防止调试事件被发往调试器

typedef NTSTATUS(*fnZwSetInformationThread)(HANDLE ThreadHandle, THREADINFOCLASS ThreadInformationClass, PVOID ThreadInformation, ULONG ThreadInformationLength); fnZwSetInformationThread ZwSetInformationThread; ZwSetInformationThread = (fnZwSetInformationThread)GetProcAddress(GetModuleHandleA("ntdll.dll"), "ZwSetInformationThread"); if (ZwSetInformationThread) { int r = ZwSetInformationThread(GetCurrentThread(), ThreadHideFromDebugger, NULL, 0); if (r != 0) { OutputDebugStringA("No debug safety"); } }