程序代码

MsgBox(64,"进程信息","进程路径是:"&Processpath(1760))


Func Processpath($iPID)
;通过API获取指定PID的进程路径
;官方牛人制作

     Local $aProc = DllCall('kernel32.dll', 'hwnd', 'OpenProcess', 'int', BitOR(0x0400, 0x0010), 'int', 0, 'int', $iPID)
     If $aProc[0] = 0 Then Return SetError(1, 0, '')
     Local $vStruct = DllStructCreate('int[1024]')
     DllCall('psapi.dll', 'int', 'EnumProcessModules', 'hwnd', $aProc[0], 'ptr', DllStructGetPtr($vStruct), 'int', DllStructGetSize($vStruct), 'int_ptr', 0)
     Local $aReturn = DllCall('psapi.dll', 'int', 'GetModuleFileNameEx', 'hwnd', $aProc[0], 'int', DllStructGetData($vStruct, 1), 'str', '', 'int', 2048)
     If StringLen($aReturn[3]) = 0 Then Return SetError(2, 0, '')
     Return $aReturn[3]
EndFunc


MsgBox(64,"进程信息","进程路径是:"&Procespath(1760))

Func Procespath($pid)
         ;通过WMI获取指定PID的进程路径
         ;叁恨居士制作
$strComputer = "."
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("Select * FROM Win32_Process Where ProcessId = "&$pid)

            For $objItem In $colItems
                  
$cmdpath   =   $objItem.CommandLine
$exepath   =   $objItem.ExecutablePath
$path=StringSplit($cmdpath,"\")

if $path[0]<=2 Then
           Return   $exepath
    Else
       Return   $cmdpath
EndIf

           Next
EndFunc