delphi 进程处理的几个实用技巧

1.  进程的挂起与恢复

// 进程挂起与恢复
function SuspendProcess(hProcess:THandle):DWORD;stdcall;external 'ntdll.dll' Name 'ZwSuspendProcess';
function ResumeProcess(hProcess:THandle):DWORD;stdcall;external 'ntdll.dll' Name 'ZwResumeProcess';

//进程挂起与恢复结束

function GetFilePaths(H:PChar):string;
var
  name:HWND;
  pid:DWORD;
  irad,hprocess:Cardinal;
  processhwnd:THandle;
 buf:array [0..MAX_PATH] of Char;
begin
  name:=FindWindow(nil,h);
  GetWindowThreadProcessId(name,@pid);//获取进程id
  processhwnd:=OpenProcess(PROCESS_ALL_ACCESS,False,pid);//获取进程句柄
  GetModuleFileNameEx(processhwnd, 0, buf, Length(buf));
  CloseHandle(processhwnd);
  Result := buf;
end;

2..查指定进程 PID

// 指定进程的PID

function GetProcessIDFromExename(ExeName: string): Cardinal;
const
PROCESS_TERMINATE = $0001;
var
ContinueLoop: BOOLEAN;
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin
Result := 0;
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize := SizeOf(FProcessEntry32);
ContinueLoop := Process32First(FSnapshotHandle, FProcessEntry32);
while Integer(ContinueLoop) <> 0 do
begin
if (LowerCase(ExtractFileName(FProcessEntry32.szExeFile)) =
LowerCase(ExeName)) then
Result := FProcessEntry32.th32ProcessID;
ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);
end;

3.根据指定进程的 PID  取进程路径

//　根据进程ID　取进程路径　
function TForm1.GetProcessPath(ProcessID: DWORD): string;
var
     Hand: THandle;
     ModName: Array[0..Max_Path-1] of Char;
     hMod: HModule;
     n: DWORD;
begin
     Result:='';
     Hand:=OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ,
                           False,
                           ProcessID);
     if Hand>0 then
     try
       ENumProcessModules(Hand,@hMod,Sizeof(hMod),n);
       if GetModuleFileNameEx(Hand,hMod,ModName,Sizeof(ModName))>0 then
         Result:=ExtractFilePath(ModName);
     except end;
end;

4. 查找进程  

 //查进程
 function CheckTask(ExeFileName: string): Boolean;
const
PROCESS_TERMINATE=$0001;
var
ContinueLoop: BOOL;
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin 
result := False;
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
FProcessEntry32.dwSize := Sizeof(FProcessEntry32);
ContinueLoop := Process32First(FSnapshotHandle,FProcessEntry32); 
while integer(ContinueLoop) <> 0 do begin
       if ((UpperCase(ExtractFileName(FProcessEntry32.szExeFile)) =UpperCase(ExeFileName)) 
       or (UpperCase(FProcessEntry32.szExeFile) =UpperCase(ExeFileName))) then 
         result := True;
       ContinueLoop := Process32Next(FSnapshotHandle,FProcessEntry32); 
end; 
end;

5. 杀进程

杀进程
function KillTask(ExeFileName:string):integer;
const
PROCESS_TERMINATE = $0001;
var
ContinueLoop: BOOLean;
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin
Result := 0;
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize := SizeOf(FProcessEntry32);
ContinueLoop := Process32First(FSnapshotHandle, FProcessEntry32);
while Integer(ContinueLoop) <> 0 do
begin
if ((UpperCase(ExtractFileName(FProcessEntry32.szExeFile)) = 
UpperCase(ExeFileName)) or (UpperCase(FProcessEntry32.szExeFile) =
UpperCase(ExeFileName))) then 
Result := Integer(TerminateProcess(
OpenProcess(PROCESS_TERMINATE, 
BOOL(0),
FProcessEntry32.th32ProcessID), 
0));
ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);
end;

....    等续....