示例#1
0
 /// <summary>
 ///     Creates the Warden service which monitors processes on the computer.
 /// </summary>
 /// <param name="options"></param>
 public static void Initialize(WardenOptions options)
 {
     if (!Api.IsAdmin())
     {
         throw new WardenManageException(Resources.Exception_No_Admin);
     }
     Options = options ?? throw new WardenManageException(Resources.Exception_No_Options);
     try
     {
         ShutdownUtils.RegisterEvents();
         _processStartEvent =
             new ManagementEventWatcher(new WqlEventQuery {
             EventClassName = "Win32_ProcessStartTrace"
         });
         _processStopEvent =
             new ManagementEventWatcher(new WqlEventQuery {
             EventClassName = "Win32_ProcessStopTrace"
         });
         _processStartEvent.EventArrived += ProcessStarted;
         _processStopEvent.EventArrived  += ProcessStopped;
         _processStartEvent.Start();
         _processStopEvent.Start();
         Initialized = true;
     }
     catch (Exception ex)
     {
         throw new WardenException(ex.Message, ex);
     }
 }
示例#2
0
        /// <summary>
        ///     Creates the Warden service which monitors processes on the computer.
        /// </summary>
        /// <param name="options"></param>
        public static void Initialize(WardenOptions options)
        {
            if (!Privileges.IsUserAnAdministrator())
            {
                throw new WardenManageException(Resources.Exception_No_Admin);
            }
            WardenImpersonator.Initialize();
            Stop();
            Options = options ?? throw new WardenManageException(Resources.Exception_No_Options);
            try
            {
                ShutdownUtils.RegisterEvents();


                _wmiOptions = new ConnectionOptions
                {
                    Authentication   = AuthenticationLevel.Default,
                    EnablePrivileges = true,
                    Impersonation    = ImpersonationLevel.Impersonate,
                    Timeout          = TimeSpan.MaxValue
                };

                _connectionScope = new ManagementScope($@"\\{Environment.MachineName}\root\cimv2", _wmiOptions);
                _connectionScope.Connect();

                var creationThreadStarted = new ManualResetEvent(false);
                CreationThread = new Thread(StartCreationListener)
                {
                    IsBackground = true
                };
                CreationThread.Start(creationThreadStarted);

                var destructionThreadStarted = new ManualResetEvent(false);
                DestructionThread = new Thread(StartDestructionListener)
                {
                    IsBackground = true
                };
                DestructionThread.Start(destructionThreadStarted);


                creationThreadStarted.WaitOne();
                destructionThreadStarted.WaitOne();
                Initialized = true;
                Logger?.Info("Initialized");
            }
            catch (Exception ex)
            {
                throw new WardenException(ex.Message, ex);
            }
        }
示例#3
0
 /// <summary>
 ///     Creates the Warden service which monitors processes on the computer.
 /// </summary>
 /// <param name="options"></param>
 public static void Initialize(WardenOptions options)
 {
     if (!Api.IsAdmin())
     {
         throw new WardenManageException(Resources.Exception_No_Admin);
     }
     Options = options ?? throw new WardenManageException(Resources.Exception_No_Options);
     try
     {
         ShutdownUtils.RegisterEvents();
         var wmiOptions = new ConnectionOptions()
         {
             Authentication   = AuthenticationLevel.Default,
             EnablePrivileges = true,
             Impersonation    = ImpersonationLevel.Impersonate
         };
         var scope = new ManagementScope(string.Format(@"\\{0}\root\cimv2", Environment.MachineName), wmiOptions);
         scope.Connect();
         _processStartEvent =
             new ManagementEventWatcher(scope, new WqlEventQuery {
             EventClassName = "Win32_ProcessStartTrace"
         });
         _processStopEvent =
             new ManagementEventWatcher(scope, new WqlEventQuery {
             EventClassName = "Win32_ProcessStopTrace"
         });
         _processStartEvent.EventArrived += ProcessStarted;
         _processStopEvent.EventArrived  += ProcessStopped;
         _processStartEvent.Start();
         _processStopEvent.Start();
         Initialized = true;
         Logger?.Debug("Initialized");
     }
     catch (Exception ex)
     {
         throw new WardenException(ex.Message, ex);
     }
 }