Sign in to follow this  
Followers 0
Faustvii

find path on process

9 posts in this topic

hi i dont know if autoit is able to find a path to a running process lets say winlogon.exe then it should give you the path to the dir of the process does anybody know if autoit is able to do that? if yes can anyone give me an exsample ?

Share this post


Link to post
Share on other sites



Anyone??

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Go to the helpfile and find macros probably one of them will do what you need (I just can't find it)

Edited by Infinitex0

The below statement is False.The above statement is True.a lesson I learned from Greenmachine; give a man a code and he'll solve one problem. Teach a man to code and he'll solve all his problems.P.S please don't use autoIt as a virus creator/spyware maker(keyLogger especially)Cick this and help me[center]My Scripts:[/center][center]Port Scanner[/center]

Share this post


Link to post
Share on other sites

Here a stab at it, I only looked at larry's UDF... GetProcessName(ProcessExists(winlogon.exe))


[center]Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.[/center]

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

Used Scriptomatic to generate most of this, see if it will work for you

Edit*

Forgot to say you need the beta

$Mypath = FindProcessPath ("WinLogOn")
MsgBox (0,"Required Path is", $MyPath)

Func FindProcessPath ($PIDName)
$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$colItems = ""
$strComputer = "localhost"
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process", "WQL", _
                                          $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

If IsObj($colItems) then
   For $objItem In $colItems

      $path = "ExecutablePath: " & $objItem.ExecutablePath 
      $Name = "Name: " & $objItem.Name 
      $Pid =  "ProcessId: " & $objItem.ProcessId 
      if StringinStr ($Name ,$PidName,0,1) <> 0 then Return StringTrimLeft ($Path, 16)
   Next
Else
   Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_Process" )
Endif
EndFunc
Edited by ChrisL

Share this post


Link to post
Share on other sites

Tyvm for the help :o

Share this post


Link to post
Share on other sites

I had posted a WMI solution for this - How to get full file name from PID, but Larry subsequently posted the link to his solution - Get Process Name From PID which uses DLLCall.

I ran a quick test, and DLLCall is more than 10 times faster than using WMI, although when looping through all processes running. DLLCall did return a few errors, but it probably just needs a little tweaking, so if you're going to be using it a lot, I'd recommend using DLLCall rather than WMI.

Guess Larry is king!

:o

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0