本文整理汇总了C#中ProcessHandle类的典型用法代码示例。如果您正苦于以下问题:C# ProcessHandle类的具体用法?C# ProcessHandle怎么用?C# ProcessHandle使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
ProcessHandle类属于命名空间,在下文中一共展示了ProcessHandle类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: SandboxieFilter
private bool SandboxieFilter(int pid, ref Color color)
{
try
{
using (var phandle = new ProcessHandle(pid, ProcessAccess.QueryInformation | ProcessAccess.VmRead))
{
bool isSandboxie = false;
phandle.EnumModules((module) =>
{
if (module.BaseName.Equals("SbieDll.dll", StringComparison.InvariantCultureIgnoreCase))
{
isSandboxie = true;
return false;
}
return true;
});
if (isSandboxie)
{
color = Color.Black;
return true;
}
}
}
catch
{ }
return false;
}示例2: buttonVirtualProtect_Click
private void buttonVirtualProtect_Click(object sender, EventArgs e)
{
try
{
int newprotect;
try
{
newprotect = (int)BaseConverter.ToNumberParse(textNewProtection.Text);
}
catch
{
return;
}
using (ProcessHandle phandle = new ProcessHandle(_pid, ProcessAccess.VmOperation))
{
try
{
phandle.ProtectMemory(_address, (int)_size, (MemoryProtection)newprotect);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to set memory protection", ex);
return;
}
}
this.Close();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to set memory protection", ex);
}
}示例3: GetBasicInfo
public static ObjectBasicInformation GetBasicInfo(this SystemHandleEntry thisHandle)
{
using (ProcessHandle process = new ProcessHandle(thisHandle.ProcessId, ProcessAccess.DupHandle))
{
return thisHandle.GetBasicInfo(process);
}
}示例4: HandleStatisticsWindow
public HandleStatisticsWindow(int pid)
{
InitializeComponent();
this.AddEscapeToClose();
this.SetTopMost();
_pid = pid;
listTypes.SetDoubleBuffered(true);
listTypes.SetTheme("explorer");
listTypes.AddShortcuts();
listTypes.ContextMenu = listTypes.GetCopyMenu();
listTypes.ListViewItemSorter = new SortedListViewComparer(listTypes);
var typeStats = new Dictionary<string, int>();
using (var phandle = new ProcessHandle(pid, ProcessAccess.DupHandle))
{
var handles = Windows.GetHandles();
foreach (var handle in handles)
{
if (pid != -1 && handle.ProcessId != pid)
continue;
ObjectInformation info;
try
{
if (pid != -1)
{
info = handle.GetHandleInfo(phandle, false);
}
else
{
info = handle.GetHandleInfo(false);
}
}
catch (Exception ex)
{
Logging.Log(ex);
info = new ObjectInformation() { TypeName = "(unknown)" };
}
if (typeStats.ContainsKey(info.TypeName))
typeStats[info.TypeName]++;
else
typeStats.Add(info.TypeName, 1);
}
}
foreach (var pair in typeStats)
{
listTypes.Items.Add(new ListViewItem(new string[]
{
pair.Key,
pair.Value.ToString("N0")
}));
}
}示例5: buttonSnapshot_Click
private void buttonSnapshot_Click(object sender, EventArgs e)
{
try
{
using (var phandle = new ProcessHandle(_pid, ProcessAccess.QueryInformation | ProcessAccess.VmRead))
{
_currentHtCollection = phandle.GetHandleTraces();
if (_symbols != null)
_symbols.Dispose();
SymbolProvider.Options |= SymbolOptions.DeferredLoads;
_symbols = new SymbolProvider(phandle);
WorkQueue.GlobalQueueWorkItem(new Action(() =>
{
var symbols = _symbols;
_symbols.PreloadModules = true;
try
{
foreach (var module in phandle.GetModules())
{
try
{
symbols.LoadModule(module.FileName, module.BaseAddress);
}
catch
{ }
}
}
catch
{ }
try
{
foreach (var module in Windows.GetKernelModules())
{
try
{
symbols.LoadModule(module.FileName, module.BaseAddress);
}
catch
{ }
}
}
catch
{ }
}));
}
this.PopulateHandleTraceList();
}
catch (Exception ex)
{
this.ShowException("Error getting the handle trace snapshot", ex);
}
}示例6: GetHandleInfo
public static ObjectInformation GetHandleInfo(this SystemHandleEntry thisHandle, bool getName)
{
using (ProcessHandle process = new ProcessHandle(thisHandle.ProcessId,
KProcessHacker.Instance != null ? OSVersion.MinProcessQueryInfoAccess : ProcessAccess.DupHandle))
{
return thisHandle.GetHandleInfo(process, getName);
}
}示例7: RefreshProcesses
private void RefreshProcesses()
{
var processes = Windows.GetProcesses();
listProcesses.BeginUpdate();
listProcesses.Items.Clear();
var generic_process = imageList.Images["generic_process"];
imageList.Images.Clear();
imageList.Images.Add("generic_process", generic_process);
foreach (var process in processes.Values)
{
string userName = "";
string fileName = null;
try
{
using (var phandle = new ProcessHandle(process.Process.ProcessId, OSVersion.MinProcessQueryInfoAccess))
{
using (var thandle = phandle.GetToken(TokenAccess.Query))
using (var sid = thandle.GetUser())
userName = sid.GetFullName(true);
fileName = FileUtils.GetFileName(phandle.GetImageFileName());
