| 16 |
[DllImport("kernel32.dll")] |
[DllImport("kernel32.dll")] |
| 17 |
static extern int ResumeThread(IntPtr hThread); |
static extern int ResumeThread(IntPtr hThread); |
| 18 |
|
|
| 19 |
|
[DllImport("kernel32.dll")] |
| 20 |
|
public static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess, bool bInheritHandle, uint dwProcessId); |
| 21 |
[DllImport("advapi32.dll", SetLastError = true)] |
[DllImport("advapi32.dll", SetLastError = true)] |
| 22 |
public static extern bool OpenProcessToken(IntPtr ProcessHandle, UInt32 DesiredAccess, out IntPtr TokenHandle); |
public static extern bool OpenProcessToken(IntPtr ProcessHandle, UInt32 DesiredAccess, out IntPtr TokenHandle); |
| 23 |
[DllImport("kernel32.dll", SetLastError = true)] |
[DllImport("kernel32.dll", SetLastError = true)] |
| 24 |
[return: MarshalAs(UnmanagedType.Bool)] |
[return: MarshalAs(UnmanagedType.Bool)] |
| 25 |
public static extern bool CloseHandle(IntPtr hObject); |
public static extern bool CloseHandle(IntPtr hObject); |
|
[DllImport("psapi.dll", CallingConvention = CallingConvention.StdCall, CharSet = CharSet.Unicode)] |
|
|
static extern uint GetModuleFileNameEx(IntPtr hProcess, IntPtr hModule, [Out] StringBuilder lpBaseName, uint nSize); |
|
| 26 |
|
|
|
[DllImport("psapi.dll", CallingConvention = CallingConvention.StdCall, SetLastError = true)] |
|
|
public static extern int EnumProcessModules(IntPtr hProcess, [Out] IntPtr lphModule, uint cb, out uint lpcbNeeded); |
|
| 27 |
|
|
| 28 |
public static void SuspendProcess(int PID) |
public static void SuspendProcess(int PID) |
| 29 |
{ |
{ |
| 64 |
IsSystem = false; |
IsSystem = false; |
| 65 |
try |
try |
| 66 |
{ |
{ |
| 67 |
ThreadControl.OpenProcessToken(handle, (uint)ThreadAccess.PROCESS_TOKEN_QUERY, out ph); |
ThreadControl.OpenProcessToken(handle, (uint)ProcessTokenFlags.TOKEN_QUERY, out ph); |
| 68 |
WindowsIdentity wi = new WindowsIdentity(ph); |
WindowsIdentity wi = new WindowsIdentity(ph); |
| 69 |
IsSystem = wi.IsSystem; |
IsSystem = wi.IsSystem; |
| 70 |
string name = wi.Name; |
string name = wi.Name; |
| 82 |
} |
} |
| 83 |
return ""; |
return ""; |
| 84 |
} |
} |
|
|
|
|
public static string GetProcessFilename(Process proc) |
|
|
{ |
|
|
string filename = ""; |
|
|
Process[] procs = new Process[] { proc }; |
|
|
int mainModuleIndex = 0; |
|
|
foreach (Process p in procs) |
|
|
{ |
|
|
// Setting up the variable for the second argument for EnumProcessModules |
|
|
IntPtr[] hMods = new IntPtr[1024]; |
|
|
|
|
|
GCHandle gch = GCHandle.Alloc(hMods, GCHandleType.Pinned); // Don't forget to free this later |
|
|
IntPtr pModules = gch.AddrOfPinnedObject(); |
|
|
|
|
|
// Setting up the rest of the parameters for EnumProcessModules |
|
|
uint uiSize = (uint)(Marshal.SizeOf(typeof(IntPtr)) * (hMods.Length)); |
|
|
uint cbNeeded = 0; |
|
|
|
|
|
if (EnumProcessModules(p.Handle, pModules, uiSize, out cbNeeded) == 1) |
|
|
{ |
|
|
Int32 uiTotalNumberofModules = (Int32)(cbNeeded / (Marshal.SizeOf(typeof(IntPtr)))); |
|
|
|
|
|
for (int i = 0; i < (int)uiTotalNumberofModules; i++) |
|
|
{ |
|
|
StringBuilder strbld = new StringBuilder(1024); |
|
|
|
|
|
GetModuleFileNameEx(p.Handle, hMods[i], strbld, (uint)(strbld.Capacity)); |
|
|
filename = strbld.ToString(); |
|
|
if (i == mainModuleIndex) |
|
|
break; |
|
|
} |
|
|
//Console.WriteLine("Number of Modules: " + uiTotalNumberofModules); |
|
|
//Console.WriteLine(); |
|
|
} |
|
|
|
|
|
// Must free the GCHandle object |
|
|
gch.Free(); |
|
|
} |
|
|
return filename; |
|
|
} |
|
| 85 |
} |
} |
| 86 |
} |
} |
Parent Directory
| 
Revision Log
| 
Patch