public static MemoryFileSystem BeginDump(string fileName, MfsOpenMode mode)
{
MemoryFileSystem mfs = new MemoryFileSystem(fileName, mode);
using (MemoryObject sysinfo = mfs.RootObject.CreateChild("SystemInformation"))
{
BinaryWriter bw = new BinaryWriter(sysinfo.GetWriteStream());
bw.Write("ProcessHackerVersion", Application.ProductVersion);
bw.Write("OSVersion", Environment.OSVersion.VersionString);
bw.Write("Architecture", (int)OSVersion.Architecture);
bw.Write("UserName", Sid.CurrentUser.GetFullName(true));
bw.Write("Time", DateTime.Now);
bw.Close();
}
mfs.RootObject.CreateChild("Processes").Dispose();
mfs.RootObject.CreateChild("Services").Dispose();
mfs.RootObject.CreateChild("Network").Dispose();
return(mfs);
}