怎样判断一个进程是系统进程还是用户进程 怎样判断一个进程是系统进程还是用户进程,其实可行的方法,网上查看了几种都不怎么行。 解决方案 » 免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货 即 我想获取指定进程中的用户信息。看到一个源代码如下:unit Unit1;interface uses Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, Dialogs,TLHelp32,Psapi, StdCtrls;type TForm1 = class(TForm) ListBox1: TListBox;procedure FormCreate(Sender: TObject); private { Private declarations } public { Public declarations } end;var Form1: TForm1; implementation Type _TOKEN_USER = Recorduser:SID_AND_ATTRIBUTES;end; TTokenUser = ^_TOKEN_USER; {$R *.dfm} procedure TForm1.FormCreate(Sender: TObject); var TokenHandle : Thandle; Tkp : TTokenPrivileges; Zero : DWORD; SnapShotHandle : Thandle; Ft : Bool; PEntry : TProcessEntry32; ProHandle : Thandle ; TokenInfo : TTokenUser; CbTokenInfo : DWORD; UserName ,DName: String; CbUserName,CbDName: DWORD; St : SID_NAME_USE;begin OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY,TokenHandle);//提升权限 LookUpPrivilegeValue(nil, 'SeDebugPrivilege ',Tkp.privileges[0].Luid); Tkp.PrivilegeCount := 1 ; Tkp.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED ; AdjustTokenPrivileges(TokenHandle,False,Tkp,sizeof(Tkp),nil,Zero); SnapShotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);//枚举进程 PEntry.dwSize := Sizeof(TProcessEntry32); Ft := Process32First(SnapShotHandle,PEntry); while Ft do Begin ProHandle := OpenProcess(PROCESS_ALL_ACCESS,False,PEntry.th32ProcessID ); OpenProcessToken(ProHandle,TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY or TOKEN_READ, TokenHandle);//获取进程用户名 GetTokenInformation(TokenHandle,TokenUser,@TokenInfo,Sizeof(TTokenUser),CbTokenInfo); SetLength(UserName,CbUserName); SetLength(DName,CbDName); LookupAccountSid(nil, TokenInfo.user.Sid, Pchar(UserName), CbUserName, Pchar(DName), CbDName, St); UserName := PChar(UserName); Listbox1.Items.add(UserName); Ft := Process32Next(SnapShotHandle,PEntry); end;end;end. 执行到 LookupAccountSid(nil, TokenInfo.user.Sid, Pchar(UserName), CbUserName, Pchar(DName), CbDName, St);这句出错,不知道为什么,忘高手指正 真正的答案是:没有办法。事实上,每个人对“系统进程”都会有不同的范围观念,难道你认为微软创建的进程就是系统进程?而在我的眼里,explorer.exe 都不算是系统进程。如果你自己非要做这个区分,用个列表好了,把你认为是的通通加进去,不在其中的一概认为是用户进程。 你的程序里缺少无数的错误检查,所以才会有崩溃。改过以后的代码如下:unit Unit1;interfaceuses Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, Dialogs, TLHelp32, Psapi, StdCtrls;type TForm1 = class(TForm) ListBox1: TListBox; procedure FormCreate(Sender: TObject); private { Private declarations } public { Public declarations } end;var Form1: TForm1;implementationType _TOKEN_USER = Record user: SID_AND_ATTRIBUTES; end; TTokenUser = ^_TOKEN_USER;{$R *.dfm}procedure TForm1.FormCreate(Sender: TObject);var TokenHandle : THandle; Tkp : TTokenPrivileges; Zero : DWORD; SnapShotHandle : THandle; Ft : Bool; PEntry : TProcessEntry32; ProHandle : THandle; TokenInfo : TTokenUser; CbTokenInfo : DWORD; UserName, DName: String; CbUserName, CbDName: DWORD; St : SID_NAME_USE;begin if not LookupPrivilegeValue(nil, 'SeDebugPrivilege', Tkp.privileges[0].Luid) then Exit; Tkp.PrivilegeCount := 1; Tkp.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED; // 提升权限 if not OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, TokenHandle) then Exit; if not AdjustTokenPrivileges(TokenHandle, False, Tkp, sizeof(Tkp), nil, Zero) then begin CloseHandle(TokenHandle); Exit; end; CloseHandle(TokenHandle); SnapShotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); // 枚举进程 PEntry.dwSize := Sizeof(TProcessEntry32); Ft := Process32First(SnapShotHandle, PEntry); while Ft do Begin ProHandle := OpenProcess(PROCESS_ALL_ACCESS, False, PEntry.th32ProcessID); if ProHandle <> 0 then begin // 获取进程用户名 if OpenProcessToken(ProHandle, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY or TOKEN_READ, TokenHandle) then begin if GetTokenInformation(TokenHandle, TokenUser, @TokenInfo, sizeof(TTokenUser), CbTokenInfo) then begin SetLength(UserName, CbUserName); SetLength(DName, CbDName); LookupAccountSid(nil, TokenInfo.user.Sid, PChar(UserName), CbUserName, PChar(DName), CbDName, St); UserName := PChar(UserName); Listbox1.Items.add(UserName); end; CloseHandle(TokenHandle); end else CbTokenInfo := GetLastError(); CloseHandle(ProHandle); end; Ft := Process32Next(SnapShotHandle, PEntry); end;end;end. 请大家帮助我修改一个程序 高手请帮忙啊(在线等待) 怎么将这段C代码转为的Delphi的? 过年了。祝大家新年快乐。(散分) 【求教】请问调色板存储的问题 求delphi6 的简介 StringGrid里有数据,如何打印出来;看了很多帖子,依旧没有完整的较好解决方法 菜鸟的2个too easy 的问题 谁能推荐一款电子邮件服务器,具体要求内详~~~ 怎么把数据库中char类型自动加一.怎么把char类型转换为string 其它类型 关于数据库存图片 Delphi 版本控制工具选择
