Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Task Manager

13 May 2011   #1
Shadowjk

Windows 7 Professional x64 SP1 ; Windows Server 2012 R2 Standard
 
 
Task Manager

Hey guys,

Just found something that could be useful if you have a Virus or something like that ,

It is a Microsoft Office excel Spreadsheet

You will need to enable Macros for it to work

Also to use the commands just place the Letter that you want E.G "t" For Terminate into the Command Column and then click Execute commands


Task Manager-macros.jpg

Hope This Helps,
Josh




Attached Files
File Type: zip TaskManager.zip (23.0 KB, 16 views)
My System SpecsSystem Spec
.
13 May 2011   #2
fafhrd

Win 7 Ult + Starter, XP Pro +Home, 2kAS, Linux Mint 8, SuperOS
 
 

Looks like something that could easily give you a virus or something like that!

If you did not create it yourself, it would be polite to reference the original source.
My System SpecsSystem Spec
13 May 2011   #3
Shadowjk

Windows 7 Professional x64 SP1 ; Windows Server 2012 R2 Standard
 
 

A trusted Friend of mine made it ... I will (With his consent) Give you the email Address for him via PM if you would like to ask further questions

This is the Macros Code for the Workbook

Code:
Option Explicit

Private Const TH32CS_SNAPHEAPLIST = &H1
Private Const TH32CS_SNAPPROCESS = &H2
Private Const TH32CS_SNAPTHREAD = &H4
Private Const TH32CS_SNAPMODULE = &H8
Private Const TH32CS_INHERIT = &H80000000
Private Const MAX_PATH = 260
Private Const INVALID_HANDLE_VALUE = -1&
Private Const PROCESS_TERMINATE = &H1
Private Const PROCESS_QUERY_INFORMATION = &H400
Private Const THREAD_SUSPEND_RESUME = &H2
Private Const TOKEN_QUERY = &H8
Private Const TokenUser = 1

Private Type PROCESSENTRY32
    dwSize As Long
    cntUsage As Long
    th32ProcessID As Long
    th32DefaultHeapID As Long
    th32ModuleID As Long
    cntThreads As Long
    th32ParentProcessID As Long
    pcPriClassBase As Long
    dwFlags As Long
    szExeFile As String * MAX_PATH
End Type

Private Type THREADENTRY32
    dwSize As Long
    cntUsage As Long
    th32ThreadID As Long
    rh32OwnerProcessID As Long
    tpBasePri As Long
    tpDeltaPri As Long
    dwFlags As Long
End Type

Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal lFlags As Long, ByVal lProcessID As Long) As Long
Private Declare Sub CloseHandle Lib "kernel32" (ByVal hPass As Long)
Private Declare Function Process32First Lib "kernel32" (ByVal hSnapshot As Long, sPE32 As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapshot As Long, sPE32 As PROCESSENTRY32) As Long
Private Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccessas As Long, ByVal bInheritHandle As Boolean, ByVal dwProcId As Long) As Long
Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long
Private Declare Function Thread32First Lib "kernel32" (ByVal hSnapshot As Long, uProcess As THREADENTRY32) As Long
Private Declare Function Thread32Next Lib "kernel32" (ByVal hSnapshot As Long, uProcess As THREADENTRY32) As Long
Private Declare Function OpenThread Lib "kernel32.dll" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Boolean, ByVal dwThreadId As Long) As Long
Private Declare Function SuspendThread Lib "kernel32.dll" (ByVal hThread As Long) As Integer
Private Declare Function ResumeThread Lib "kernel32.dll" (ByVal hThread As Long) As Integer
Private Declare Function OpenProcessToken Lib "advapi32.dll" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, ByRef TokenHandle As Long) As Long
Private Declare Function GetTokenInformation Lib "advapi32.dll" (ByVal TokenHandle As Long, ByVal TokenInformationClass As Long, TokenInformation As Any, ByVal TokenInformationLength As Long, ByRef ReturnLength As Long) As Long
Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (ByRef pTo As Any, ByRef uFrom As Any, ByVal lSize As Long)
Private Declare Function GetLastError Lib "kernel32" () As Long
Private Declare Function LookupAccountSid Lib "advapi32.dll" Alias "LookupAccountSidA" (ByVal lpSystemName As String, ByVal Sid As Long, ByVal name As String, cbName As Long, ByVal ReferencedDomainName As String, cbReferencedDomainName As Long, peUse As Long) As Long
   
Private Function GetProcessOwner(ByVal lProcessID As Long) As String
    Dim hProcess As Long
    Dim hToken As Long
    Dim lNeeded As Long
    Dim abBuffer() As Byte
    Dim lpSid As Long
    Dim lpString As Long
    Dim strAccountName As String
    Dim lAccountName As Long
    Dim strDomainName As String
    Dim lDomainName As Long
    Dim peUse As Long
   
    GetProcessOwner = "Unknown"
    hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, 0, lProcessID)
    If hProcess <> 0 Then
        If OpenProcessToken(hProcess, TOKEN_QUERY, hToken) <> 0 Then
            GetTokenInformation hToken, TokenUser, 0, 0, lNeeded
            ReDim abBuffer(0 To lNeeded)
            If GetTokenInformation(hToken, TokenUser, abBuffer(0), UBound(abBuffer), lNeeded) = 1 Then
                CopyMemory lpSid, abBuffer(0), 4
                strAccountName = Space(MAX_PATH)
                strDomainName = Space(MAX_PATH)
                lAccountName = MAX_PATH
                lDomainName = MAX_PATH
                If LookupAccountSid(vbNullString, lpSid, strAccountName, lAccountName, strDomainName, lDomainName, peUse) <> 0 Then
                    If strDomainName = "" Then
                        GetProcessOwner = Left(strAccountName, lAccountName)
                    Else
                        GetProcessOwner = Left(strDomainName, lDomainName) & "\" & Left(strAccountName, lAccountName)
                    End If
                End If
            End If
            Call CloseHandle(hToken)
        End If
        CloseHandle hProcess
    End If
End Function

