/[RomCheater]/trunk/Win32/libWin32/Win32/Threading/ThreadControl.cs
ViewVC logotype

Annotation of /trunk/Win32/libWin32/Win32/Threading/ThreadControl.cs

Parent Directory Parent Directory | Revision Log Revision Log


Revision 101 - (hide annotations) (download)
Thu May 10 09:53:16 2012 UTC (8 years, 8 months ago) by william
File size: 3118 byte(s)

1 william 88 using System;
2     using System.Collections.Generic;
3     using System.Text;
4     using System.Runtime.InteropServices;
5     using System.Diagnostics;
6     using System.Security.Principal;
7    
8     namespace libWin32.Win32.Threading
9     {
10     public class ThreadControl
11     {
12     [DllImport("kernel32.dll")]
13     static extern IntPtr OpenThread(ThreadAccess dwDesiredAccess, bool bInheritHandle, uint dwThreadId);
14     [DllImport("kernel32.dll")]
15     static extern uint SuspendThread(IntPtr hThread);
16     [DllImport("kernel32.dll")]
17     static extern int ResumeThread(IntPtr hThread);
18    
19 william 101 [DllImport("kernel32.dll")]
20     public static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess, bool bInheritHandle, uint dwProcessId);
21 william 88 [DllImport("advapi32.dll", SetLastError = true)]
22     public static extern bool OpenProcessToken(IntPtr ProcessHandle, UInt32 DesiredAccess, out IntPtr TokenHandle);
23     [DllImport("kernel32.dll", SetLastError = true)]
24     [return: MarshalAs(UnmanagedType.Bool)]
25 william 100 public static extern bool CloseHandle(IntPtr hObject);
26 william 88
27 william 100
28 william 88 public static void SuspendProcess(int PID)
29     {
30     try
31     {
32     Process proc = Process.GetProcessById(PID);
33    
34     if (proc.ProcessName == string.Empty) return;
35     foreach (ProcessThread pT in proc.Threads)
36     {
37     IntPtr pOpenThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)pT.Id);
38     if (pOpenThread == IntPtr.Zero) { break; }
39     SuspendThread(pOpenThread);
40     }
41     }
42     catch { }
43     }
44    
45     public static void ResumeProcess(int PID)
46     {
47     try
48     {
49     Process proc = Process.GetProcessById(PID);
50     if (proc.ProcessName == string.Empty) return;
51     foreach (ProcessThread pT in proc.Threads)
52     {
53     IntPtr pOpenThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)pT.Id);
54     if (pOpenThread == IntPtr.Zero) { break; }
55     ResumeThread(pOpenThread);
56     }
57     }
58     catch { }
59     }
60    
61     public static string GetProcessOwner(IntPtr handle, out bool IsSystem)
62     {
63     IntPtr ph = IntPtr.Zero;
64     IsSystem = false;
65     try
66     {
67 william 101 ThreadControl.OpenProcessToken(handle, (uint)ProcessTokenFlags.TOKEN_QUERY, out ph);
68 william 88 WindowsIdentity wi = new WindowsIdentity(ph);
69     IsSystem = wi.IsSystem;
70     string name = wi.Name;
71     int slash_index = name.IndexOf("\\") + 1;
72     name = name.Remove(0, slash_index);
73     return name;
74     }
75     catch
76     {
77     // ignore
78     }
79     finally
80     {
81     if (ph != IntPtr.Zero) { ThreadControl.CloseHandle(ph); }
82     }
83     return "";
84     }
85     }
86     }

  ViewVC Help
Powered by ViewVC 1.1.22