/[RomCheater]/trunk/Win32/libWin32/Win32/Threading/ThreadControl.cs
ViewVC logotype

Contents of /trunk/Win32/libWin32/Win32/Threading/ThreadControl.cs

Parent Directory Parent Directory | Revision Log Revision Log


Revision 101 - (show annotations) (download)
Thu May 10 09:53:16 2012 UTC (8 years, 6 months ago) by william
File size: 3118 byte(s)

1 using System;
2 using System.Collections.Generic;
3 using System.Text;
4 using System.Runtime.InteropServices;
5 using System.Diagnostics;
6 using System.Security.Principal;
7
8 namespace libWin32.Win32.Threading
9 {
10 public class ThreadControl
11 {
12 [DllImport("kernel32.dll")]
13 static extern IntPtr OpenThread(ThreadAccess dwDesiredAccess, bool bInheritHandle, uint dwThreadId);
14 [DllImport("kernel32.dll")]
15 static extern uint SuspendThread(IntPtr hThread);
16 [DllImport("kernel32.dll")]
17 static extern int ResumeThread(IntPtr hThread);
18
19 [DllImport("kernel32.dll")]
20 public static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess, bool bInheritHandle, uint dwProcessId);
21 [DllImport("advapi32.dll", SetLastError = true)]
22 public static extern bool OpenProcessToken(IntPtr ProcessHandle, UInt32 DesiredAccess, out IntPtr TokenHandle);
23 [DllImport("kernel32.dll", SetLastError = true)]
24 [return: MarshalAs(UnmanagedType.Bool)]
25 public static extern bool CloseHandle(IntPtr hObject);
26
27
28 public static void SuspendProcess(int PID)
29 {
30 try
31 {
32 Process proc = Process.GetProcessById(PID);
33
34 if (proc.ProcessName == string.Empty) return;
35 foreach (ProcessThread pT in proc.Threads)
36 {
37 IntPtr pOpenThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)pT.Id);
38 if (pOpenThread == IntPtr.Zero) { break; }
39 SuspendThread(pOpenThread);
40 }
41 }
42 catch { }
43 }
44
45 public static void ResumeProcess(int PID)
46 {
47 try
48 {
49 Process proc = Process.GetProcessById(PID);
50 if (proc.ProcessName == string.Empty) return;
51 foreach (ProcessThread pT in proc.Threads)
52 {
53 IntPtr pOpenThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)pT.Id);
54 if (pOpenThread == IntPtr.Zero) { break; }
55 ResumeThread(pOpenThread);
56 }
57 }
58 catch { }
59 }
60
61 public static string GetProcessOwner(IntPtr handle, out bool IsSystem)
62 {
63 IntPtr ph = IntPtr.Zero;
64 IsSystem = false;
65 try
66 {
67 ThreadControl.OpenProcessToken(handle, (uint)ProcessTokenFlags.TOKEN_QUERY, out ph);
68 WindowsIdentity wi = new WindowsIdentity(ph);
69 IsSystem = wi.IsSystem;
70 string name = wi.Name;
71 int slash_index = name.IndexOf("\\") + 1;
72 name = name.Remove(0, slash_index);
73 return name;
74 }
75 catch
76 {
77 // ignore
78 }
79 finally
80 {
81 if (ph != IntPtr.Zero) { ThreadControl.CloseHandle(ph); }
82 }
83 return "";
84 }
85 }
86 }

  ViewVC Help
Powered by ViewVC 1.1.22