HollowsHunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
suspend.h
Go to the documentation of this file.
1#pragma once
2#include <windows.h>
3
4#define INVALID_PID (-1)
5
6bool suspend_process(DWORD processId);
7
8bool resume_process(DWORD processId);
9
10// do the process with the given PID belongs to the process tree of the current process (parent/child/sibling)
11bool is_process_associated(DWORD processId);
12
13// retruns the Parent Process PID of the process with the given PID, or INVALID_PID if retrieving it was impossible
14DWORD GetParentProcessID(DWORD dwPID);
suspend_process
bool suspend_process(DWORD processId)
Definition suspend.cpp:7
GetParentProcessID
DWORD GetParentProcessID(DWORD dwPID)
Definition suspend.cpp:70
is_process_associated
bool is_process_associated(DWORD processId)
Definition suspend.cpp:45
resume_process
bool resume_process(DWORD processId)
Definition suspend.cpp:26
Generated by doxygen 1.12.0