 |
 | another api
Member 2488056 | 22:26 11 Jan '10 |
|
|
You can use NtSuspendProcess and NtResumeProcess APIs too.(in ntdll.dll)
They're undocumented but useful. : )
|
|
|
|
|
| Thank you!
PaganBBD | 4:48 15 Apr '08 |
|
|
Very elegant.
You saved me 
|
|
|
|
|
 | How to query for a process's state
open_mind_core | 9:02 27 Mar '08 |
|
|
This tool is cool.
But let's say that I want to just query if a process is suspended, how can do that without calling SuspendThread/ResumeThread?
|
|
|
|
|
| Just wanted to say
Browner87! | 15:29 19 Nov '07 |
|
|
Just wanted to say you're a genius! I've been trying forever to do this in VB6 and it seems to be impossible. I used the code to hack an irritating program that resists having it's process ended (it auto-restatrs) but can't detect a suspend! I used this code with a VB app that calls your app with the processes PID as an argument and the program suspends! Thought I'd post the code in case anyone wants it! Thanx again!
Make sure you add a .RES file with pausep.exe in it in a 'folder' called EXES and make it resource number 101
[Put in a module]
Option Explicit
Private Declare Function CloseHandle Lib "kernel32.dll" (ByVal Handle As Long) As Long
Private Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccessas As Long, ByVal bInheritHandle As Long, ByVal dwProcId As Long) As Long
Private Declare Function EnumProcesses Lib "PSAPI.DLL" (ByRef lpidProcess As Long, ByVal cb As Long, ByRef cbNeeded As Long) As Long
Private Declare Function GetModuleFileNameExA Lib "PSAPI.DLL" (ByVal hProcess As Long, ByVal hModule As Long, ByVal ModuleName As String, ByVal nSize As Long) As Long
Private Declare Function EnumProcessModules Lib "PSAPI.DLL" (ByVal hProcess As Long, ByRef lphModule As Long, ByVal cb As Long, ByRef cbNeeded As Long) As Long
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, ByVal lpBuffer As Long, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (ByVal lpDst As Long, ByVal lpSrc As Long, ByVal ByteLen As Long)
Private Declare Function SetThreadAffinityMask Lib "kernel32.dll" (ByVal hThread As Long, ByVal dwThreadAffinityMask As Long) As Long
Private Declare Function GetProcessAffinityMask Lib "kernel32.dll" (ByVal hProcess As Long, ByRef lpProcessAffinityMask As Long, ByRef SystemAffinityMask As Long) As Boolean
Private Declare Function GetCurrentProcess Lib "kernel32.dll" () As Long
Private Declare Function SetProcessAffinityMask Lib "kernel32.dll" (ByVal hProcess As Long, ByRef dwProcessAffinityMask As Long) As Long
Private Const PROCESS_QUERY_INFORMATION As Long = 1024
Private Const PROCESS_VM_READ As Long = 16
Private Const MAX_PATH As Long = 260
Public Function GetProcessByName(ByVal EXEName As String) As Long
Dim cb As Long
Dim cbNeeded As Long
Dim NumElements As Long
Dim ProcessIDs() As Long
Dim cbNeeded2 As Long
Dim NumElements2 As Long
Dim Modules(1 To 200) As Long
Dim ModuleName As String
Dim hProcess As Long
Dim i As Long
Dim PIDs() As Long
ReDim PIDs(0)
cb = 8
cbNeeded = 192 '96
Do While cb <= cbNeeded
cb = cb * 2
ReDim ProcessIDs(cb / 4) As Long
EnumProcesses ProcessIDs(1), cb, cbNeeded
Loop 'While ProcessIDs(1) <> 0
NumElements = cbNeeded / 4
For i = 1 To NumElements
hProcess = OpenProcess(PROCESS_QUERY_INFORMATION Or PROCESS_VM_READ, 0, ProcessIDs(i))
If hProcess <> 0 Then
If EnumProcessModules(hProcess, Modules(1), 200, cbNeeded2) <> 0 Then
ModuleName = Space(MAX_PATH)
'Debug.Print Left$(ModuleName, GetModuleFileNameExA(hProcess, Modules(1), ModuleName, 500))
