本文整理汇总了C#中ProcessHandle类的典型用法代码示例。如果您正苦于以下问题:C# ProcessHandle类的具体用法?C# ProcessHandle怎么用?C# ProcessHandle使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
ProcessHandle类属于命名空间,在下文中一共展示了ProcessHandle类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C#代码示例。
示例1: SandboxieFilter
private bool SandboxieFilter(int pid, ref Color color)
{
try
{
using (var phandle = new ProcessHandle(pid, ProcessAccess.QueryInformation | ProcessAccess.VmRead))
{
bool isSandboxie = false;
phandle.EnumModules((module) =>
{
if (module.BaseName.Equals("SbieDll.dll", StringComparison.InvariantCultureIgnoreCase))
{
isSandboxie = true;
return false;
}
return true;
});
if (isSandboxie)
{
color = Color.Black;
return true;
}
}
}
catch
{ }
return false;
}
开发者ID:andyvand,项目名称:ProcessHacker,代码行数:31,代码来源:TestPlugin.cs
示例2: buttonVirtualProtect_Click
private void buttonVirtualProtect_Click(object sender, EventArgs e)
{
try
{
int newprotect;
try
{
newprotect = (int)BaseConverter.ToNumberParse(textNewProtection.Text);
}
catch
{
return;
}
using (ProcessHandle phandle = new ProcessHandle(_pid, ProcessAccess.VmOperation))
{
try
{
phandle.ProtectMemory(_address, (int)_size, (MemoryProtection)newprotect);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to set memory protection", ex);
return;
}
}
this.Close();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to set memory protection", ex);
}
}
开发者ID:john-peterson,项目名称:processhacker,代码行数:35,代码来源:VirtualProtectWindow.cs
示例3: GetBasicInfo
public static ObjectBasicInformation GetBasicInfo(this SystemHandleEntry thisHandle)
{
using (ProcessHandle process = new ProcessHandle(thisHandle.ProcessId, ProcessAccess.DupHandle))
{
return thisHandle.GetBasicInfo(process);
}
}
开发者ID:andyvand,项目名称:ProcessHacker,代码行数:7,代码来源:Extensions.cs
示例4: HandleStatisticsWindow
public HandleStatisticsWindow(int pid)
{
InitializeComponent();
this.AddEscapeToClose();
this.SetTopMost();
_pid = pid;
listTypes.SetDoubleBuffered(true);
listTypes.SetTheme("explorer");
listTypes.AddShortcuts();
listTypes.ContextMenu = listTypes.GetCopyMenu();
listTypes.ListViewItemSorter = new SortedListViewComparer(listTypes);
var typeStats = new Dictionary<string, int>();
using (var phandle = new ProcessHandle(pid, ProcessAccess.DupHandle))
{
var handles = Windows.GetHandles();
foreach (var handle in handles)
{
if (pid != -1 && handle.ProcessId != pid)
continue;
ObjectInformation info;
try
{
if (pid != -1)
{
info = handle.GetHandleInfo(phandle, false);
}
else
{
info = handle.GetHandleInfo(false);
}
}
catch (Exception ex)
{
Logging.Log(ex);
info = new ObjectInformation() { TypeName = "(unknown)" };
}
if (typeStats.ContainsKey(info.TypeName))
typeStats[info.TypeName]++;
else
typeStats.Add(info.TypeName, 1);
}
}
foreach (var pair in typeStats)
{
listTypes.Items.Add(new ListViewItem(new string[]
{
pair.Key,
pair.Value.ToString("N0")
}));
}
}
开发者ID:andyvand,项目名称:ProcessHacker,代码行数:60,代码来源:HandleStatisticsWindow.cs
示例5: buttonSnapshot_Click
private void buttonSnapshot_Click(object sender, EventArgs e)
{
try
{
using (var phandle = new ProcessHandle(_pid, ProcessAccess.QueryInformation | ProcessAccess.VmRead))
{
_currentHtCollection = phandle.GetHandleTraces();
if (_symbols != null)
_symbols.Dispose();
SymbolProvider.Options |= SymbolOptions.DeferredLoads;
_symbols = new SymbolProvider(phandle);
WorkQueue.GlobalQueueWorkItem(new Action(() =>
{
var symbols = _symbols;
_symbols.PreloadModules = true;
try
{
foreach (var module in phandle.GetModules())
{
try
{
symbols.LoadModule(module.FileName, module.BaseAddress);
}
catch
{ }
}
}
catch
{ }
try
{
foreach (var module in Windows.GetKernelModules())
{
try
{
