VB 制作一个程序挂起

把下面代码保存为Form1.frm文件，然后双击该文件运行。运行后输入进程ID，点“开始监视”，然后按F7即雀含虚可进行进程的挂起和继续动作了。

VERSION 5.00

Begin VB.Form frmMain

Caption = "Form1"顷燃

ClientHeight= 3105

ClientLeft = 60

ClientTop = 450

ClientWidth = 4680

LinkTopic = "Form1"

ScaleHeight = 3105

ScaleWidth = 4680

StartUpPosition = 3 '窗口缺省

Begin VB.CommandButton Command2

Caption = "停止监视"

Height = 495

Left= 2520

TabIndex= 2

Top = 1920

Width = 1095

End

Begin VB.CommandButton Command1

Caption = "开始监视"

Height = 495

Left= 840

TabIndex= 1

Top = 1920

Width = 1215

End

Begin VB.Timer Timer1

Enabled = 0 'False

Interval= 100

Left= 1920

Top = 1320

End

Begin VB.TextBox txtPid

Height = 375

Left= 1800

TabIndex= 0

Text= "123"

Top = 240

Width = 1695

End

End

Attribute VB_Name = "frmMain"

Attribute VB_GlobalNameSpace = False

Attribute VB_Creatable = False

Attribute VB_PredeclaredId = True

Attribute VB_Exposed = False

Private Declare Function GetAsyncKeyState Lib "user32" (ByVal vKey As Long) As Integer

Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long

Private Declare Function CloseHandle Lib "kernel32"老帆 (ByVal hObject As Long) As Long

Private Const SYNCHRONIZE = &H100000

Private Const STANDARD_RIGHTS_REQUIRED = &HF0000

Private Const PROCESS_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or &HFFF)

Private Declare Function NtSuspendProcess Lib "ntdll.dll" (ByVal hProc As Long) As Long

Private Declare Function NtResumeProcess Lib "ntdll.dll" (ByVal hProc As Long) As Long

Private hProcess As Long, ProcStat As Boolean

Private Sub cmdSuspend_Click() '挂起

If IsNumeric(txtPid.Text) Then

hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, CLng(txtPid.Text))

If hProcess <>0 Then

NtSuspendProcess hProcess

CloseHandle hProcess

End If

End If

End Sub

Private Sub cmdResume_Click() ' '继续

If IsNumeric(txtPid.Text) Then

hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, CLng(txtPid.Text))

If hProcess <>0 Then

NtResumeProcess hProcess

CloseHandle hProcess

End If

End If

End Sub

Private Sub Command1_Click()

ProcStat = False

Timer1.Enabled = True

End Sub

Private Sub Command2_Click()

Timer1.Enabled = False

End Sub

Private Sub Timer1_Timer()

If (GetAsyncKeyState(vbKeyF7) And &H7FFF) <>0 Then

If ProcStat = True Then

cmdResume_Click

ProcStat = False

Else

cmdSuspend_Click

ProcStat = True

End If

End If

End Sub

思路如下：挂起就是暂时的停止一个进孙闹拿程使用到API如下：OpenProcess和ZwSuspendProcess其中 ZwSuspendProcess 位于DLL库NTDLL.DLL中还有一个API函数就是CloseHandle用于关闭弯乱多则搭余句柄 源码如下：Dim h As Long

h = OpenProcess(2035711, 0, 你的进程ID)

ZwSuspendProcess h

CloseHandle h

差不多就是这个意思，我徒手写的代码，没用VB调试

这是绝对不可能的，那罩友样的话，病毒软件要突破杀毒软件的拦截那就真的是易如反掌了。Window系统的运行机制也决定了这是不可能的事辩闷樱，因为一个程序的运行是需要其它软件共同来辅助完成的，比如你的鼠标、你的键盘，它们的运行可不是你的程序携丛所能决定的，其他程序都挂起了，那么你的程序也会失去反应的。

---