public static string[][] GetModulesFilenames(uint[] PIDs, string[] names, IntPtr[] handles)
{
var result = new List <string[]>();
var tmp = GetProcessModules(handles);
for (int i = 0; i < tmp.GetLength(0); i++)
{
if (tmp[i].Length == 0)
{
continue;
}
Psapi.MODULEINFO[] info = GetModuleInfo(handles[i], tmp[i]);
for (int j = tmp[i].Length - 1; j >= 0; j--)
{
var sb = new StringBuilder(255);
var size = Psapi.GetModuleFileNameEx(handles[i], new IntPtr(tmp[i][j]), sb, 255);
result.Add(new string[] { PIDs[i].ToString(),
names[i],
info[j].lpBaseOfDll.ToString(),
info[j].EntryPoint.ToString(),
info[j].SizeOfImage.ToString() + " б",
sb.ToString() });
}
}
return(result.ToArray());
}
public static string[] GetModulesInfo(IntPtr[] handles)
{
var result = new string[handles.Length];
var tmp = GetProcessModules(handles);
for (int i = 0; i < handles.Length; i++)
{
if (tmp[i].Length == 0)
{
result[i] = "";
continue;
}
Psapi.MODULEINFO info;
if (Psapi.GetModuleInformation(handles[i], new IntPtr(tmp[i][0]), out info,
(uint)Marshal.SizeOf(new Psapi.MODULEINFO())))
{
result[i] = info.SizeOfImage + " б";
while (result[i].Length < 30)
{
result[i] += " ";
}
}
}
return(result);
}
private static Psapi.MODULEINFO[] GetModuleInfo(IntPtr handle, uint[] modules)
{
var infos = new Psapi.MODULEINFO[modules.Length];
Psapi.MODULEINFO info;
for (int i = 0; i < modules.Length; i++)
{
if (Psapi.GetModuleInformation(handle,
new IntPtr(modules[i]),
out info,
(uint)Marshal.SizeOf(new Psapi.MODULEINFO())))
{
infos[i] = info;
}
else
{
infos[i] = new Psapi.MODULEINFO();
infos[i].EntryPoint = IntPtr.Zero;
infos[i].lpBaseOfDll = IntPtr.Zero;
infos[i].SizeOfImage = 0;
}
}
return(infos);
}
public static uint[] GetPIDs()
{
UInt32 size = 120,
bytes = size * sizeof(UInt32),
copy;
var PIDs = new UInt32[size];
bool success = Psapi.EnumProcesses(PIDs, bytes, out copy);
if (success && copy > 0)
{
copy >>= 2;
var result = new UInt32[copy];
for (int i = 0; i < copy; i++)
{
result[i] = PIDs[i];
}
return(result);
}
else
{
return(new UInt32[0]);
}
}
public static string[] GetProcessNames(IntPtr[] handles)
{
var result = new string[handles.Length];
var tmp = GetProcessModules(handles);
for (int i = 0; i < handles.Length; i++)
{
if (tmp[i].Length == 0)
{
result[i] = "";
continue;
}
var sb = new StringBuilder(255);
uint size = Psapi.GetModuleBaseName(handles[i], new IntPtr(tmp[i][0]), sb, 255);
result[i] = sb.ToString().Substring(0, (int)size);
}
return(result);
}
public static List <string[]> GetDriversInfo()
{
var result = new List <string[]>();
uint size, bytes, needed;
uint[] addresses;
bool success = Psapi.EnumDeviceDrivers(null, 0, out needed);
if (!success || needed == 0)
{
return(null);
}
size = needed >> 2;
bytes = needed;
addresses = new uint[size];
success = Psapi.EnumDeviceDrivers(addresses, bytes, out needed);
if (!success)
{
return(null);
}
for (int i = 0; i < size; i++)
{
var sb = new StringBuilder(1000);
int res = Psapi.GetDeviceDriverBaseName(addresses[i], sb, sb.Capacity);
result.Add(new string[] { addresses[i].ToString(), sb.ToString() });
}
return(result);
}
public static uint[][] GetProcessModules(IntPtr[] handles)
{
uint size = 1000,
bytes = size * sizeof(uint),
copy;
var result = new uint[size];
var full = new uint[handles.Length][];
for (int i = 0; i < handles.Length; i++)
{
Psapi.EnumProcessModules(handles[i], result, bytes, out copy);
copy >>= 2;
var tmp = new uint[copy];
for (int j = 0; j < copy; j++)
{
tmp[j] = result[j];
}
full[i] = tmp;
}
return(full);
}
