i am using this code for suspend process.i found it here http://www.codeproject.com/KB/threads/pausep.aspx
BOOL SuspendResumeThreadList(DWORD dwOwnerPID, bool bResumeThread)
{
HANDLE hThreadSnap = NULL;
BOOL bRet = FALSE;
THREADENTRY32 te32 = {0};
hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
if (hThreadSnap == INVALID_HANDLE_VALUE)
return (FALSE);
te32.dwSize = sizeof(THREADENTRY32);
if (Thread32First(hThreadSnap, &te32))
{
do
{
if (te32.th32OwnerProcessID == dwOwnerPID)
{
HANDLE hThread = OpenThread(THREAD_SUSPEND_RESUME, FALSE, te32.th32ThreadID);
if (bResumeThread)
{
//cout << _T("Resuming Thread 0x") << cout.setf( ios_base::hex ) << te32.th32ThreadID << '\n';
ResumeThread(hThread);
}
else
{
//cout << _T("Suspending Thread 0x") << cout.setf( ios_base::hex ) << te32.th32ThreadID << '\n';
SuspendThread(hThread);
}
CloseHandle(hThread);
}
}
while (Thread32Next(hThreadSnap, &te32));
bRet = TRUE;
}
else
bRet = FALSE;
CloseHandle (hThreadSnap);
return (bRet);
}
Now i want a way to find if the process is suspended or not ??? please help me.
If I remember correct you can use NtQuerySystemInformation for this purpose. With NtQuerySystemInformation you can get SYSTEM_PROCESS_INFORMATION structure by iterating over array of SYSTEM_PROCESS_INFORMATION and looking for the PID of the target process. You can find detailed description of SYSTEM_PROCESS_INFORMATION in Wine sources here. After you get process information structure just look at SYSTEM_THREAD_INFORMATION where you can check state of thread. For more details about structures and enums look at Wine sources.
来源:https://stackoverflow.com/questions/4510534/how-to-find-if-the-process-is-suspended-or-not