Hi all,


I have a Visual C++ 6.0 program that must retrieve all the information about the processes running in a windows machine. I manage to get almost all the information, but I'm not being able of getting the running state of the processes (running, sleeping, blocked, etc.). I've found some code in MSDN but it doesn't work. Please, do anybody know about a way of doing this?. Please it's very urgent.

Thank you very much.

Here is how the "not responding" state is determined:
A window is not responding if the thread that created that window has not called GetMessage, PeekMessage, WaitMessage, or SendMessage within the past five seconds. The code in Figure 2 demonstrates this. First, build and run the application in Figure 2, then run the Task Manager. The Task Manager will indicate that the application is Running. Next, click the right mouse button over the message box. This causes the thread to sleep for 10 seconds, not calling the message box's GetMessage loop. If you now watch the Task Manager, it will update its display (in about five seconds) to show that the application is Not Responding. If you wait another five seconds or so, the Task Manager will again update its display to show that the application is Responding.
Every few seconds, the Task Manager walks through its list of displayed windows. For each window, the Task Manager makes the following call:

DWORD dwResult;
BOOL fResponding = SendMessageTimeout(hwndInQuestion,
WM_NULL, 0, 0, SMTO_ABORTIFHUNG, 5000, &dwResult);
// fResponding is TRUE if the thread is responding and
// FALSE if not.

This call attempts to send a WM_NULL message (what should be a benign message) to a window. If the thread that created that window has not called GetMessage, PeekMessage, WaitMessage, or SendMessage within the past five seconds, SendMessageTimeout returns immediately because the SMTO_ABORTIFHUNG flag was specified. If the system doesn't think the thread that created the window is hung, then it tries to send the message to the window. If the thread isn't busy, it will process the message immediately and return. If the thread is busy, the Task Manager's thread waits for up to 5,000 milliseconds for the message to be processed. If the message cannot be processed, SendMessageTimeout returns FALSE, which indicates the window—more correctly, the thread—is not responding.

First of all I would like to express my gratitude for your quick response. I need to know the state of all the running process in the local machine (at least the ones that belong to users), in other words, for each process I need to know if they are sleeping, running, and so on, not only the ones that have threads than open a window. But I'm beginning to think that in windows the concept of "task" and "process" it's not the same as in linux. I would like to know if, in windows, the state is associated not to the process but to the task (in the sense of application). In linux I think that these concepts are similar between them and each single process (even in the case that several processes belongs to the same application) has its own running state. My program must be multiplatform, this is the reason why I need to know in windows the state of each single process as I do in Linux. I don't know if it's possible.

Sorry for my English, I hope you manage to understand all this mess.
Thank you!!!

this link might help ya
How To Enumerate Applications Using Win32 APIs (http://support.microsoft.com/kb/q175030)

I don't understand your meaning of get the infomation of process in windows;
I have some ideas, I hope that it can help you;

Enum all current system Process, and get every process infomation.
#include <tlhelp32.h>

typedef BOOL (__stdcall *PGetProcessMemoryInfo)(
HANDLE Process, // handle to process
PPROCESS_MEMORY_COUNTERS ppsmemCounters, // buffer
DWORD cb // size of buffer
);

PGetProcessMemoryInfo pfGetProcessMemoryInfo;

BOOL GetProcessList()
{
HANDLE hProcessSnap = NULL;
BOOL bRet = FALSE;
PROCESSENTRY32 pe32 = {0};
int iCount = 0;
// Take a snapshot of all processes in the system.
pfGetProcessMemoryInfo
= (PGetProcessMemoryInfo)GetProcAddress(LoadLibrary("psapi"),"GetProcessMemoryInfo");
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hProcessSnap == INVALID_HANDLE_VALUE)
return (FALSE);
// Fill in the size of the structure before using it.
pe32.dwSize = sizeof(PROCESSENTRY32);
PPROCESS_MEMORY_COUNTERS pmc;
ZeroMemory(&pmc,sizeof(pmc));
// Walk the snapshot of the processes, and for each process,
// display information.
if (Process32First(hProcessSnap, &pe32))
{
DWORD dwPriorityClass;
BOOL bGotModule = FALSE;
MODULEENTRY32 me32 = {0};
do
{
bGotModule = GetProcessModule(pe32.th32ProcessID,
pe32.th32ModuleID+1, &me32, sizeof(MODULEENTRY32));
sprintf(szTemp,"Module%d",count++);
if (bGotModule)
{
HANDLE hProcess;
// Get the actual priority class.
hProcess = OpenProcess (PROCESS_ALL_ACCESS,
FALSE, pe32.th32ProcessID);
pfGetProcessMemoryInfo(hProcess,pmc,sizeof(pmc));//获取内存信息
dwPriorityClass = GetPriorityClass (hProcess);
CloseHandle (hProcess);
//your code .............
//..........
RefreshThreadList(pe32.th32ProcessID,iCount);
iCount ++;
}
} while (Process32Next(hProcessSnap, &pe32));
bRet = TRUE;
}
else
bRet = FALSE; // could not walk the list of processes
// Do not forget to clean up the snapshot object.
CloseHandle (hProcessSnap);
return (bRet);
}

