function GetPathFileofModule(ModuleName:String):String; //枚举进程文件所在路径 var hProcSnap: THandle; pProcess: THandle; pe32: TProcessEntry32; buf:array[0..MAX_PATH] of char; hMod:HMODULE; cbNeeded:DWORD; begin hProcSnap := CreateToolHelp32SnapShot(TH32CS_SNAPALL, 0); if hProcSnap = INVALID_HANDLE_VALUE then Exit; pe32.dwSize := SizeOf(ProcessEntry32); if Process32First(hProcSnap, pe32) = True then while Process32Next(hProcSnap, pe32) = True do begin if uppercase(pe32.szExeFile)=uppercase(ModuleName) then begin pProcess:=OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, FALSE, pe32.th32ProcessID); if pProcess<>0 then begin if EnumProcessModules( pProcess,@hMod,sizeof(hMod),cbNeeded) then begin ZeroMemory(@buf,MAX_PATH+1); GetModuleFileNameEx(pProcess, hMod,buf,MAX_PATH+1); Result:=strpas(buf); end; end; end; end; CloseHandle(hProcSnap); end;
----------------------------------------------
-
function GetProgramFileNameByProcessName(ProcessName: string; var FileName: string): Boolean; var lsFound: Boolean; AHandle: THandle; ProcessEntry32: TProcessEntry32; APath: string; begin Result := False; FileName := ''; AHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); try ProcessEntry32.dwSize := Sizeof(ProcessEntry32); lsFound := Process32First(AHandle, ProcessEntry32); while lsFound do begin GetProgramFileNameByProcessID(ProcessEntry32.th32ProcessID, APath); if (UpperCase(ExtractFileName(APath)) = UpperCase(ProcessName)) or (UpperCase(APath) = UpperCase(ProcessName)) then begin FileName := APath; Result := True; break; end; lsFound := Process32Next(AHandle, ProcessEntry32); end; finally CloseHandle(AHandle); end; end;
win7 64 没有问题 明天看看 win10 64。
function GetProgramFileNameByProcessName(ProcessName: string; var FileName: string; SessionIDToCheck: DWORD = $FFFFFFFF): Boolean; var lsFound: Boolean; AHandle: THandle; ProcessEntry32: TProcessEntry32; APath: string; begin Result := False; FileName := ''; AHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); try ProcessEntry32.dwSize := Sizeof(ProcessEntry32); lsFound := Process32First(AHandle, ProcessEntry32); while lsFound do begin GetProgramFileNameByProcessID(ProcessEntry32.th32ProcessID, APath); if (UpperCase(ExtractFileName(APath)) = UpperCase(ProcessName)) or (UpperCase(APath) = UpperCase(ProcessName)) then begin if CheckSessionID(ProcessEntry32, SessionIDToCheck) then begin FileName := APath; Result := True; break; end; end; lsFound := Process32Next(AHandle, ProcessEntry32); end; finally CloseHandle(AHandle); end; end; 这个是 多一个无意义的判断版本。
----------------------------------------------
(C)(P)Flying Wang
function NazwaProcesu(const uchwyt: Thandle): string; type TQueryFullProcessImageName = function(hProcess: Thandle; dwFlags: DWORD; lpExeName: PChar; nSize: PDWORD): BOOL; stdcall; var pid: DWORD; hProcess: Thandle; sciezka: array [0 .. MAX_PATH - 1] of Char; QueryFullProcessImageName: TQueryFullProcessImageName; nSize: cardinal; begin Result := ''; GetWindowThreadProcessId(uchwyt, pid); hProcess := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, false, pid); if hProcess <> 0 then try if GetModuleFileNameEX(hProcess, 0, sciezka, MAX_PATH) <> 0 then Result := sciezka else if Win32MajorVersion >= 6 then begin nSize := MAX_PATH; ZeroMemory(@sciezka, MAX_PATH); @QueryFullProcessImageName := GetProcAddress(GetModuleHandle('kernel32'), 'QueryFullProcessImageNameW'); if Assigned(QueryFullProcessImageName) then if QueryFullProcessImageName(hProcess, 0, sciezka, @nSize) then Result := sciezka end; finally CloseHandle(hProcess); end; end;
function GetProgramFileNameByProcessID(ProcessID: ULONG; var FileName: string; RaiseOSError: Boolean = False): Boolean; var FHandle: THandle; VBufSize: DWORD; begin Result := False; FileName := ''; FHandle := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, False, ProcessID); VBufSize := MAX_PATH * MAX_PATH; SetLength(FileName, VBufSize); if TOSVersion.Check(6) then begin if (not QueryFullProcessImageName(FHandle, 0, PChar(FileName), VBufSize)) and RaiseOSError then begin RaiseLastOSError; exit; end; end else begin if TOSVersion.Check(5, 1) then begin VBufSize := GetModuleFileNameEx(FHandle, 0, PChar(FileName), VBufSize); fSize); end else begin VBufSize := GetModuleFileName(FHandle, PChar(FileName), VBufSize); end; if (VBufSize = 0) and RaiseOSError then begin RaiseLastOSError; exit; end; end; SetLength(FileName, VBufSize); FileName := FileName.Trim; Result := True; end;
结合 4 楼 的第一个函数。
QueryFullProcessImageName 函数定义。
function QueryFullProcessImageNameA(hProcess: THandle; dwFlags: DWORD; lpExeName: LPSTR; var nSize: DWORD): BOOL; stdcall; external kernelbase name 'QueryFullProcessImageNameA' delayed; {$EXTERNALSYM QueryFullProcessImageNameA} function QueryFullProcessImageNameW(hProcess: THandle; dwFlags: DWORD; lpExeName: LPWSTR; var nSize: DWORD): BOOL; stdcall; external kernelbase name 'QueryFullProcessImageNameW' delayed; {$EXTERNALSYM QueryFullProcessImageNameW} function QueryFullProcessImageName(hProcess: THandle; dwFlags: DWORD; lpExeName: LPTSTR; var nSize: DWORD): BOOL; stdcall; external kernelbase name 'QueryFullProcessImageNameW' delayed; {$EXTERNALSYM QueryFullProcessImageName}
----------------------------------------------
(C)(P)Flying Wang
type 下增加: function QueryFullProcessImageNameW(Process: THandle; Flags: DWORD; Buffer: PChar; Size: PDWORD): Boolean; stdcall; external 'kernel32.dll';
uses psapi,TLhelp32;
Function GetPID(ProcessName:String):String; var h:thandle; f:boolean; lppe:tprocessentry32; begin h := CreateToolhelp32Snapshot(TH32cs_SnapProcess, 0); lppe.dwSize := sizeof(lppe); f := Process32First(h, lppe); while integer(f) <> 0 do begin if lppe.szExeFile = ProcessName then begin Result:=(inttostr(lppe.th32ProcessID)); break; end; f := Process32Next(h, lppe); end; end;
function GetProcessExeFullPath(PID: Cardinal): string; const PROCESS_QUERY_LIMITED_INFORMATION = $1000; var pHandle: THandle; buf: array[0..MAX_PATH-1] of Char; STR_SIZE : DWORD;
begin // pHandle := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, False, PID); // 用以上权限不能获取SYSTEM进程的路径 pHandle := OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, False, PID); STR_SIZE := Length(Buf); QueryFullProcessImageNameW(pHandle, 0, @buf, @STR_SIZE); CloseHandle(pHandle); Result := buf; end;