Код (Text): .386 .model flat,stdcall option casemap:none assume fs:nothing include bin\windows.inc include bin\kernel32.inc include bin\user32.inc include bin\ntdll.inc include bin\advapi32.inc include bin\gdi32.inc includelib bin\user32.lib includelib bin\kernel32.lib includelib bin\ntdll.lib includelib bin\advapi32.lib includelib bin\gdi32.lib .data ThreadContext CONTEXT <> .code start: PUSH EBP MOV EBP,ESP MOV EAX,FS:[18h] MOV ECX,offset @Thread invoke CreateThread,0,0,ECX,EAX,0,0 XCHG EAX,ESI MOV ThreadContext.ContextFlags,CONTEXT_FULL PUSH offset ThreadContext ; Context of main thread PUSH ESI ; Handle of main thread CALL GetThreadContext invoke SuspendThread,-2 LEAVE RET @Thread: PUSH EBP MOV EBP,ESP invoke SuspendThread,-2 MOV EAX,[EBP+8] MOV EAX,[EAX+24h] ; Main thread ID PUSH EAX PUSH 0 PUSH THREAD_SUSPEND_RESUME or THREAD_GET_CONTEXT or THREAD_SET_CONTEXT CALL OpenThread XCHG EAX,ESI MOV ThreadContext.ContextFlags,CONTEXT_FULL PUSH offset ThreadContext ; Context of main thread PUSH ESI ; Handle of main thread CALL GetThreadContext LEAVE RET end start На Windows XP нет проблем, на Windows Vista, ERROR_ACCESS_DENIED, при попытке получить контекст материнского потока.
Нет, http://msdn.microsoft.com/en-us/library/ms679362(v=VS.85).aspx Добавив этот флаг все заработало, но без него в Win7 работало,в Vista нет.
