Getting pagefile.sys' handle | ansaurus

tags:

c
winapi

views:

31

answers:

1

Q:

Getting pagefile.sys' handle

How to use createfile api open pagefile.sys and get it's handle ? How does pagedfrg.exe tool open pagefile.sys and get it's file cluster info?

I want to using FSCTL_QUERY_RETRIEVAL_POINTERS to get this file's cluster info. The intent is to send strictly this FSCTL to analyze the used clusters for statistical purposes.

A:

AFAIK, all defragment tools which try to defrag pagefile.sys work in offline mode (outside Windows). I think they write a kernel driver for that purpose, and use ZwCreateFile() to get the handle of pagefile.sys file. They are likely also utilyzing ZwDeviceIoControlFile() to access files in sector based.

Vantomex 2010-10-12 15:04:00

related questions

any good tool for makefile generation?

How do you pass a function as a parameter in C?

Where should a veteran C programmer start in order to master Java ?

Any good book on best practice and guidelines in developing a SDK in C?

How do you determine the size of a file in C?

Decoding printf statements in C (Printf Primer)

Shift operator in C

How to avoid redefining VERSION, PACKAGE, etc.

Alpha blending sprites in Nintendo DS Homebrew

When should I use type abstraction in embedded systems

How to implement continuations?

What are the barriers to understanding pointers and what can be done to overcome them?

Anyone have experience creating a shared library in MATLAB?

String.indexOf function in C

Passing multidimensional arrays as function arguments in C

C/C++ library for reading MIDI signals from a USB MIDI device

Choosing a static code analysis tool

How do you printf an unsigned long long int?

Good STL-like library for C.

Rockbox audio format

Why am I getting a malloc: double free error with realloc()?

Should I learn C?

GTK implementation of MessageBox

Is gettimeofday() guaranteed to be of microsecond resolution?

How to use the C socket API in C++ on z/OS