static bool collectModules(HashSet <string> s, IntPtr hProcess)
{
IntPtr[] mods = PsAPI.EnumProcessModulesWrapper(hProcess);
if (mods == null)
{
Console.WriteLine("Enum modules error: 0x{0:X}", Kernel32.GetLastError());
return(false);
}
foreach (IntPtr ptr in mods)
{
if (ptr == IntPtr.Zero)
{
continue;
}
string fname = PsAPI.GetModuleFileNameWrapper(hProcess, ptr).ToLower();
if (fname.EndsWith(".exe"))
{
continue;
}
string[] tmp = fname.Split("\\");
s.Add(tmp[tmp.Length - 1]);
}
return(true);
}
public string GetModuleFileName(IntPtr Module)
{
StringBuilder FileName = new StringBuilder(2048);
PsAPI.GetModuleFileNameEx(Proc, Module, FileName, FileName.MaxCapacity);
return(FileName.ToString());
}
// The bulk of the clean-up code is implemented in Dispose(bool)
/// <summary>
/// This Dispose is called from the Dispose and the Destructor.
/// When disposing==true all non-managed resources should be freed too!
/// </summary>
/// <param name="disposing"></param>
protected virtual void Dispose(bool disposing)
{
if (disposing)
{
// Cleanup
}
// Unfortunately we can't dispose the capture, this might still be used somewhere else.
_windows = null;
_selectedCaptureWindow = null;
_capture = null;
// Empty working set after capturing
if (CoreConfig.MinimizeWorkingSetSize)
{
PsAPI.EmptyWorkingSet();
}
}
