|
楼主 |
发表于 2008-5-7 16:08:35
|
显示全部楼层
我先贴一张
通过PID获取进程路径
[language=autoit]
MsgBox(64,"进程信息","进程路径是:"&Processpath(616))
Func Processpath($iPID)
;通过API获取指定PID的进程路径
;官方牛人制作
Local $aProc = DllCall('kernel32.dll', 'hwnd', 'OpenProcess', 'int', BitOR(0x0400, 0x0010), 'int', 0, 'int', $iPID)
If $aProc[0] = 0 Then Return SetError(1, 0, '')
Local $vStruct = DllStructCreate('int[1024]')
DllCall('psapi.dll', 'int', 'EnumProcessModules', 'hwnd', $aProc[0], 'ptr', DllStructGetPtr($vStruct), 'int', DllStructGetSize($vStruct), 'int_ptr', 0)
Local $aReturn = DllCall('psapi.dll', 'int', 'GetModuleFileNameEx', 'hwnd', $aProc[0], 'int', DllStructGetData($vStruct, 1), 'str', '', 'int', 2048)
If StringLen($aReturn[3]) = 0 Then Return SetError(2, 0, '')
Return $aReturn[3]
EndFunc
MsgBox(64,"进程信息","进程路径是:"&Procespath(616))
Func Procespath($pid)
;通过WMI获取指定PID的进程路径
;叁恨居士制作
$strComputer = "."
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process WHERE ProcessId = "&$pid)
For $objItem In $colItems
$cmdpath = $objItem.CommandLine
$exepath = $objItem.ExecutablePath
$path=StringSplit($cmdpath,"\")
if $path[0]<=2 Then
Return $exepath
Else
Return $cmdpath
EndIf
Next
EndFunc
[/language] |
|