Get Process Full path Code
DKOM 방식 char* ProcessNameByPid(IN ULONG Pid) { NTSTATUS status; ANSI_STRING ansi_filepath; PEPROCESS pCurProcess; UNICODE_STRING fullUniName; ULONG Index; char FilePath[256]; POBJECT_NAME_INFORMATION pObjNameInfo =NULL; char* Dos[12]={"C:","D:","E:","F:","G:","H:","I:","J","K","L:","M:","N:"}; status = PsLookupProcessByProcessId((HANDLE)Pid,&pCurProcess); if(!NT_SUCCESS(status)) { DbgPrint("FAIL..
2008. 10. 2.