我需要的目前（或过去在X秒）过程收集的列表（在C＃）必须有网络活动，该进程的名称，和发送的数据的数量（pretty的多EXACTLY什么是显示在网络选项卡下的新的Windows 7资源监视器）。

I am needing to collect a list (In C#) of processes which currently (Or within the past x secs) have have network activity, the names of the processes, and the qty of data sent (Pretty much EXACTLY what is shown on the new Windows 7 Resource Monitor under the network tab).

我知道我可以利用Winpcap编写完整的嗅探我自己，但我想preFER不要有开销，我想如果我能做到这一点的WIN7 resmon.exe不会用同样的方式，我会是领先的游戏 - 任何人有如何做，在管理code，而不WinPcap的任何信息？即使它不是管理code，我会很乐意把它包起来。

I know I could use WinPCap to write a complete sniffer myself, But I would prefer not to have the overhead, and I figured if I could do it the same way that win7 resmon.exe does it, I would be ahead of the game - Anyone have any info on how to do that in managed code without WinPCap? Even if its not managed code, I would be happy to wrap it.

推荐答案

我问在MSDN论坛上同样的问题并得到答案。坦率地讲已经尝试过了。即尝试，但不是很难））建议使用ETW。我不知道如何消费ETW事件正常。 http://social.msdn.microsoft.com/Forums/en-US/perfmon/thread/b82da95a-1c18-49ce-9bfa-e3d79ec40907

I asked the same question on MSDN forum and get answer. Frankly speaking have tried it. I.e. tried but not so hard)) It was suggested to use ETW. I did not realize how to consume ETW events properly. http://social.msdn.microsoft.com/Forums/en-US/perfmon/thread/b82da95a-1c18-49ce-9bfa-e3d79ec40907