Private Sub ProcessListToSheet(oCell)
    Dim hSnapshot As Long
    Dim sPE32 As PROCESSENTRY32
    Dim lRet As Long
    Dim strProcess As String
    Dim iIter As Integer
    Dim iColumn As Integer
    Dim iPositionNull As Integer
    
    hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0&)
    
    If hSnapshot <> INVALID_HANDLE_VALUE Then
        sPE32.dwSize = Len(sPE32)
        lRet = Process32First(hSnapshot, sPE32)
        
        iIter = oCell.Row
        iColumn = oCell.Column
        Do While lRet
            iPositionNull = InStr(1, sPE32.szExeFile, Chr(0))
            If iPositionNull > 0 Then
                strProcess = Left(sPE32.szExeFile, iPositionNull - 1)
            Else
                strProcess = ""
            End If
            Cells(iIter, iColumn).Value = strProcess
            Cells(iIter, iColumn + 1).Value = sPE32.th32ProcessID
            Cells(iIter, iColumn + 2).Value = GetProcessOwner(sPE32.th32ProcessID)
            iIter = iIter + 1
            lRet = Process32Next(hSnapshot, sPE32)
        Loop
        
        CloseHandle hSnapshot
    End If
End Sub

Private Sub SuspendProcessByID(ByVal lProcessID As Long, ByVal bSuspend As Boolean)
    Dim hSnapshot As Long
    Dim sTE32 As THREADENTRY32
    Dim hThread As Long
    Dim lRet As Long

    hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0&)
    
    If hSnapshot <> INVALID_HANDLE_VALUE Then
        sTE32.dwSize = Len(sTE32)
        lRet = Thread32First(hSnapshot, sTE32)
        
        Do While lRet
            If sTE32.rh32OwnerProcessID = lProcessID Then
                hThread = OpenThread(THREAD_SUSPEND_RESUME, False, sTE32.th32ThreadID)
                If hThread <> 0 Then
                    If bSuspend Then
                        SuspendThread hThread
                    Else
                        ResumeThread hThread
                    End If
                    CloseHandle hThread
                End If
            End If
            lRet = Thread32Next(hSnapshot, sTE32)
        Loop
        
        CloseHandle hSnapshot
    End If
End Sub

Private Sub TerminateProcessByID(ByVal lProcessID As Long)
    Dim hProcess As Long

    hProcess = OpenProcess(PROCESS_TERMINATE, 0, lProcessID)
    If hProcess <> 0 Then
        TerminateProcess hProcess, 0
        CloseHandle hProcess
    End If
End Sub

Private Sub ExecuteCommands(oCell)
    Dim iIter As Integer
    Dim iColumn As Integer
    
    iIter = oCell.Row
    iColumn = oCell.Column
    Do While Cells(iIter, iColumn + 1).Value <> ""
        Select Case LCase(Cells(iIter, iColumn).Value)
            Case "t":
                TerminateProcessByID Cells(iIter, iColumn + 2).Value
            Case "s":
                SuspendProcessByID Cells(iIter, iColumn + 2).Value, True
            Case "r":
                SuspendProcessByID Cells(iIter, iColumn + 2).Value, False
        End Select
        iIter = iIter + 1
    Loop
End Sub

Sub MacroProcessList()
    Range("A7:D65000").ClearContents
    ProcessListToSheet Range("B7")
    Range("A6:D65000").Sort "Process executable", xlAscending, header:=xlYes
End Sub

Sub MacroExecuteCommands()
    ExecuteCommands Range("A7")
End Sub
Task Manager-capture.jpg


My System SpecsSystem Spec
.

13 May 2011   #4
Shadowjk

Windows 7 Professional x64 SP1 ; Windows Server 2012 R2 Standard
 
 

Norton , MBAM and MSE Say that it is Clean.
My System SpecsSystem Spec
Reply

 Task Manager




Thread Tools




Similar help and support threads
Thread Forum
Game runs from Task Manager with New Task, not from shortcut or exe
I have installed this game, Singularity. The game worked fine for a week then suddenly It would crash as soon as it was opened from the desktop shortcut. The game is patched to it's latest version, I have direct x all other runtimes and PhysX installed from the CD. The shortcut it set to run as...
Gaming
Mutliple Outlook 2003 instance in task tray and task manager
Every now and then I look down at the task tray ...and whoa!!!! about a dozen instances of Outlook. See attached What is causing this? And how do I prevent it??
Microsoft Office
task manager
task manager will not open. I looked at old post but nothing there worked
General Discussion
Task Manager
Hi.. I attempted to right click on csrss.exe in Task Manager Processes so that I may identify this item, however, when I right click, window pops up (as with other apps). When I click on properties or open file location, nothing happens. Same results with winlogin.exe. Any thoughts?
Performance & Maintenance
task manager
so this is just an information question. i see a hand full of people posting pics of their tack manager on here and it is showing twice ass many processors as they list on their system specs and if you lookup the board it is only a singalcpu board why doe it show 12 cores on an i7 6 core? here is...
Software
Monitor Page file in task manager / resource manager
First, I apologize if this is a really basic question or already answered, I promise I did search, but I may be missing it. Question; I am installing more RAM in my system, and want to monitor the page file for improvement/reduction in size and use. Other than performance monitor, can I see...
Performance & Maintenance


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 13:10.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App