程序代码
MsgBox(64,"进程信息","进程路径是:"&Processpath(1760))
Func Processpath($iPID)
;通过API获取指定PID的进程路径
;官方牛人制作
Local $aProc = DllCall('kernel32.dll', 'hwnd', 'OpenProcess', 'int', BitOR(0x0400, 0x0010), 'int', 0, 'int', $iPID)
If $aProc[0] = 0 Then Return SetError(1, 0, '')
Local $vStruct = DllStructCreate('int[1024]')
DllCall('psapi.dll', 'int', 'EnumProcessModules', 'hwnd', $aProc[0], 'ptr', DllStructGetPtr($vStruct), 'int', DllStructGetSize($vStruct), 'int_ptr', 0)
Local $aReturn = DllCall('psapi.dll', 'int', 'GetModuleFileNameEx', 'hwnd', $aProc[0], 'int', DllStructGetData($vStruct, 1), 'str', '', 'int', 2048)
If StringLen($aReturn[3]) = 0 Then Return SetError(2, 0, '')
Return $aReturn[3]
EndFunc
MsgBox(64,"进程信息","进程路径是:"&Procespath(1760))
Func Procespath($pid)
;通过WMI获取指定PID的进程路径
;叁恨居士制作
$strComputer = "."
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("Select * FROM Win32_Process Where ProcessId = "&$pid)
For $objItem In $colItems
$cmdpath = $objItem.CommandLine
$exepath = $objItem.ExecutablePath
$path=StringSplit($cmdpath,"\")
if $path[0]<=2 Then
Return $exepath
Else
Return $cmdpath
EndIf
Next
EndFunc
MsgBox(64,"进程信息","进程路径是:"&Processpath(1760))
Func Processpath($iPID)
;通过API获取指定PID的进程路径
;官方牛人制作
Local $aProc = DllCall('kernel32.dll', 'hwnd', 'OpenProcess', 'int', BitOR(0x0400, 0x0010), 'int', 0, 'int', $iPID)
If $aProc[0] = 0 Then Return SetError(1, 0, '')
Local $vStruct = DllStructCreate('int[1024]')
DllCall('psapi.dll', 'int', 'EnumProcessModules', 'hwnd', $aProc[0], 'ptr', DllStructGetPtr($vStruct), 'int', DllStructGetSize($vStruct), 'int_ptr', 0)
Local $aReturn = DllCall('psapi.dll', 'int', 'GetModuleFileNameEx', 'hwnd', $aProc[0], 'int', DllStructGetData($vStruct, 1), 'str', '', 'int', 2048)
If StringLen($aReturn[3]) = 0 Then Return SetError(2, 0, '')
Return $aReturn[3]
EndFunc
MsgBox(64,"进程信息","进程路径是:"&Procespath(1760))
Func Procespath($pid)
;通过WMI获取指定PID的进程路径
;叁恨居士制作
$strComputer = "."
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("Select * FROM Win32_Process Where ProcessId = "&$pid)
For $objItem In $colItems
$cmdpath = $objItem.CommandLine
$exepath = $objItem.ExecutablePath
$path=StringSplit($cmdpath,"\")
if $path[0]<=2 Then
Return $exepath
Else
Return $cmdpath
EndIf
Next
EndFunc
转载于:https://blog.51cto.com/shenyaoyuan/202145