C# (CSharp) RtProtectionWrap.Get_ParentId 예제들

예제 #1

파일: Form_RTProtectionManual.cs 프로젝트: dovanduy/BUGAV

 public void ProcMonThreadFunc()
 {
     while (__procMonThread_working)
     {
         Console.WriteLine("WRAP_RtProtectionDrv_NewProcMon");
         bool res = __RtProtectionInst.WRAP_RtProtectionDrv_NewProcMon();
         Console.WriteLine(res.ToString());
         if (res)
         {
             int _ParentId  = __RtProtectionInst.Get_ParentId();
             int _ProcessId = __RtProtectionInst.Get_ProcessId();
             int _Create    = __RtProtectionInst.Get_Create();
             if (_Create == 1)
             {
                 Process         newproc     = Process.GetProcessById(_ProcessId);
                 ProcListBoxItem newListItem = new ProcListBoxItem {
                     Name        = newproc.ProcessName,
                     ParentId    = _ParentId,
                     ProcessId   = _ProcessId,
                     procHandler = newproc
                 };
                 RTProtection_checkedListBox_Processes.Items.Insert(0, newListItem);
             }
             else
             {
                 foreach (var item in RTProtection_checkedListBox_Processes.Items.OfType <ProcListBoxItem>().ToList())
                 {
                     Console.WriteLine(item.ProcessId.ToString() + " " + _ProcessId.ToString());
                     if (item.ProcessId == _ProcessId)
                     {
                         RTProtection_checkedListBox_Processes.Items.Remove(item);
                         break;
                     }
                 }
             }
         }
     }
     __RtProtectionInst.WRAP_RtProtectionDrv_UnloadDriver();
     if (__RtProtectionInst.Get_loaded() == false)
     {
         RTProtection_Button_Activate.Text = "Activate";
     }
 }

예제 #2

        public void ApiMonThreadFunc()
        {
            while (__ApiMonThread_working)
            {
                Console.WriteLine("WRAP_RtProtectionDrv_NewProcMon");
                bool res = __RtApiMonInst.WRAP_RtProtectionDrv_NewProcMon();
                Console.WriteLine(res.ToString());
                if (res)
                {
                    int _ParentId  = __RtApiMonInst.Get_ParentId();
                    int _ProcessId = __RtApiMonInst.Get_ProcessId();
                    int _Create    = __RtApiMonInst.Get_Create();
                    if (_Create == 1)
                    {
                        Process newproc = Process.GetProcessById(_ProcessId);
                        Console.WriteLine(newproc.ProcessName);
                        Console.WriteLine(_ParentId);
                        Console.WriteLine(_ProcessId);

                        if (newproc.ProcessName != "cmd" &&
                            newproc.ProcessName != "powershell")
                        {
                            NamedPipeServer PServer1 =
                                new NamedPipeServer(
                                    @"\\.\pipe\myNamedPipe" + _ProcessId.ToString(),
                                    0,
                                    ApiMon_notifyIcon,
                                    "apimon",
                                    newproc.ProcessName
                                    );
                            PServer1.Start();
                            __RtApiMonInst.WRAP_InjectBasicLib(_ProcessId);
                        }
                    }
                }
            }
            __RtApiMonInst.WRAP_RtProtectionDrv_UnloadDriver();
            if (__RtApiMonInst.Get_loaded() == false)
            {
                ApiMonButton.Text = "ApiMon OFF";
            }
        }