You can't do it.

你不能这样做。

Raymond Chen on why this is a bad idea:

Raymond Chen 为什么这是一个坏主意：

http://blogs.msdn.com/oldnewthing/archive/2004/02/16/73780.aspx

http://blogs.msdn.com/oldnewthing/archive/2004/02/16/73780.aspx

You can make an unkillable process, but it won't be able to accomplish anything useful while it's unkillable. For example, one way to make a process unkillable is to have it make synchronous I/O requests to a driver that can never complete (for example, by deliberately writing a buggy driver). The kernel will not allow a process to terminate until the I/O requests finish.

您可以创建一个不可杀死的进程，但是当它不可杀死时，它将无法完成任何有用的事情。例如，使进程不可终止的一种方法是让它向永远无法完成的驱动程序发出同步 I/O 请求（例如，通过故意编写有缺陷的驱动程序）。在 I/O 请求完成之前，内核不允许进程终止。

So it's not quite true that you "can't do it" as some people are saying. But you wouldn't want to anyway.

因此，正如某些人所说的那样，您“做不到”并不完全正确。但无论如何你都不想。

That all depends on who shouldn't be able to kill that process. You usually have one interactively logged-on user. Running the process in that context will alow the user to kill it. It is her process so she can kill it, no surprise here.

这一切都取决于谁不应该终止该进程。您通常有一个以交互方式登录的用户。在该上下文中运行该进程将允许用户杀死它。这是她的过程，所以她可以杀死它，这并不奇怪。

If your user has limited privileges you can always start the process as another user. A user can't kill a process belonging to another user (except for the administrator), no surprise here as well.

如果您的用户权限有限，您始终可以以其他用户身份启动该过程。用户不能杀死属于另一个用户（管理员除外）的进程，这也不足为奇。

You can also try to get your process running with Local System privileges where, I think not even an administrator could kill it (even though he could gain permission to do so, iirc).

您还可以尝试使用本地系统权限运行您的进程，我认为即使是管理员也无法杀死它（即使他可以获得这样做的权限，iirc）。

In general, though, it's a terribly bad idea. Your process does not own the machine, the user does. The only unkillable process on a computer I know is the operating system and rightly so. You have to make sure that you can't hog resources (which can't be released because you're unkillable) and other malicious side-effects. Usually stuff like this isn't the domain of normal applications and they should stay away from that for a reason.

但总的来说，这是一个非常糟糕的主意。你的进程不拥有机器，用户拥有。我所知道的计算机上唯一不可杀死的进程是操作系统，这是正确的。您必须确保不能占用资源（因为您无法杀死而无法释放）和其他恶意副作用。通常像这样的东西不是普通应用程序的领域，出于某种原因他们应该远离它。

Depends on the users permission. If you run the program as administrator a normal user will not have enough permissions to kill your process. If an administrator tries to kill the process he will in most cases succeed. If you really want someone not to kill you process you should take a look at windows system services and driver development. In any case, please be aware that if a user cannot kill a process he is stuck with it, even though it behaves abnormally duo to bugs! You will find a huge wealth of these kind of programs/examples on the legal! site rootkit.com. Please respect the user.

取决于用户的权限。如果您以管理员身份运行该程序，普通用户将没有足够的权限来终止您的进程。如果管理员试图终止进程，他在大多数情况下会成功。如果您真的希望有人不要杀死您的进程，您应该查看 Windows 系统服务和驱动程序开发。在任何情况下，请注意，如果用户无法杀死一个进程，他就会陷入困境，即使它由于错误而表现异常！您会在法律上找到大量此类程序/示例！网站rootkit.com。请尊重用户。

It's a Win32 FAQ for decades. See Google Groups and Und. boards for well-known methods.(hooking cs and others...)
Noobs who answer "You can't do it" know nothing to Win32 programming : you can do everythingwith Win32 api...

这是几十年来的 Win32 常见问题解答。请参阅 Google 网上论坛和其他。众所周知的方法的板。（钩住cs和其他人......）
回答“你做不到”的菜鸟对Win32编程一无所知：你可以用Win32 api做任何事情......

What I've learned from malware:

我从恶意软件中学到的东西：

• Create a process that spawns a dozen of itself
• Each time you detect that one is missing (it was killed) spawn a dozen more.
• Each one should be a unique process name so that a batch process could not easily kill all of them by name
• Sequentially close and restart some of the processes to keep the pids changing which would also prevent a batch kill

• 创建一个产生十几个自身的进程
• 每次您检测到一个丢失（它被杀死）时，都会产生一打。
• 每个都应该是唯一的进程名称，以便批处理不能轻易地按名称杀死所有进程
• 依次关闭并重新启动一些进程以保持 pid 变化，这也将防止批量终止

There's not a 100% foolproof method, but it should be possible to protect a process this way. Unfortunately, it would require more knowlegde of the Windows security system API than I have right now, but the principle is simple: Let the application run under a different (administrator) account and set the security properties of the process object to the maximum. (Denying all other users the right to close the process, thus only the special administrator account can close it.) Set up a secondary service and make it run as a process guardian. It should have a lifeline to the protected application and when this lifeline gets cut (the application closes) then it should restart the process again. (This lifeline would be any kind of inter-process communications.) There are still ways to kill such an unkillable process, though. But that does require knowledge that most users don't really know about, so about 85% of all users won't have a clue to stop your process.

