mirror of
https://github.com/argonlefou/TSR_Loader.git
synced 2024-11-28 00:10:49 +01:00
105 lines
3.3 KiB
C#
105 lines
3.3 KiB
C#
|
using System;
|
|||
|
using System.Diagnostics;
|
|||
|
using System.Runtime.InteropServices;
|
|||
|
|
|||
|
namespace Transformers2_Launcher
|
|||
|
{
|
|||
|
public static class ProcessTools
|
|||
|
{
|
|||
|
[DllImport("kernel32.dll")]
|
|||
|
static extern IntPtr OpenThread(ThreadAccess dwDesiredAccess, bool bInheritHandle, uint dwThreadId);
|
|||
|
|
|||
|
[DllImport("kernel32.dll")]
|
|||
|
static extern uint SuspendThread(IntPtr hThread);
|
|||
|
|
|||
|
[DllImport("kernel32.dll")]
|
|||
|
static extern int ResumeThread(IntPtr hThread);
|
|||
|
|
|||
|
[Flags]
|
|||
|
public enum ThreadAccess : int
|
|||
|
{
|
|||
|
TERMINATE = (0x0001),
|
|||
|
SUSPEND_RESUME = (0x0002),
|
|||
|
GET_CONTEXT = (0x0008),
|
|||
|
SET_CONTEXT = (0x0010),
|
|||
|
SET_INFORMATION = (0x0020),
|
|||
|
QUERY_INFORMATION = (0x0040),
|
|||
|
SET_THREAD_TOKEN = (0x0080),
|
|||
|
IMPERSONATE = (0x0100),
|
|||
|
DIRECT_IMPERSONATION = (0x0200)
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
[DllImport("ntdll.dll", PreserveSig = false)]
|
|||
|
public static extern void NtSuspendProcess(IntPtr processHandle);
|
|||
|
|
|||
|
[DllImport("ntdll.dll", PreserveSig = false, SetLastError = true)]
|
|||
|
public static extern void NtResumeProcess(IntPtr processHandle);
|
|||
|
|
|||
|
[DllImport("kernel32.dll", SetLastError = true)]
|
|||
|
public static extern IntPtr OpenProcess(ProcessAccessFlags processAccess,bool bInheritHandle,int processId);
|
|||
|
|
|||
|
[DllImport("kernel32.dll", SetLastError = true)]
|
|||
|
public static extern bool CloseHandle(IntPtr hObject);
|
|||
|
|
|||
|
[Flags]
|
|||
|
public enum ProcessAccessFlags : uint
|
|||
|
{
|
|||
|
All = 0x001F0FFF,
|
|||
|
Terminate = 0x00000001,
|
|||
|
CreateThread = 0x00000002,
|
|||
|
VirtualMemoryOperation = 0x00000008,
|
|||
|
VirtualMemoryRead = 0x00000010,
|
|||
|
VirtualMemoryWrite = 0x00000020,
|
|||
|
DuplicateHandle = 0x00000040,
|
|||
|
CreateProcess = 0x000000080,
|
|||
|
SetQuota = 0x00000100,
|
|||
|
SetInformation = 0x00000200,
|
|||
|
QueryInformation = 0x00000400,
|
|||
|
QueryLimitedInformation = 0x00001000,
|
|||
|
Synchronize = 0x00100000
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
public static void Suspend(this Process process)
|
|||
|
{
|
|||
|
foreach (ProcessThread thread in process.Threads)
|
|||
|
{
|
|||
|
var pOpenThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)thread.Id);
|
|||
|
if (pOpenThread == IntPtr.Zero)
|
|||
|
{
|
|||
|
break;
|
|||
|
}
|
|||
|
SuspendThread(pOpenThread);
|
|||
|
}
|
|||
|
}
|
|||
|
public static void Resume(this Process process)
|
|||
|
{
|
|||
|
foreach (ProcessThread thread in process.Threads)
|
|||
|
{
|
|||
|
var pOpenThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)thread.Id);
|
|||
|
if (pOpenThread == IntPtr.Zero)
|
|||
|
{
|
|||
|
break;
|
|||
|
}
|
|||
|
ResumeThread(pOpenThread);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public static void SuspendProcess(Process p)
|
|||
|
{
|
|||
|
IntPtr hProcess = OpenProcess(ProcessAccessFlags.All, false, p.Id);
|
|||
|
NtSuspendProcess(hProcess);
|
|||
|
CloseHandle(hProcess);
|
|||
|
}
|
|||
|
|
|||
|
public static void ResumeProcess(Process p)
|
|||
|
{
|
|||
|
IntPtr hProcess = OpenProcess(ProcessAccessFlags.All, false, p.Id);
|
|||
|
NtResumeProcess(hProcess);
|
|||
|
CloseHandle(hProcess);
|
|||
|
}
|
|||
|
}
|
|||
|
}
|