看到一个源代码如下:
unit Unit1;interface uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs,TLHelp32,Psapi, StdCtrls;type
TForm1 = class(TForm)
ListBox1: TListBox;
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;var
Form1: TForm1; implementation Type
_TOKEN_USER = Record
user:SID_AND_ATTRIBUTES;
end;
TTokenUser = ^_TOKEN_USER;
{$R *.dfm} procedure TForm1.FormCreate(Sender: TObject);
var
TokenHandle : Thandle;
Tkp : TTokenPrivileges;
Zero : DWORD;
SnapShotHandle : Thandle;
Ft : Bool;
PEntry : TProcessEntry32;
ProHandle : Thandle ;
TokenInfo : TTokenUser;
CbTokenInfo : DWORD;
UserName ,DName: String;
CbUserName,CbDName: DWORD;
St : SID_NAME_USE;
begin
OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY,TokenHandle);//提升权限
LookUpPrivilegeValue(nil, 'SeDebugPrivilege ',Tkp.privileges[0].Luid);
Tkp.PrivilegeCount := 1 ;
Tkp.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED ;
AdjustTokenPrivileges(TokenHandle,False,Tkp,sizeof(Tkp),nil,Zero);
SnapShotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);//枚举进程
PEntry.dwSize := Sizeof(TProcessEntry32);
Ft := Process32First(SnapShotHandle,PEntry);
while Ft do
Begin
ProHandle := OpenProcess(PROCESS_ALL_ACCESS,False,PEntry.th32ProcessID );
OpenProcessToken(ProHandle,TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY or TOKEN_READ, TokenHandle);//获取进程用户名
GetTokenInformation(TokenHandle,TokenUser,@TokenInfo,Sizeof(TTokenUser),CbTokenInfo);
SetLength(UserName,CbUserName);
SetLength(DName,CbDName);
LookupAccountSid(nil, TokenInfo.user.Sid, Pchar(UserName), CbUserName, Pchar(DName), CbDName, St);
UserName := PChar(UserName);
Listbox1.Items.add(UserName);
Ft := Process32Next(SnapShotHandle,PEntry);
end;end;
end.
执行到 LookupAccountSid(nil, TokenInfo.user.Sid, Pchar(UserName), CbUserName, Pchar(DName), CbDName, St);这句出错,不知道为什么,忘高手指正
unit Unit1;interfaceuses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, TLHelp32, Psapi, StdCtrls;type
TForm1 = class(TForm)
ListBox1: TListBox;
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;var
Form1: TForm1;implementationType
_TOKEN_USER = Record
user: SID_AND_ATTRIBUTES;
end; TTokenUser = ^_TOKEN_USER;{$R *.dfm}procedure TForm1.FormCreate(Sender: TObject);
var
TokenHandle : THandle;
Tkp : TTokenPrivileges;
Zero : DWORD;
SnapShotHandle : THandle;
Ft : Bool;
PEntry : TProcessEntry32;
ProHandle : THandle;
TokenInfo : TTokenUser;
CbTokenInfo : DWORD;
UserName, DName: String;
CbUserName, CbDName: DWORD;
St : SID_NAME_USE;begin
if not LookupPrivilegeValue(nil, 'SeDebugPrivilege', Tkp.privileges[0].Luid) then
Exit; Tkp.PrivilegeCount := 1;
Tkp.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED; // 提升权限
if not OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, TokenHandle) then
Exit; if not AdjustTokenPrivileges(TokenHandle, False, Tkp, sizeof(Tkp), nil, Zero) then
begin
CloseHandle(TokenHandle);
Exit;
end; CloseHandle(TokenHandle); SnapShotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); // 枚举进程
PEntry.dwSize := Sizeof(TProcessEntry32);
Ft := Process32First(SnapShotHandle, PEntry);
while Ft do
Begin
ProHandle := OpenProcess(PROCESS_ALL_ACCESS, False, PEntry.th32ProcessID);
if ProHandle <> 0 then
begin
// 获取进程用户名
if OpenProcessToken(ProHandle, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY or TOKEN_READ, TokenHandle) then
begin
if GetTokenInformation(TokenHandle, TokenUser, @TokenInfo, sizeof(TTokenUser), CbTokenInfo) then
begin
SetLength(UserName, CbUserName);
SetLength(DName, CbDName);
LookupAccountSid(nil, TokenInfo.user.Sid, PChar(UserName), CbUserName, PChar(DName), CbDName, St); UserName := PChar(UserName);
Listbox1.Items.add(UserName);
end; CloseHandle(TokenHandle);
end
else
CbTokenInfo := GetLastError(); CloseHandle(ProHandle);
end; Ft := Process32Next(SnapShotHandle, PEntry);
end;
end;
end.