获取进程文件之前是如何打开的？ [英] How the get process file being open before?

问题描述

你好



我在codeProject.com找到你的项目

列出使用的文件 [ ^ ]



这非常接近我想做的事情。我希望你可以帮助我解决我的问题



这么长时间我已经研究过如何susspend进程befere文件打开但我没有得到任何好的来源。



所以我想要这个...



i在磁盘上有一些文件列表，如果有任何文件是打开列出的文件，然后应用程序将暂停进程并将提供一些信息，如PID，FileName，访问应用程序等。



基本架构



一些文件列表

A.doc

B.xls

c.txt



C / C ++结构



寻找流程并在开始之前暂停并查找流程查找文件

如果查看文件相等某些文件列表然后终止进程并执行feedBack



感谢您的帮助



我尝试了什么：



我没有得到任何针对此问题的独奏者

解决方案

不要在快速答案下发布此内容 - 如果您从文章中获得了代码，那么该文章底部会显示添加评论或问题按钮，这会导致将电子邮件发送给作者。然后他们会被告知你希望与他们交谈。

在这里发布这个依赖于他们匆匆而过并意识到这是为了他们。

首先，这是你第二次问这个问题。只需将对话保持在原始主题中即可。



其次，该文章甚至与您尝试的内容相差无几。该应用列出了每个进程的打开文件句柄。你正在做的是在创建文件句柄之前检查条件。



你要找的是API挂钩，特别是CreateFile函数。这不是一项微不足道的任务。



此外，只是杀死进程是一个坏主意。这很容易导致系统不稳定。

Hello

just i find your project on codeProject.com
Listing Used Files[^]

this is very close to what i want to do. i hope u can help me for my problem

So long time i have reseach for how to susspend process befere file open but i didnt get any good source for this.

so i want to this...

i have some file list on disk and if any file is opening on the listed file then application will suspend proccess and will give some information as like PID , FileName , Accessing application as like.

Basic schema

Some File List
A.doc
B.xls
c.txt

C/C++ structure

Look for process and suspend before start and find process looking file
if looking file equal Some File List then kill process and do feedBack

thanks for help

What I have tried:

I didnt get any solituon for this problem

解决方案

Don't post this under Quick Answers - if you got the code from an article, then there is a "Add a Comment or Question" button at the bottom of that article, which causes an email to be sent to the author. They are then alerted that you wish to speak to them.
Posting this here relies on them "dropping by" and realising it is for them.

First, this is the second time you're asking this. Just keep the conversation going in the original thread.

Second, that article isn't even close to what you're trying to do. That app lists open file handles per process. What you're doing is checking for conditions before the file handle is even created.

What you're looking for is API Hooking, specifically the CreateFile function. This is not a trivial task.

Also, just killing processes is a bad idea. This can easily lead to system instability.

这篇关于获取进程文件之前是如何打开的？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！