bcb中查杀进程的方法

在我们的程序中，如果我们用ShellExecute打开了程序，但是没办法关闭，以下是一种方法：

ShellExecute(Handle, "Open", "Display.exe", NULL, NULL, SW_SHOWNORMAL);

函数原形如下所示：

HINSTANCE ShellExecute(

    HWND hwnd,                           // 父窗体的句柄
    LPCTSTR lpOperation,         //指向操作字符串的指针
    LPCTSTR lpFile,                    //指向文件名或者文件夹名的字符串指针
    LPCTSTR lpParameters,    //指向可执行文件参数的指针，也即传入可执行文件的参数，如果有的话 
    LPCTSTR lpDirectory,          //指向默认目录的指针，也即进行操作时，默认的目录是哪个
    INT nShowCmd                    //指示文件打开后以什么方式显示
   ); 
 

参数：

hwnd ：标识一个父窗体，这个窗体接收任何利用此函数打开的应用程序消息对话框。

lpOperation：指向一个以NULL结尾的字符串标识利用此函数进行何种操作的指针。以下为可用的操作字符串

字符串含义：
"open" 打开文件。所打开的文件可以是可执行文件或者是文档，也可以是一个文件夹.
"print" 打印文件。所打印的文件必须是一个文档，如果打印的文件是一个可执行文件，则函数打开可执行文件
"explore" 浏览文件夹.
 

lpOperation参数可以是 NULL.那样的话，这个函数打开lpFile指向的文件.

lpFile：指向一个以NULL结尾的字符串，标识需要被打开或者被打印或者打开文件夹或者浏览文件夹的文件名。这个函数可以打开一个可执行文件或者一个文档文件，并可以打印一个文档文件

lpParameters：如果lpFile指向的是一个可执行文件，则该参数就是一个指向以NULL结尾的字符串指针，该字符串是需要被传入可执行文件的参数。如果lpFile指向的是一个文档文件。则该参数必须是NULL

lpDirectory：一个以NULL结尾的文件目录字符串指针，用来标识默认打开的目录

nShowCmd：如果lpFile是一个可执行文件，则该参数标识了应用程序打开后如何显示：
SW_HIDE 隐藏这个窗体并激活另一个窗体
SW_MAXIMIZE 最大化该窗体.
SW_MINIMIZE 最小化该窗体并且激活下一个顶级窗体
SW_RESTORE 激活并显示窗体，若果该窗体处于最小化或者最大化状态，Windows存储该窗体的常规位置和尺寸。一个应用程序应该使用该参数当存储一个最小化窗体时.
SW_SHOW 激活此窗体并以它当前大小和位置显示
SW_SHOWDEFAULT 设置显示状态基于STARTUPINFO中 SW_ flag的值通过 CreateProcess函数串送过来specified in the STARTUPINFO structure passed to the CreateProcess function by the program that started the application. An application should call ShowWindow with this flag to set the initial show state of its main window.
SW_SHOWMAXIMIZED Activates the window and displays it as a maximized window.
SW_SHOWMINIMIZED Activates the window and displays it as a minimized window.
SW_SHOWMINNOACTIVE Displays the window as a minimized window. The active window remains active.
SW_SHOWNA Displays the window in its current state. The active window remains active.
SW_SHOWNOACTIVATE Displays a window in its most recent size and position. The active window remains active.
SW_SHOWNORMAL Activates and displays a window. If the window is minimized or maximized, Windows restores it to its original size and position. An application should specify this flag when displaying the window for the first time.
 

If lpFile specifies a document file, nShowCmd should be zero.

 

Return Values

If the function succeeds, the return value is the instance handle of the application that was run, or the handle of a dynamic data exchange (DDE) server application.
If the function fails, the return value is an error value that is less than or equal to 32. The following table lists these error values:

Value Meaning
0 The operating system is out of memory or resources.
ERROR_FILE_NOT_FOUND The specified file was not found.
ERROR_PATH_NOT_FOUND The specified path was not found.
ERROR_BAD_FORMAT The .EXE file is invalid (non-Win32 .EXE or error in .EXE image).
SE_ERR_ACCESSDENIED The operating system denied access to the specified file.
SE_ERR_ASSOCINCOMPLETE The filename association is incomplete or invalid.
SE_ERR_DDEBUSY The DDE transaction could not be completed because other DDE transactions were being processed.
SE_ERR_DDEFAIL The DDE transaction failed.
SE_ERR_DDETIMEOUT The DDE transaction could not be completed because the request timed out.
SE_ERR_DLLNOTFOUND The specified dynamic-link library was not found.
SE_ERR_FNF The specified file was not found.
SE_ERR_NOASSOC There is no application associated with the given filename extension.
SE_ERR_OOM There was not enough memory to complete the operation.
SE_ERR_PNF The specified path was not found.
SE_ERR_SHARE A sharing violation occurred.
 

Remarks

The file specified by the lpFile parameter can be a document file or an executable file. If the file is a document file, the ShellExecute function opens or prints it, depending on the value of the lpOperation parameter. If the file is an executable file, the ShellExecute function opens it, even if lpOperation specifies printing.
You can use ShellExecute to open or explore a shell folder. To open a folder, use either of the following calls:

ShellExecute(handle, NULL, path_to_folder, NULL, NULL, SW_SHOWNORMAL);

or
 

ShellExecute(handle, "open", path_to_folder, NULL, NULL, SW_SHOWNORMAL);
 

To explore a folder, use the following call:

ShellExecute(handle, "explore", path_to_folder, NULL, NULL, SW_SHOWNORMAL);
 

If lpOperation is NULL, the function opens the file specified by lpFile. If lpOperation is "open" or "explore", the function will force an open window or explorer.

// 给系统中所有进程拍快照
    HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    PROCESSENTRY32 pe32 = {0};
    pe32.dwSize = sizeof(PROCESSENTRY32);
    // 遍历拍下来的所有进程
    if (Process32First(hProcessSnap, &pe32))
    {
        do
        {
            if (pe32.th32ProcessID && !(strcmp(pe32.szExeFile, "Display.exe"))){
                HANDLE hDisplay = OpenProcess(PROCESS_ALL_ACCESS, 0, pe32.th32ProcessID);
                TerminateProcess(hDisplay, 0);
            }
        } while (Process32Next(hProcessSnap, &pe32));
    }
    CloseHandle(hProcessSnap);