ProcessClose($aProcess[$i][1])
EndIf
Next |
|