Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <Windows.h>
- #include <stdio.h>
- // Project Build Configuration:
- // - Linker / Manifest File / UAC Execution Level : requireAdministrator
- //------------------------------------------------------------------------ NTDLL
- typedef enum _SYSTEM_INFORMATION_CLASS
- {
- SystemFileCacheInformation = 21,
- SystemMemoryListInformation = 80
- };
- typedef struct _SYSTEM_FILECACHE_INFORMATION
- {
- SIZE_T CurrentSize;
- SIZE_T PeakSize;
- ULONG PageFaultCount;
- SIZE_T MinimumWorkingSet;
- SIZE_T MaximumWorkingSet;
- SIZE_T CurrentSizeIncludingTransitionInPages;
- SIZE_T PeakSizeIncludingTransitionInPages;
- ULONG TransitionRePurposeCount;
- ULONG Flags;
- } SYSTEM_FILECACHE_INFORMATION, *PSYSTEM_FILECACHE_INFORMATION;
- typedef enum _SYSTEM_MEMORY_LIST_COMMAND
- {
- MemoryCaptureAccessedBits,
- MemoryCaptureAndResetAccessedBits,
- MemoryEmptyWorkingSets,
- MemoryFlushModifiedList,
- MemoryPurgeStandbyList,
- MemoryPurgeLowPriorityStandbyList,
- MemoryCommandMax
- } SYSTEM_MEMORY_LIST_COMMAND;
- NTSTATUS (NTAPI *NtSetSystemInformation)(
- __in _SYSTEM_INFORMATION_CLASS SystemInformationClass,
- __in_bcount_opt(SystemInformationLength) PVOID SystemInformation,
- __in ULONG SystemInformationLength);
- //-------------------------------------------------------------------- Privilege
- BOOL SetPrivilege(HANDLE hToken, LPCTSTR lpszPrivilege, BOOL bEnablePrivilege)
- {
- TOKEN_PRIVILEGES tp;
- LUID luid;
- if (!LookupPrivilegeValue(NULL, lpszPrivilege, &luid))
- return FALSE;
- tp.PrivilegeCount = 1;
- tp.Privileges[0].Luid = luid;
- tp.Privileges[0].Attributes = bEnablePrivilege ? SE_PRIVILEGE_ENABLED : 0;
- if (!AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, (PDWORD)NULL))
- return FALSE;
- if (GetLastError() == ERROR_NOT_ALL_ASSIGNED)
- return FALSE;
- return TRUE;
- }
- //------------------------------------------------------------------------- Main
- int wmain(int argc, const wchar_t* argv[])
- {
- // Get NtSetSystemInformation
- HMODULE ntdll = LoadLibrary(L"NTDLL.DLL");
- if (ntdll == NULL)
- return 1;
- *(void**)(&NtSetSystemInformation) = GetProcAddress(ntdll, "NtSetSystemInformation");
- if (NtSetSystemInformation == NULL)
- return 2;
- // Get Process Token
- HANDLE processToken;
- if (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &processToken) == FALSE)
- return 3;
- // Clear FileCache WorkingSet
- if (SetPrivilege(processToken, L"SeIncreaseQuotaPrivilege", TRUE))
- {
- SYSTEM_FILECACHE_INFORMATION info;
- ZeroMemory(&info, sizeof(info));
- info.MinimumWorkingSet = -1;
- info.MaximumWorkingSet = -1;
- NTSTATUS ret = NtSetSystemInformation(SystemFileCacheInformation, &info, sizeof(info));
- if (ret >= 0)
- printf("Flush FileCache WorkingSet : ok\n");
- }
- // Purge Memory Standby
- if (SetPrivilege(processToken, L"SeProfileSingleProcessPrivilege", TRUE))
- {
- SYSTEM_MEMORY_LIST_COMMAND command = MemoryPurgeStandbyList;
- NTSTATUS ret = NtSetSystemInformation(SystemMemoryListInformation, &command, sizeof(command));
- if (ret >= 0)
- printf("Purge Memory Standby : ok\n");
- }
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