symbols.LoadModule(module.FileName, module.BaseAddress);
}
catch
{ }
}
}
catch
{ }
}));
}
this.PopulateHandleTraceList();
}
catch (Exception ex)
{
this.ShowException("Error getting the handle trace snapshot", ex);
}
}
开发者ID:RoDaniel,项目名称:featurehouse,代码行数:59,代码来源:MainWindow.cs
示例6: GetHandleInfo
public static ObjectInformation GetHandleInfo(this SystemHandleEntry thisHandle, bool getName)
{
using (ProcessHandle process = new ProcessHandle(thisHandle.ProcessId,
KProcessHacker.Instance != null ? OSVersion.MinProcessQueryInfoAccess : ProcessAccess.DupHandle))
{
return thisHandle.GetHandleInfo(process, getName);
}
}
开发者ID:RoDaniel,项目名称:featurehouse,代码行数:8,代码来源:Extensions.cs
示例7: RefreshProcesses
private void RefreshProcesses()
{
var processes = Windows.GetProcesses();
listProcesses.BeginUpdate();
listProcesses.Items.Clear();
var generic_process = imageList.Images["generic_process"];
imageList.Images.Clear();
imageList.Images.Add("generic_process", generic_process);
foreach (var process in processes.Values)
{
string userName = "";
string fileName = null;
try
{
using (var phandle = new ProcessHandle(process.Process.ProcessId, OSVersion.MinProcessQueryInfoAccess))
{
using (var thandle = phandle.GetToken(TokenAccess.Query))
using (var sid = thandle.GetUser())
userName = sid.GetFullName(true);
fileName = FileUtils.GetFileName(phandle.GetImageFileName());
}
}
catch
{ }
ListViewItem item = new ListViewItem(
new string[]
{
process.Process.ProcessId == 0 ? "System Idle Process" : process.Name,
process.Process.ProcessId.ToString(),
userName
});
if (!string.IsNullOrEmpty(fileName))
{
Icon fileIcon = FileUtils.GetFileIcon(fileName);
if (fileIcon != null)
{
imageList.Images.Add(process.Process.ProcessId.ToString(), fileIcon);
item.ImageKey = process.Process.ProcessId.ToString();
}
}
if (string.IsNullOrEmpty(item.ImageKey))
item.ImageKey = "generic_process";
listProcesses.Items.Add(item);
}
listProcesses.EndUpdate();
}
开发者ID:andyvand,项目名称:ProcessHacker,代码行数:57,代码来源:ChooseProcessDialog.cs
示例8: ProcessMemoryIO
public ProcessMemoryIO(int pid)
{
try { _phandleR = new ProcessHandle(pid, Program.MinProcessReadMemoryRights); }
catch { }
try
{
_phandleW = new ProcessHandle(pid, Program.MinProcessWriteMemoryRights);
}
catch { }
}
开发者ID:john-peterson,项目名称:processhacker,代码行数:10,代码来源:ProcessMemoryIO.cs
示例9: buttonEnableHandleTracing_Click
private void buttonEnableHandleTracing_Click(object sender, EventArgs e)
{
try
{
using (var phandle = new ProcessHandle(_pid, ProcessAccess.SetInformation))
phandle.EnableHandleTracing();
}
catch (Exception ex)
{
this.ShowException("Error enabling handle tracing", ex);
}
}
开发者ID:RoDaniel,项目名称:featurehouse,代码行数:12,代码来源:MainWindow.cs
示例10: SymbolHandle
public SymbolHandle(ProcessHandle processHandle)
{
_processHandle = processHandle;
_handle = processHandle;
using (Win32.DbgHelpLock.AcquireContext())
{
if (!Win32.SymInitialize(_handle, null, false))
Win32.Throw();
}
_processHandle.Reference();
}
开发者ID:andyvand,项目名称:ProcessHacker,代码行数:13,代码来源:SymbolProvider.cs
示例11: ThreadWindow
public ThreadWindow(int PID, int TID, SymbolProvider symbols, ProcessHandle processHandle)
{
InitializeComponent();
this.AddEscapeToClose();
this.SetTopMost();
listViewCallStack_SelectedIndexChanged(null, null);
_pid = PID;
_tid = TID;
_symbols = symbols;
this.Text = Program.ProcessProvider.Dictionary[_pid].Name + " (PID " + _pid.ToString() +
") - Thread " + _tid.ToString();
listViewCallStack.ContextMenu = listViewCallStack.GetCopyMenu();
try
{
if (processHandle != null)
{
_phandle = processHandle;
_processHandleOwned = false;
}
else
{
_phandle = new ProcessHandle(_pid, ProcessAccess.QueryInformation | ProcessAccess.VmRead);
