如何检测从64位Windows 7驱动程序层开始的进程. [英] How to detect a process starting in 64-bit windows 7 driver's layer.

问题描述

我想检测一个从64位Windows 7驱动程序层开始的进程.我可以在32位Windows 7操作系统中通过Hook技术检测到它.但是，现在64位Windows 7中不支持Hook技术.有什么建议吗?

I want to detect a process starting in 64-bit windows 7 driver''s layer. I can detect it by Hook technology in 32-bit windows 7 os. But now Hook technology isn''t supported in 64-bit windows 7. Any suggestions please?

推荐答案

您可以使用IsWow64Process函数进行检查.请查看此链接以获取更多信息:
http://msdn.microsoft.com/en-us/library/ms684139.aspx [ ^ ]

祝你好运！

You can just check it using the IsWow64Process function. Check out this link for more info:
http://msdn.microsoft.com/en-us/library/ms684139.aspx[^]

Good luck!

这篇关于如何检测从64位Windows 7驱动程序层开始的进程.的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！