关于读取进程的内存数据问题 ( 积分: 50 )

我想读出某个进程内存数据,用如下代码读取,可是数据太多了.
感觉读出的好象是不单单是该进程的数据,代码如下:
请问要用什么条件才能确定那些块是某个进程的?

datalen:=0;
hProcess:=0;
DDZProcessID := 0;
lpNumberOfBytesRead:=0;
pMem:=0;
DDZProcessID := GetProcessID('nnsj.exe');
if DDZProcessID = 0 then exit ;
GetSystemInfo(SysInfo);
pMem :=SysInfo.lpMinimumApplicationAddress;
MinMem:=dword(pmem);
MaxMem := DWORD(SysInfo.lpMaximumApplicationAddress);
id:=0;
hProcess := OpenProcess(PROCESS_VM_OPERATION or PROCESS_VM_READ or PROCESS_QUERY_INFORMATION, False, DDZProcessID);
while true do
begin
ret:=VirtualQueryEx(hProcess,pMem,mbi,sizeof(mbi));
if (mbi.Type_9=MEM_PRIVATE)and(mbi.State = MEM_COMMIT )and(mbi.AllocationProtect= PAGE_READWRITE) then
begin
datalen:= mbi.RegionSize;
setlength(lbuf1, datalen);
setlength(lbuf2, datalen);
bReadSucceed := ReadProcessMemory(hProcess, pMem, pchar(lbuf1), datalen,lpNumberOfBytesRead );
if not bReadSucceed then
begin
inc(id);
MinMem:=MinMem+mbi.RegionSize;
pMem:=ptr(MinMem);
if(minMem>maxmem) then break;
application.ProcessMessages;
continue;
end;
mymem[id].pmem:=id;
mymem[id].pbuf:=lbuf1;
dispdata(minmem,lbuf1);
inc(id);

end;
MinMem:=MinMem+mbi.RegionSize;

pMem:=ptr(MinMem);
if(minMem>maxmem) then break;
end;