Kernel32不包含名为'OpenThread'的方法

时间:2017-09-10 20:53:18

标签: multithreading powershell suspend

我正在尝试在Powershell 5中编写一个Suspend-Process函数,我得到的错误是Method调用失败,因为[Kernel32]不包含名为'OpenThread'的方法.Powershell代码如下

 #Thread Access Constants

$TERMINATE             = 0x0001 
$SUSPEND_RESUME        = 0x0002
$GET_CONTEXT           = 0x0008
$SET_CONTEXT           = 0x0010
$SET_INFORMATION       = 0x0020
$QUERY_INFORMATION     = 0x0040
$SET_THREAD_TOKEN      = 0x0080  
$IMPERSONATE           = 0x0100
$DIRECT_IMPERSONATION  = 0x0200

Add-Type -TypeDefinition @"
    using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
public static class Kernel32
{
    [DllImport("kernel32.dll",SetLastError=true)]
    public static extern int SuspendThread(IntPtr hThread);

    [DllImport("kernel32.dll",SetLastError=true)]
    public static extern int ResumeThread(IntPtr hThread);

    [DllImport("kernel32.dll", SetLastError=true)]
    public static extern bool CloseHandle(IntPtr hHandle);

    [DllImport("kernel32.dll", SetLastError = true)]
    public static extern IntPtr OpenThread(uint dwDesiredAccess, bool       bInheritHandle, uint dwThreadId);

   }

"@

$hProcess = Get-Process -Name Notepad 
ForEach($ProcessThread in $hProcess.Threads){

 $hThread = [Kernel32]::OpenThread($SUSPEND_RESUME , $False, $ProcessThread.ID)
  if ($hThread -ne [IntPtr]::Zero) {
   [Kernel32]::SuspendThread($hThread)
   [Kernel32]::CloseHandle($hThread)
  }

}

0 个答案:

没有答案
相关问题
最新问题