没有 100% 万无一失的方法，但应该可以通过这种方式保护进程。不幸的是，它需要比我现在拥有的更多的 Windows 安全系统 API 知识，但原理很简单：让应用程序在不同的（管理员）帐户下运行，并将进程对象的安全属性设置为最大。（拒绝所有其他用户关闭进程的权利，因此只有特殊的管理员帐户才能关闭它。）设置辅助服务并使其作为进程守护者运行。它应该有一条通往受保护应用程序的生命线，当这条生命线被切断（应用程序关闭）时，它应该再次重新启动进程。（这条生命线可以是任何类型的进程间通信。）不过，仍然有办法杀死这样一个不可杀死的进程。

Do keep in mind that there might be legal consequences to creating an application like this. For example, Sony created a rootkit application that installed itself automatically when people inserted a Sony music CD or game CD in their computer. This was part of their DRM solution. Unfortunately, it was quite hard to kill this application and was installed without any warnings to the users. Worse, it had a few weaknesses that would provide hackers with additional ways to get access to those systems and thus to get quite a few of them infected. Sony had to compensate quite a lot of people for damages and had to pay a large fine. (And then I won't even mention the consequences it had on their reputation.)

请记住，创建这样的应用程序可能会产生法律后果。例如，索尼创建了一个 rootkit 应用程序，当人们在他们的计算机中插入索尼音乐 CD 或游戏 CD 时，该应用程序会自动安装。这是他们 DRM 解决方案的一部分。不幸的是，很难杀死这个应用程序，并且安装时没有向用户发出任何警告。更糟糕的是，它有一些弱点，可以为黑客提供其他方法来访问这些系统，从而使很多系统受到感染。索尼不得不赔偿相当多的人的损失，并支付巨额罚款。（然后我什至不会提到它对他们声誉的影响。）

I would consider such an application to be legal onlywhen you install it on your own computer. If you're planning to sell this application to others, you musttell those buyers how to kill the process, if need be. I know Symantec is doing something similar with their software, which is exactly why I don't use their software anymore. It's my computer, so I should be able to kill any process I like.

我认为这样的应用程序只有在您将其安装在自己的计算机上时才是合法的。如果您打算将此应用程序出售给其他人，则必须告诉这些购买者如何在需要时终止该过程。我知道赛门铁克正在用他们的软件做类似的事情，这正是我不再使用他们软件的原因。这是我的电脑，所以我应该能够杀死我喜欢的任何进程。

I just stumbled upon this post while trying to find a solution to my own (unintentional) unkillable process problem. Maybe my problem will be your solution.

我只是在试图找到解决我自己的（无意的）无法杀死的进程问题的解决方案时偶然发现了这篇文章。也许我的问题将成为您的解决方案。

1. Use jboss Web Native to install a service that will run a batch file (modify service.bat so that it invokes your own batch file)
2. In your own batch file, invoke a java process that performs whatever task you'd like to persist
3. Start the service. If you view the process in process explorer, the resulting tree will look like:

1. 使用 jboss Web Native 安装一个将运行批处理文件的服务（修改 service.bat 使其调用您自己的批处理文件）
2. 在您自己的批处理文件中，调用一个 Java 进程来执行您想要保留的任何任务
3. 启动服务。如果您在流程资源管理器中查看流程，结果树将如下所示：

jbosssvc.exe -> cmd.exe -> java.exe

jbosssvc.exe -> cmd.exe -> java.exe

1. use taskkill from an administrative command prompt to kill cmd.exe. Jbosssvc.exe will terminate, and java.exe will be be an orphaned running process that (as far as I can tell) can't be killed. So far, I've tried with Taskmanager, process explorer (running as admin), and taskkill to no avail.

1. 从管理命令提示符使用 taskkill 杀死 cmd.exe。Jbosssvc.exe 将终止，而 java.exe 将是一个孤立的运行进程（据我所知）不能被杀死。到目前为止，我已经尝试过使用 Taskmanager、进程资源管理器（以管理员身份运行）和 taskkill 都无济于事。

Disclaimer: There are very few instances where doing this is a good idea, as everyone else has said.

免责声明：在极少数情况下，这样做是一个好主意，正如其他人所说的那样。

The oldest idea in the world, two processes that respawn each other?

世界上最古老的想法，两个相互重生的过程？