我想找到系统进程的可执行路径,我正在遵循WMI方法,我使用Process.EnterDebugMode()为我的进程获取访问OS进程属性的权限,但仍然在我调用ManagementObject.GetPropertyValue(“ExecutablePath”时“)返回null,我正在尝试使用smss.exe进程。
以下是代码:
static void Main(string[] args)
{
int processID = 536; // Just trying with the PID of smss.exe running in my system
System.Diagnostics.Process.EnterDebugMode();
ConnectionOptions options = new ConnectionOptions();
options.EnablePrivileges = true;
options.Impersonation = ImpersonationLevel.Impersonate;
ManagementScope scope = new ManagementScope(@"\\.\root\cimv2", options);
string NameProperty = "Name";
string PidProperty = "ProcessId";
string FullPathProperty = "ExecutablePath";
string query;
query = string.Format("select {0}, {1}, {2} from Win32_Process where {1} = {3}", NameProperty, PidProperty, FullPathProperty, processID);
ObjectQuery objectQuery = new ObjectQuery(query);
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, objectQuery);
foreach (ManagementObject processEntry in searcher.Get())
{
if (processEntry.GetPropertyValue(PidProperty) != null)
{
int value = Convert.ToInt32(processEntry.GetPropertyValue(PidProperty));
if (value == processID)
{
if (processEntry.GetPropertyValue(FullPathProperty) != null)
{
System.Windows.Forms.MessageBox.Show(processEntry[FullPathProperty].ToString());
}
}
}
}
}
答案 0 :(得分:0)
您无法使用smss.exe获取wmi流程的此信息:
wmic process where "Caption='smss.exe'" get /value
以上命令以及任务管理器显示为空CommandLine和ExecutablePath:
==> wmic process where "Caption='smss.exe'" get Caption, CommandLine, ExecutablePath, ProcessID
Caption CommandLine ExecutablePath ProcessId
smss.exe 248
但是,您可以使用where command获取smss.exe(无用)的可执行路径:
==> where smss.exe
C:\Windows\System32\smss.exe
Critical System Services MSDN文章中的详细信息。
关键系统服务无法停止并重新启动 重启管理器,无需重启系统。更新任何文件或 其中一个服务使用的资源需要重新启动系统。