[ApxaHGe1]

Решение найдено в интернете ) мало ли кому пригодится

Код:

{$APPTYPE CONSOLE}
program getcommline; uses windows;

// ported C program to Delphi.  Returns exact command-line used in calling program, including command-line parms.
  type
    TUnicodeString = record
      Length: ShortInt;
      MaxLength: ShortInt;
      Buffer: PWideChar;
    end;
    TProcessBasicInformation = record
      ExitStatus: DWord;
      PEBBaseAddress: Pointer;
      AffinityMask: DWord;
      BasePriority: DWord;
      UniqueProcessID: Word;
      ParentProcessID: DWord;
    end;

  function GetPEBAddress(inhandle: THandle): pointer;
    type
      NTQIP = procedure(ProcessHandle: THandle;
                        ProcessInformationClass: DWord;
                        ProcessInformation: Pointer;
                        ProcessInformationLength: DWord;
                        ReturnLength: Pointer); stdcall;
    var
      pbi: TProcessBasicInformation;
      MyHandle: THandle;
      myFunc: NTQIP;
    begin
      MyHandle := LoadLibrary('NTDLL.DLL');
      if MyHandle <> 0 then
        begin
          myfunc := GetProcAddress(myHandle, 'NtQueryInformationProcess');
          if @myfunc <> nil then
            MyFunc(inhandle, 0, @pbi, sizeof(pbi), nil);
        end;
      FreeLibrary(Myhandle);
      Result := pbi.PEBBaseAddress;
    end;

 function getcommandline(inproc: THandle): string;
    var
      myproc: THandle;
      rtlUserProcAddress: Pointer;
      PMBAddress: Pointer;
      command_line: TUnicodeString;
      command_line_contents: WideString;
      outr: DWord;
    begin
      myproc := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ,
                        false, inproc);
      PMBAddress := GetPEBAddress(myproc);
      ReadProcessMemory(myproc, Pointer(Longint(PMBAddress) + $10),
            @rtlUserProcAddress, sizeof(Pointer), outr);
      ReadProcessMemory(myproc, Pointer(Longint(rtlUserProcAddress) + $40),
            @command_line, sizeof(command_line), outr);

      SetLength(Command_Line_Contents, command_line.length);
      ReadProcessMemory(myproc, command_Line.Buffer, @command_Line_contents[1],
               command_line.length, outr);
      CloseHandle(myproc);

      Result := WideCharLenToString(PWideChar(command_Line_Contents),
                           command_line.length div 2);
    end;

 begin
   writeln('This process invoked with: ');
   writeln(GetCommandLine(GetCurrentProcessID));
   readln;
 end.