不通过getModuleFileNameEx获取各种系统进程的路径 [英] Not getting path of various System Processes by getModuleFileNameEx
本文介绍了不通过getModuleFileNameEx获取各种系统进程的路径的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我已经创建了这个函数来获取各种网络进程的路径,如svchost,firefox等。这里是代码:
I have created this function to get the path of various network processes , like svchost, firefox etc. Here is the code:
function GetProcessPath(var pId:Integer):String;
var
Handle: THandle;
begin
Result := '';
try
Handle := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, False, pID);
if Handle <> 0 then
begin
try
SetLength(Result, MAX_PATH);
if GetModuleFileNameEx(Handle, 0, PChar(Result), MAX_PATH) > 0 then
SetLength(Result, StrLen(PChar(Result)))
else
Result := '';
finally
CloseHandle(Handle);
end;
end;
except
on E:Exception do
ShowMessage(E.ClassName+':'+E.Message);
end;
end;
我的问题是我没有获得所有进程的路径。它适用于获取Firefox的路径和其他类似的用户级进程。但是对于像alg,Svchost这样的进程,我无法通过这种方法获得路径。我的猜测是我必须使用一些差异。 API。请帮助我在这方面。
My problem is that i do not get path of all the processes. It works fine for Getting path of firefox, and other similiar user level processes. But for processes like alg, Svchost, i cannot get the Path by this method. My guess is i must use some diff. API. Please help me in this regard.
感谢提前
推荐答案
你需要设置调试权限这里是如何完成
You need to set debug privileges here is how is done
function NTSetPrivilege(sPrivilege: string; bEnabled: Boolean): Boolean;
var
hToken: THandle;
TokenPriv: TOKEN_PRIVILEGES;
PrevTokenPriv: TOKEN_PRIVILEGES;
ReturnLength: Cardinal;
begin
Result := True;
// Only for Windows NT/2000/XP and later.
if not (Win32Platform = VER_PLATFORM_WIN32_NT) then Exit;
Result := False;
// obtain the processes token
if OpenProcessToken(GetCurrentProcess(),
TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, hToken) then
begin
try
// Get the locally unique identifier (LUID) .
if LookupPrivilegeValue(nil, PChar(sPrivilege),
TokenPriv.Privileges[0].Luid) then
begin
TokenPriv.PrivilegeCount := 1; // one privilege to set
case bEnabled of
True: TokenPriv.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
False: TokenPriv.Privileges[0].Attributes := 0;
end;
ReturnLength := 0; // replaces a var parameter
PrevTokenPriv := TokenPriv;
// enable or disable the privilege
AdjustTokenPrivileges(hToken, False, TokenPriv, SizeOf(PrevTokenPriv),
PrevTokenPriv, ReturnLength);
end;
finally
CloseHandle(hToken);
end;
end;
end;
NtSetPrivilege('SeDebugPrivilege',TRUE);//call this on form create
这篇关于不通过getModuleFileNameEx获取各种系统进程的路径的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文