}
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to open the process", ex);
this.Close();
return;
}
try
{
_thandle = new ThreadHandle(_tid, ThreadAccess.GetContext | ThreadAccess.SuspendResume);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to open the thread", ex);
this.Close();
return;
}
}
开发者ID:john-peterson,项目名称:processhacker,代码行数:51,代码来源:ThreadWindow.cs
示例12: PhysicalPages
public PhysicalPages(ProcessHandle processHandle, int count, bool pages)
{
if (pages)
_count = count;
else
_count = Windows.BytesToPages(count);
IntPtr pageCount = new IntPtr(_count);
_pfnArray = new IntPtr[_count];
if (!Win32.AllocateUserPhysicalPages(processHandle, ref pageCount, _pfnArray))
Win32.ThrowLastError();
if (pageCount.ToInt32() != _count)
throw new Exception("Could not allocate all pages.");
_processHandle = processHandle;
_processHandle.Reference();
}
开发者ID:RoDaniel,项目名称:featurehouse,代码行数:15,代码来源:PhysicalPages.cs
示例13: AddProcessItem
private void AddProcessItem(
ProcessHandle phandle,
int pid,
ref int totalCount, ref int hiddenCount, ref int terminatedCount,
Func<int, bool> exists
)
{
string fileName = phandle.GetImageFileName();
if (fileName != null)
fileName = FileUtils.GetFileName(fileName);
if (pid == 0)
pid = phandle.GetBasicInformation().UniqueProcessId.ToInt32();
var item = listProcesses.Items.Add(new ListViewItem(new string[]
{
fileName,
pid.ToString()
}));
// Check if the process has terminated. This is possible because
// a process can be terminated while its object is still being
// referenced.
DateTime exitTime = DateTime.FromFileTime(0);
try { exitTime = phandle.GetExitTime(); }
catch { }
if (exitTime.ToFileTime() != 0)
{
item.BackColor = Color.DarkGray;
item.ForeColor = Color.White;
terminatedCount++;
}
else
{
totalCount++;
if (!exists(pid))
{
item.BackColor = Color.Red;
item.ForeColor = Color.White;
hiddenCount++;
}
}
}
开发者ID:andyvand,项目名称:ProcessHacker,代码行数:47,代码来源:HiddenProcessesWindow.cs
示例14: AddProcess
public bool AddProcess(Process process)
{
using (ProcessHandle processHandle = new ProcessHandle(process.Id))
{
if (!processHandle.IsInvalid)
{
bool result = NativeMethods.AssignProcessToJobObject(this, processHandle);
int lastWin32Error = Marshal.GetLastWin32Error();
if (result)
{
return true;
}
}
}
return false;
}
开发者ID:jango2015,项目名称:VS-Macros,代码行数:17,代码来源:JobHandle.cs
示例15: ProtectQuery
private bool ProtectQuery(int pid, out bool allowKernelMode, out ProcessAccess processAccess, out ThreadAccess threadAccess)
{
try
{
using (var phandle = new ProcessHandle(pid, Program.MinProcessQueryRights))
KProcessHacker.Instance.ProtectQuery(phandle, out allowKernelMode, out processAccess, out threadAccess);
return true;
}
catch
{
allowKernelMode = true;
processAccess = 0;
threadAccess = 0;
return false;
}
}
开发者ID:andyvand,项目名称:ProcessHacker,代码行数:18,代码来源:ProtectProcessWindow.cs
示例16: ProcessAffinity
public ProcessAffinity(int pid)
{
InitializeComponent();
this.AddEscapeToClose();
this.SetTopMost();
_pid = pid;
try
{
using (ProcessHandle phandle = new ProcessHandle(pid, ProcessAccess.QueryInformation))
{
long systemMask;
long processMask;
processMask = phandle.GetAffinityMask(out systemMask);
for (int i = 0; (systemMask & (1 << i)) != 0; i++)
{
CheckBox c = new CheckBox();
c.Name = "cpu" + i.ToString();
c.Text = "CPU " + i.ToString();
c.Tag = i;
c.FlatStyle = FlatStyle.System;
c.Checked = (processMask & (1 << i)) != 0;
c.Margin = new Padding(3, 3, 3, 0);
flowPanel.Controls.Add(c);
}
}
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to get process affinity", ex);
this.Close();
return;
}
}
开发者ID:andyvand,项目名称:ProcessHacker,代码行数:41,代码来源:ProcessAffinity.cs
