procedure NewProcess(ProcessID: DWORD);
var
I: Integer;
Count: DWORD;
ProcHand: THandle;
ModHandles: array[0..$3FFF - 1] of DWORD;
ModInfo: TModuleInfo;
ModName: array[0..MAX_PATH] of char;
Item: TListItem;
begin
FProcessID:=ProcessID;
ProcHand := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, False,
ProcessID);
if ProcHand = 0 then
raise Exception.Create('No information available for this process/driver');
try
EnumProcessModules(ProcHand, @ModHandles, SizeOf(ModHandles), Count);
for I := 0 to (Count div SizeOf(DWORD)) - 1 do
if (GetModuleFileNameEx(ProcHand, ModHandles[I], ModName,
SizeOf(ModName)) > 0) and GetModuleInformation(ProcHand,
ModHandles[I], @ModInfo, SizeOf(ModInfo)) then
with ModInfo do
begin
Item:=lvMoudle.Items.Add;
Item.Caption:=ModName;
Item.SubItems.Add(IntToHex(DWord(lpBaseOfDll),8));
Item.SubItems.Add(IntToHex(DWord(SizeOfImage),8));
Item.SubItems.Add(IntToHex(DWord(EntryPoint),8));
end;
end;
finally
CloseHandle(ProcHand);
end;
end;
var
I: Integer;
Count: DWORD;
ProcHand: THandle;
ModHandles: array[0..$3FFF - 1] of DWORD;
ModInfo: TModuleInfo;
ModName: array[0..MAX_PATH] of char;
Item: TListItem;
begin
FProcessID:=ProcessID;
ProcHand := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, False,
ProcessID);
if ProcHand = 0 then
raise Exception.Create('No information available for this process/driver');
try
EnumProcessModules(ProcHand, @ModHandles, SizeOf(ModHandles), Count);
for I := 0 to (Count div SizeOf(DWORD)) - 1 do
if (GetModuleFileNameEx(ProcHand, ModHandles[I], ModName,
SizeOf(ModName)) > 0) and GetModuleInformation(ProcHand,
ModHandles[I], @ModInfo, SizeOf(ModInfo)) then
with ModInfo do
begin
Item:=lvMoudle.Items.Add;
Item.Caption:=ModName;
Item.SubItems.Add(IntToHex(DWord(lpBaseOfDll),8));
Item.SubItems.Add(IntToHex(DWord(SizeOfImage),8));
Item.SubItems.Add(IntToHex(DWord(EntryPoint),8));
end;
end;
finally
CloseHandle(ProcHand);
end;
end;
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货