If (InStr(1, Left$(ModuleName, GetModuleFileNameExA(hProcess, Modules(1), ModuleName, 500)), EXEName, vbTextCompare) > 0) Then
ReDim Preserve PIDs(UBound(PIDs) + 1)
PIDs(UBound(PIDs)) = hProcess 'ProcessIDs(i)
GetProcessByName = ProcessIDs(i) 'hProcess
Exit Function
End If
End If
End If
CloseHandle hProcess
Next
GetProcessByName = PIDs(UBound(PIDs))
End Function
Private Sub Main()
Dim PID As Long
PID = GetProcessByName("xxxxxxxxxx.exe")
If Len(Dir(App.Path & "\pausep.exe")) <= 0 Then
Dim k As Long, e() As Byte
e = LoadResData(101, "EXES")
k = FreeFile
Open App.Path & "\pausep.exe" For Binary Access Write Lock Read As k
Put k, , e
Close k
End If
Shell App.Path & "\pausep.exe " & PID
Do
On Error Resume Next
Kill App.Path & "\pausep.exe"
DoEvents
Loop Until Len(Dir(App.Path & "\pausep.exe")) <= 0
MsgBox "Done!"
End Sub
I have not failed 1000 times, I have successfully identified 1000 ways that will not work! 
-- modified at 20:35 Monday 19th November, 2007
|
|
|
|
|
| Memory Leak
keremsback | 5:36 17 Nov '06 |
|
|
CloseHandle causes memoryleak according to MSDN:
The snapshot returned is a copy of the current state of the system.
To close a snapshot, call the CloseToolhelp32Snapshot function.
Do not call the CloseHandle function to close the snapshot call. That generates a memory leak.
|
|
|
|
|
| Process checkpointing
Real_Jeezy | 5:49 5 Nov '06 |
|
|
I'm looking for a program that can make a memory-dump of a process and is able to reload the dumpfile later so basically the process resumes from the save point
Kinda like when you put the PC in hibernation mode
But on a single process scale.
Anyone know of such programs existence?
Thanks
|
|
|
|
|
| I like it...
Slsa74 | 10:09 9 Oct '05 |
|
|
This is what I´ve been looking for!
I am working with a program called SaTScan which sometimes takes ages to complete a certain calculation. Plus it slows down the computer a lot. Now this little tool of yours suspends and resumes it without problems.
Thanks a lot. Johannes
|
|
|
|
|
| ToolHelp
B.Alas | 9:27 3 May '05 |
|
|
Very simple clear and nicely written example.
But I still can't find out how to suspend a thread without ToolHelp since WinNT4 doesn't support it. Psapi has no thread enumeration so Im pretty stuck here .
|
|
|
|
|
| Help!!!
jean_ni | 7:50 7 Apr '04 |
|
|
I'm presently working on a small application and I'm really stuck  .
The app takes a frame sent by my webcam, do something on it (in that case, add a VRML object to the scene) and proceed to the next frame. I can communicate with the app using keyevent(ie. 'esc' quit the application, 'm' put som info on stdout, etc) in the main loop. However, I'd need to pause and resume that mainloop when some event occurs (ie after typing 't' to translate a volume, the user must enter how long is the translation...).
Any ideas?
I'm using C++ Visual Studio .NET 2003
Jean_ni
|
|
|
|
|
|
|
What does this have to do with this topic?
---
maximum 500 characters
|
|
|
|
|
| How to suspend/resume process on Win95?
tigra_woo | 16:17 12 Feb '04 |
|
|
I want to suspend/resume process on Win95, how to do?
|
|
|
|
|
|
|
Sorry, I can't help you, as I don't code on Win95 since, erm, mmm... 95. Wow, it has been 9 years already!
At least MSDN says that you can do OpenProcess, SuspendThread and ResumeThread on Win95, so I suspect that the problem is happening with my process listing code. Try to pass a known PID and see if it works...
