I want to get executable path of csrss process. I enabled privileges, but GetLastError() function returns error 5 in OpenProcess. I'm running Visual Studio as administrator and compiling program in 64bit mode, also I'm using Windows 8. Thanks to all.
HANDLE hcurrentProcess=GetCurrentProcess();
HANDLE hToken;
size_t error;
if (!OpenProcessToken(hcurrentProcess, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
return nullptr;
if (CheckTokenPrivilege(hcurrentProcess, SE_DEBUG_NAME)) {
LUID luid;
if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid))
return nullptr;
TOKEN_PRIVILEGES newState,prvsState;
DWORD length;
newState.PrivilegeCount = 1;
newState.Privileges[0].Luid = luid;
newState.Privileges[0].Attributes = 2;
AdjustTokenPrivileges(hToken, FALSE, &newState, 28, &prvsState, &length);
error = GetLastError(); //error = 0
if (error == ERROR_NOT_ALL_ASSIGNED)
return nullptr;
//OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, 876); also error 5
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, 876);
error = GetLastError(); } // error 5 Access is denied
Systemin order to OpenProcess on csrss.exe – josh poleyPROCESS_ALL_ACCESSjust to query process statistics. This is like asking for power of attorney so you can see what books they have overdue from the library. – Raymond Chen