BOOL GetProcessModule(DWORD dwPID, DWORD dwModuleID, LPMODULEENTRY32 lpMe32, DWORD cbMe32)
{
BOOL bRet = FALSE;
BOOL bFound = FALSE;
HANDLE hModuleSnap = NULL;
MODULEENTRY32 me32 = {0};
// Take a snapshot of all modules in the specified process.
hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPID);
//hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, dwPID);
if (hModuleSnap == INVALID_HANDLE_VALUE)
return (FALSE);
// Fill the size of the structure before using it.
me32.dwSize = sizeof(MODULEENTRY32);

// Walk the module list of the process, and find the module of
// interest. Then copy the information to the buffer pointed
// to by lpMe32 so that it can be returned to the caller.
if (Module32First(hModuleSnap, &me32))
{
do
{
if (me32.th32ModuleID == dwModuleID)
{
CopyMemory (lpMe32, &me32, cbMe32);
bFound = TRUE;
}
}
while (!bFound && Module32Next(hModuleSnap, &me32));

bRet = bFound; // if this sets bRet to FALSE, dwModuleID
// no longer exists in specified process
}
else
bRet = FALSE; // could not walk module list
// Do not forget to clean up the snapshot object.
CloseHandle (hModuleSnap);
return (bRet);
}

DWORD CEmuteFileDlg::RefreshThreadList(DWORD dwOwnerPID,int iCount)
{
HANDLE hThreadSnap = NULL;
BOOL bRet = FALSE;
THREADENTRY32 te32 = {0};
int Step = 1;
// Take a snapshot of all threads currently in the system.
hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
if (hThreadSnap == INVALID_HANDLE_VALUE)
return (FALSE);
// Fill in the size of the structure before using it.
te32.dwSize = sizeof(THREADENTRY32);
// Walk the thread snapshot to find all threads of the process.
// If the thread belongs to the process, add its information
// to the display list.
if (Thread32First(hThreadSnap, &te32))
{
do
{
CString str,strList;
if (te32.th32OwnerProcessID == dwOwnerPID)
{
//your Code.........
//........
Step ++;
}
}
while (Thread32Next(hThreadSnap, &te32));
bRet = TRUE;
}
else
bRet = FALSE; // could not walk the list of threads
// Do not forget to clean up the snapshot object.
CloseHandle (hThreadSnap);
return (bRet);
}

Thanks for your reply, I used this code to develop my program. I have all the information about processes I want, except the running (or scheduling, as you prefer) state of the processes, I mean, if the process is sleeping, running , blocked etc. I want to know this state for each process, I have all the other information yet.

Thank you very much.

I don't think there is a concept in windows which divides processes into sleeping, running and blocked.
If you think there is, then please define "sleeping" and "blocking"!

You are right, I've been searching a lot and it seems that processes in windows don't have an scheduling state (running, sleeping, zombi, etc) like in linux. But it seems too, that these states are associated to the subprocesses (threads) owned by the process. I mean, a process can launch several subprocesses that can be in the following states:

Aborted
AbortRequested
Background
Running
Stopped
StopRequested
Suspended
SuspendRequested
Unstarted
WaitSleepJoin

You can find it there:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemthreadingthreadstateclasstopic.asp

And supossing that this state of the threads of each process can be read using Visual Sutudio 6.0, does anybody think that a general scheduling state of the parent process may be obtained, taking into account the state of its owned threads???

Thanks a lot again.

Maybe this information will help you:

Scheduling Priorities (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dllproc/base/scheduling_priorities.asp)
Context Switches (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dllproc/base/context_switches.asp)
Supending Thread Execution (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dllproc/base/suspending_thread_execution.asp)

Also, check out "psapi" on msdn. If you are making a process manager, another useful tool for NT systems is GetModuleFileNameEx(). You can reveal the full path to the file which is a running process. Example: explorer.exe -> C:\WINDOWS\explorer.exe. Just be sure to error handle this out for Win9x systems, or the app will crash.