/[RomCheater]/trunk/Win32/libWin32/Win32/Threading/ThreadControl.cs
ViewVC logotype

Contents of /trunk/Win32/libWin32/Win32/Threading/ThreadControl.cs

Parent Directory Parent Directory | Revision Log Revision Log


Revision 88 - (show annotations) (download)
Wed May 9 20:52:20 2012 UTC (9 years, 2 months ago) by william
File size: 2960 byte(s)

1 using System;
2 using System.Collections.Generic;
3 using System.Text;
4 using System.Runtime.InteropServices;
5 using System.Diagnostics;
6 using System.Security.Principal;
7
8 namespace libWin32.Win32.Threading
9 {
10 public class ThreadControl
11 {
12 [DllImport("kernel32.dll")]
13 static extern IntPtr OpenThread(ThreadAccess dwDesiredAccess, bool bInheritHandle, uint dwThreadId);
14 [DllImport("kernel32.dll")]
15 static extern uint SuspendThread(IntPtr hThread);
16 [DllImport("kernel32.dll")]
17 static extern int ResumeThread(IntPtr hThread);
18
19
20 [DllImport("advapi32.dll", SetLastError = true)]
21 public static extern bool OpenProcessToken(IntPtr ProcessHandle, UInt32 DesiredAccess, out IntPtr TokenHandle);
22 [DllImport("kernel32.dll", SetLastError = true)]
23 [return: MarshalAs(UnmanagedType.Bool)]
24 public static extern bool CloseHandle(IntPtr hObject);
25
26 public static void SuspendProcess(int PID)
27 {
28 try
29 {
30 Process proc = Process.GetProcessById(PID);
31
32 if (proc.ProcessName == string.Empty) return;
33 foreach (ProcessThread pT in proc.Threads)
34 {
35 IntPtr pOpenThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)pT.Id);
36 if (pOpenThread == IntPtr.Zero) { break; }
37 SuspendThread(pOpenThread);
38 }
39 }
40 catch { }
41 }
42
43 public static void ResumeProcess(int PID)
44 {
45 try
46 {
47 Process proc = Process.GetProcessById(PID);
48 if (proc.ProcessName == string.Empty) return;
49 foreach (ProcessThread pT in proc.Threads)
50 {
51 IntPtr pOpenThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)pT.Id);
52 if (pOpenThread == IntPtr.Zero) { break; }
53 ResumeThread(pOpenThread);
54 }
55 }
56 catch { }
57 }
58
59 public static string GetProcessOwner(IntPtr handle, out bool IsSystem)
60 {
61 IntPtr ph = IntPtr.Zero;
62 IsSystem = false;
63 try
64 {
65 ThreadControl.OpenProcessToken(handle, (uint)ThreadAccess.PROCESS_TOKEN_QUERY, out ph);
66 WindowsIdentity wi = new WindowsIdentity(ph);
67 IsSystem = wi.IsSystem;
68 string name = wi.Name;
69 int slash_index = name.IndexOf("\\") + 1;
70 name = name.Remove(0, slash_index);
71 return name;
72 }
73 catch
74 {
75 // ignore
76 }
77 finally
78 {
79 if (ph != IntPtr.Zero) { ThreadControl.CloseHandle(ph); }
80 }
81 return "";
82 }
83 }
84 }

  ViewVC Help
Powered by ViewVC 1.1.22