示例17: GetBasicInfo
public static ObjectBasicInformation GetBasicInfo(this SystemHandleEntry thisHandle, ProcessHandle process)
{
IntPtr handle = new IntPtr(thisHandle.Handle);
IntPtr objectHandleI;
GenericHandle objectHandle = null;
int retLength;
Win32.NtDuplicateObject(
process,
handle,
ProcessHandle.Current,
out objectHandleI,
0,
0,
0
).ThrowIf();
try
{
objectHandle = new GenericHandle(objectHandleI);
using (MemoryAlloc data = new MemoryAlloc(ObjectBasicInformation.SizeOf))
{
Win32.NtQueryObject(
objectHandle,
ObjectInformationClass.ObjectBasicInformation,
data,
data.Size,
out retLength
).ThrowIf();
return data.ReadStruct<ObjectBasicInformation>();
}
}
finally
{
if (objectHandle != null)
objectHandle.Dispose();
}
}
开发者ID:john-peterson,项目名称:processhacker,代码行数:40,代码来源:Extensions.cs
示例18: buttonOK_Click
private void buttonOK_Click(object sender, EventArgs e)
{
long newMask = 0;
for (int i = 0; i < flowPanel.Controls.Count; i++)
{
CheckBox c = (CheckBox)flowPanel.Controls["cpu" + i.ToString()];
newMask |= ((long)(c.Checked ? 1 : 0) << i);
}
try
{
using (ProcessHandle phandle = new ProcessHandle(_pid, ProcessAccess.SetInformation))
phandle.SetAffinityMask(newMask);
this.Close();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to set process affinity", ex);
}
}
开发者ID:RoDaniel,项目名称:featurehouse,代码行数:23,代码来源:ProcessAffinity.cs
示例19: EditDEPWindow
public EditDEPWindow(int PID)
{
InitializeComponent();
this.AddEscapeToClose();
this.SetTopMost();
_pid = PID;
try
{
using (ProcessHandle phandle
= new ProcessHandle(_pid, ProcessAccess.QueryInformation))
{
var depStatus = phandle.GetDepStatus();
string str;
if ((depStatus & DepStatus.Enabled) != 0)
{
str = "Enabled";
if ((depStatus & DepStatus.AtlThunkEmulationDisabled) != 0)
str += ", DEP-ATL thunk emulation disabled";
}
else
{
str = "Disabled";
}
comboStatus.SelectedItem = str;
if (KProcessHacker.Instance != null)
checkPermanent.Visible = true;
}
}
catch
{ }
}
开发者ID:RoDaniel,项目名称:featurehouse,代码行数:37,代码来源:EditDEPWindow.cs
示例20: SetDepStatusNoKph
private void SetDepStatusNoKph()
{
if (comboStatus.SelectedItem.ToString().StartsWith("Enabled"))
if (!PhUtils.ShowConfirmMessage(
"set",
"the DEP status",
"Enabling DEP in a process is a permanent action.",
false))
return;
DepFlags flags = DepFlags.Enable;
if (comboStatus.SelectedItem.ToString() == "Disabled")
flags = DepFlags.Disable;
else if (comboStatus.SelectedItem.ToString() == "Enabled")
flags = DepFlags.Enable;
else if (comboStatus.SelectedItem.ToString() == "Enabled, DEP-ATL thunk emulation disabled")
flags = DepFlags.Enable | DepFlags.DisableAtlThunkEmulation;
else
{
PhUtils.ShowError("Invalid value.");
return;
}
try
{
IntPtr kernel32 = Win32.GetModuleHandle("kernel32.dll");
IntPtr setProcessDepPolicy = Win32.GetProcAddress(kernel32, "SetProcessDEPPolicy");
if (setProcessDepPolicy == IntPtr.Zero)
throw new Exception("This feature is not supported on your version of Windows.");
using (ProcessHandle phandle = new ProcessHandle(_pid,
Program.MinProcessQueryRights | ProcessAccess.VmOperation |
ProcessAccess.VmRead | ProcessAccess.CreateThread))
{
var thread = phandle.CreateThreadWin32(setProcessDepPolicy, new IntPtr((int)flags));
thread.Wait(1000 * Win32.TimeMsTo100Ns);
int exitCode = thread.GetExitCode();
if (exitCode == 0)
{
throw new Exception("Unspecified error.");
}
}
this.DialogResult = DialogResult.OK;
this.Close();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to set the DEP status", ex);
}
}
开发者ID:RoDaniel,项目名称:featurehouse,代码行数:56,代码来源:EditDEPWindow.cs
注:本文中的ProcessHandle类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论