Perl combines all the worst aspects of C and Lisp: a billion different sublanguages in one monolithic executable. It combines the power of C with the readability of PostScript. -- Jamie Zawinski
|
|
|
|
|
|
|
OpenThread API unsupported on Win95
|
|
|
|
|
|
|
There is a piece of software that, unlike Windows Taskmaster, does allow you to both see and suspend/resume processes. At least I think it has the same functionality you describe - I am myself no programmer.
It is called Process Explorer, copyright Mark Russinovich, from Sysinternals.com
It's been a great help to me in tracking down and suspending virus activitiy.
|
|
|
|
|
| access denied
xuchangchang | 15:33 3 Feb '04 |
|
|
While I want to suspend a thread in VC++,but return error code 0x00000005(Access denide),who know why?? thanks!
|
|
|
|
|
| WREY was kinda right
Hockey | 23:31 23 Oct '02 |
|
|
You need a simple app wizard gui.
Its like watching TV in black and white otherwise...
"An expert is someone who has made all the mistakes in his or her field" - Niels Bohr
|
|
|
|
|
| Risky, but useful too I guess
Nishant S | 0:06 5 Oct '02 |
|
|
|
| Doesn't do much.
WREY | 12:20 29 Sep '02 |
|
|
This sample is just a "Start".
All it does is produce a list of the various Processes currently running on your machine, which you could obtain anyway by using Task Manager.
It lacks an interface (e.g. checkboxes) by which the user could select which Processes he/she may want to suspend or resume.
I tried running it several times from Start->Run to see if I could cause it to suspend or resume Processes, and all I got, was a very quick flicker of the program indicating it had completed execution. IOW, I didn't have a chance to test for those other options.
If you are running VC++ 6.0, you will have to create your own Console Application project for this sample, because it was written for VC++ .NET, and the sample didn't come with a ".dsp" file.
If you were thinking of borrowing features from this sample to import into your own application, I cannot attest for its ability to do anything else, because I didn't get to see those features. The ONLY thing I know it does, is list Processes. That's it!
I did see code in there for it to suspend and resume Processes, (though I couldn't test them) but for everything else, meaning, any user interface, and the assigning of priorities to Processes (if that's something you might want to do after you've suspended one or several of them, etc.), you're on your own.
Lastly, if your Process name has more than two parts (e.g. System Idle Process), it will only report two (e.g. System Process).
William
|
|
|
|
|
|
|
It's a command line tool.
As such, you must run it from the command prompt.
Type cmd.exe at Start->Run and open a command prompt. Then use it from there.
But even if you use it PASSING THE PID from Start->Run it should pause a process.
It's a pitty people are so used to GUI applications that don't know how to use command line utilities anymore... 
I'll provide a soon .dsp for VC 6.0 users. I didn't because I thought most VC6.0 users would use the Project Converter Tool[^]
"In an organization, each person rises to the level of his own incompetence." Peter's Principle
|
|
|
|
|
|
|
Daniel Turini wrote:
It's a pitty people are so used to GUI applications that don't know how to use command line utilities anymore...
Right, those youngsters are so unflexible
Soon, the knowledge of command prompts will be lost forever, when the last man knowing it passes away 
--
Scanned MSDN Mag ad with YOUR name: www.magerquark.de/misc/CodeProject.html
See me: www.magerquark.de
|
|
|
|
|
|
|
I did recognize it was a Command Line tool, which is why I went to Start->Run and entered the full path of where the executable module was located, and ran it from there. That is how I got to see the flash of the list of Processes it displayed.
I was more fortunate in seeing the entire list without it disappearing on me when I ran it from the VC++ IDE.
But just to be fair and as thorough as possible, I did go back to Start->Run and following the pathname of where the executable module was located, I did append the PID of a utility that was currently running on my system, and received an error message from the system about not being able to locate the component.
When I removed the PID and ran just the pathname again, I could see the quick display of the list before it vanished. So I did try that effort as well.
