The CBProcess class enables applications to intercept process manager requests.
The CBProcess class gives applications the ability to monitor and (for some cases) control process- and thread-related requests. The CBProcess API is far less complex than the other classs', so it uses very simple filter rules; please refer to the Filter Rules topic for more information.
To learn more about the class's capabilities, please refer to the product's General Information topics.
- If the class's system driver hasn't been installed yet, call the Install method to do so. This only needs to be done once.
- In production, the driver can be installed (or updated) ahead-of-time by the application's installation script using the Installer DLL. Please refer to the Driver Installation topic for more information.
- Call the Initialize method to initialize the CBProcess class. This must be done each time the application starts.
- Add one or more filter rules using methods like AddFilteredProcessById, AddFilteredProcessByName, etc. (Rules can also be added/removed after the filter is started.)
- Call the StartFilter method to start filtering process manager requests.
- When finished, call the StopFilter method to stop filtering process manager requests.
- To uninstall the class's system driver, call the Uninstall method. This should not be done as part of the driver upgrade process.
- In production, the driver can be uninstalled by the application's uninstallation script using the Installer DLL. Please refer to the Driver Installation topic for more information.
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
|Active||Whether the class is active and processing requests.|
|Altitude||The altitude the class's system driver should use.|
|SerializeEvents||Whether events should be fired on a single worker thread, or many.|
|StrictAltitude||How to behave if the specified altitude is already in use.|
|Tag||Stores application-defined data specific to this instance of the class.|
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
|AddFilteredProcessById||Adds a process, by PID, to the list of filtered processes.|
|AddFilteredProcessByName||Adds a process, by name, to the list of filtered processes.|
|AddIgnoredProcessById||Adds a process, by PID, to the list of ignored processes.|
|AddIgnoredProcessByName||Adds a process, by name, to the list of ignored processes.|
|Config||Sets or retrieves a configuration setting.|
|GetDriverStatus||Retrieves the status of the class's system driver.|
|GetDriverVersion||Retrieves the version of the class's system driver.|
|GetOriginatorToken||Retrieves the security token associated with the process that initiated the operation.|
|GetProcessName||Retrieves the name of the process associated with the specified process ID (PID).|
|Initialize||Initializes the class.|
|Install||Installs (or upgrades) the class's system driver.|
|RemoveFilteredProcessById||Removes a process, by PID, from the list of filtered processes.|
|RemoveFilteredProcessByName||Removes a process, by name, from the list of filtered processes.|
|RemoveIgnoredProcessById||Removes a process, by PID, from the list of ignored processes.|
|RemoveIgnoredProcessByName||Removes a process, by name, from the list of ignored processes.|
|ResetTimeout||Resets the timeout duration for the current event handler.|
|ShutdownSystem||Shuts down or reboots the operating system.|
|StartFilter||Start filtering process and thread operations.|
|StopFilter||Stop filtering process and thread operations.|
|Uninstall||Uninstalls the class's system driver.|
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
|Error||Fires if an unhandled error occurs during an event.|
|ProcessCreation||Fires when a process is being created.|
|ProcessHandleOperation||Fires when a process handle is being created or duplicated.|
|ProcessTermination||Fires when a process is being terminated.|
|ThreadCreation||Fires when a thread is being created.|
|ThreadHandleOperation||Fires when a thread handle is being created or duplicated.|
|ThreadTermination||Fires when a thread is being terminated.|
|WorkerThreadCreation||Fires just after a new worker thread is created.|
|WorkerThreadTermination||Fires just before a worker thread is terminated.|
The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.
|FilterOwnRequests||Whether the class's system driver should filter requests made by the application itself.|
|LoggingEnabled||Whether extended logging is enabled.|
|MaxWorkerThreadCount||The maximum number of worker threads to use to fire events.|
|MinWorkerThreadCount||The minimum number of worker threads to use to fire events.|
|WorkerInitialStackSize||The initial stack size to create worker threads with.|
|BuildInfo||Information about the product's build.|
|LicenseInfo||Information about the current license.|