}
}
catch
{ }
ListViewItem item = new ListViewItem(
new string[]
{
process.Process.ProcessId == 0 ? "System Idle Process" : process.Name,
process.Process.ProcessId.ToString(),
userName
});
if (!string.IsNullOrEmpty(fileName))
{
Icon fileIcon = FileUtils.GetFileIcon(fileName);
if (fileIcon != null)
{
imageList.Images.Add(process.Process.ProcessId.ToString(), fileIcon);
item.ImageKey = process.Process.ProcessId.ToString();
}
}
if (string.IsNullOrEmpty(item.ImageKey))
item.ImageKey = "generic_process";
listProcesses.Items.Add(item);
}
listProcesses.EndUpdate();
}示例8: ProcessMemoryIO
public ProcessMemoryIO(int pid)
{
try { _phandleR = new ProcessHandle(pid, Program.MinProcessReadMemoryRights); }
catch { }
try
{
_phandleW = new ProcessHandle(pid, Program.MinProcessWriteMemoryRights);
}
catch { }
}示例9: buttonEnableHandleTracing_Click
private void buttonEnableHandleTracing_Click(object sender, EventArgs e)
{
try
{
using (var phandle = new ProcessHandle(_pid, ProcessAccess.SetInformation))
phandle.EnableHandleTracing();
}
catch (Exception ex)
{
this.ShowException("Error enabling handle tracing", ex);
}
}示例10: SymbolHandle
public SymbolHandle(ProcessHandle processHandle)
{
_processHandle = processHandle;
_handle = processHandle;
using (Win32.DbgHelpLock.AcquireContext())
{
if (!Win32.SymInitialize(_handle, null, false))
Win32.Throw();
}
_processHandle.Reference();
}示例11: ThreadWindow
public ThreadWindow(int PID, int TID, SymbolProvider symbols, ProcessHandle processHandle)
{
InitializeComponent();
this.AddEscapeToClose();
this.SetTopMost();
listViewCallStack_SelectedIndexChanged(null, null);
_pid = PID;
_tid = TID;
_symbols = symbols;
this.Text = Program.ProcessProvider.Dictionary[_pid].Name + " (PID " + _pid.ToString() +
") - Thread " + _tid.ToString();
listViewCallStack.ContextMenu = listViewCallStack.GetCopyMenu();
try
{
if (processHandle != null)
{
_phandle = processHandle;
_processHandleOwned = false;
}
else
{
_phandle = new ProcessHandle(_pid, ProcessAccess.QueryInformation | ProcessAccess.VmRead);
}
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to open the process", ex);
this.Close();
return;
}
try
{
_thandle = new ThreadHandle(_tid, ThreadAccess.GetContext | ThreadAccess.SuspendResume);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to open the thread", ex);
this.Close();
return;
}
}示例12: PhysicalPages
public PhysicalPages(ProcessHandle processHandle, int count, bool pages)
{
if (pages)
_count = count;
else
_count = Windows.BytesToPages(count);
IntPtr pageCount = new IntPtr(_count);
_pfnArray = new IntPtr[_count];
if (!Win32.AllocateUserPhysicalPages(processHandle, ref pageCount, _pfnArray))
Win32.ThrowLastError();
if (pageCount.ToInt32() != _count)
throw new Exception("Could not allocate all pages.");
_processHandle = processHandle;
_processHandle.Reference();
}示例13: AddProcessItem
private void AddProcessItem(
ProcessHandle phandle,
int pid,
ref int totalCount, ref int hiddenCount, ref int terminatedCount,
Func<int, bool> exists
)
{
string fileName = phandle.GetImageFileName();
if (fileName != null)
fileName = FileUtils.GetFileName(fileName);
if (pid == 0)
pid = phandle.GetBasicInformation().UniqueProcessId.ToInt32();
var item = listProcesses.Items.Add(new ListViewItem(new string[]
{
fileName,
pid.ToString()
}));
// Check if the process has terminated. This is possible because
// a process can be terminated while its object is still being
// referenced.
DateTime exitTime = DateTime.FromFileTime(0);
try { exitTime = phandle.GetExitTime(); }
catch { }
if (exitTime.ToFileTime() != 0)
{
item.BackColor = Color.DarkGray;
item.ForeColor = Color.White;
terminatedCount++;
}
else
{
totalCount++;
if (!exists(pid))
{
item.BackColor = Color.Red;
item.ForeColor = Color.White;
hiddenCount++;
}
}
}示例14: AddProcess
public bool AddProcess(Process process)
{
using (ProcessHandle processHandle = new ProcessHandle(process.Id))
{
if (!processHandle.IsInvalid)
{
bool result = NativeMethods.AssignProcessToJobObject(this, processHandle);
int lastWin32Error = Marshal.GetLastWin32Error();
if (result)
{
return true;
}
}
}
return false;
}示例15: ProtectQuery
private bool ProtectQuery(int pid, out bool allowKernelMode, out ProcessAccess processAccess, out ThreadAccess threadAccess)
{
try
{
using (var phandle = new ProcessHandle(pid, Program.MinProcessQueryRights))
KProcessHacker.Instance.ProtectQuery(phandle, out allowKernelMode, out processAccess, out threadAccess);
return true;
}
catch
{
allowKernelMode = true;
processAccess = 0;
threadAccess = 0;
return false;
}
}