Typing 'cmd.exe' to run a command line tool doesn't buy me anything more that what I am able to accomplish from Start->Run. AAMOF, it's preferable to run an application from Start->Run if that's all you want to do (which in this case was all I wanted to do).
Yes, I'll admit I am one of those people who prefer having a GUI with which to interface than having to revert back to the method we all had to deal with back there in the dark ages BEFORE GUI came along. GUI showed us there was a nicer and more convenient way of interfacing with the computer. (Pity those who refuse to come out of the darkness into the light.) For the extra effort going GUI requires, I don't mind it at all; I'll do it any day. It's either the lazy or the ignorant ones who continually bash GUI.
"Accept nothing short of perfection." The C++ Programming Language: 3rd Edition. Bjarne Stroustrup.
William
|
|
|
|
|
|
|
command line apps usually assume that they're being run from the command line (hence their name), and so will just exit when they finish. If you run such an app from start->run then the app will run, display it's output, and the windows will close the temporary console window.
If you actually want to see the output, then run it from a proper command prompt
--
Help me! I'm turning into a grapefruit!
|
|
|
|
|
|
|
> Pity those who refuse to come out of the darkness into the light.
Pity those who cannot figure out how to use a command line tool, despite the rather clear directions.
> It's either the lazy or the ignorant ones who continually bash GUI.
For one thing, using a command-line utility in a script is a lot easier to accomplish than trying to script a GUI-based one that was never intended for scripting anyway.
It's not a matter of coming out of the dark ages. It seems to me rather that you are unable to grasp the value of a command-line utility. Obviously you've never had any Linux experience. It's gaining popularity in case you haven't noticed, so I'd suggest getting used to working from a command prompt, 'cuz the command line utility is not about to die any time soon.
|
|
|
|
|
|
|
Grasp the value of "command line prompt" applications!!!!!! Is that all you can extol for "command line prompt" applications?
You've got to be kidding!!!!! What VALUE is there to grasp????? I've written and done my share of "command line prompt" applications years ago, and have no desire to revert back to the dark ages.
Open your eyes (and your mind while at it), and see for yourself that when given the choice of using a "command line prompt" or a GUI application, almost everyone choose the GUI one. That is a "no brainer"!! If users weren't happy and satisfied about using GUI systems (because it's nicer, more convenient and user-friendly to work with), the outcry would have been heard and known by now that there wouldn't be any GUI applications left around. Just use your brain and arrive at the conclusions yourself!!!!!
Not only are you one of the lazy and ignorant ones who bashes GUI (because you don't know how to program using it, and too lazy to learn), but you are also HYPOCRITICAL in your use of it. You bash it on one hand, but turn right around and use it.
In case you didn't know, you are up to your neck in the use of GUI by logging on to this website, and navigating its pages. All you do is click here and click there and things get done. And when you have to enter data, there is a window already prepared for you in which to enter the information, with the result waiting for you in a more pleasing and user-friendly setting. The ease and convenience of GUI surround you on this website everywhere you go, and everything you do. Still you bash it. If that isn't HYPOCRITICAL, then show us how superior "command line prompt" systems are, and write your own website using just "command line prompts", offering the services that this website does and lets see if it'll have the same kind of membership.
DO IT!!!!! PUT YOUR WORK WHERE YOUR MOUTH IS!!!!!
If you can't, then just shut up, OR go learn how to program using GUI.
William
|
|
|
|
|
|
|
WREY wrote:
DO IT!!!!! PUT YOUR WORK WHERE YOUR MOUTH IS!!!!!
If you can't, then just shut up, OR go learn how to program using GUI.
Hey, take it easy fellow. A console application is just a tool, like a GUI one. They try to solve different problems. This one was made to be used on extreme situations when poping fancy UIs could take forever, just like Kill.exe from the Resource Kit. I think we can see MS as the most successful GUI applications writer. And why do some of their applications are command line tools and do not have an UI? Why did they put on Windows XP several new console applications? Because they don't know how to do a UI? Because MS is lazy?
My latest articles:
XOR tricks for RAID data protection
Win32 process suspend/resume tool
|
|
|
|
|
