How do i get the process version path from via only knowing the processID?

[Hellouser]

Hi All

How do i get the process version path from via only knowing the processID?

[Authenticity]

If you mean to get the path/filename.exe this process was executed from initially then you can do something like this:

#include <WinAPI.au3>

$PID = Run('notepad')
$avProcs = ProcessList()
$sImageName = ""

For $i = 1 To $avProcs[0][0]
    If $avProcs[$i][1] = $PID Then
        $sImageName = $avProcs[$i][0]
        ExitLoop
    EndIf
Next

If $sImageName <> "" Then ConsoleWrite(_WinAPI_FindExecutable($sImageName) & @CRLF)

Alternatively, you can try this example converted to AutoIt which is more explicit and more wordy.

[PsaltyDS]

Hi All

How do i get the process version path from via only knowing the processID?

I don't know what "process version path" is, but _ProcessListProperties() demonstrates how to get many properties, including the executable path and full command line used to start it.

[PsaltyDS]

If you mean to get the path/filename.exe this process was executed from initially then you can do something like this:

#include <WinAPI.au3>

$PID = Run('notepad')
$avProcs = ProcessList()
$sImageName = ""

For $i = 1 To $avProcs[0][0]
    If $avProcs[$i][1] = $PID Then
        $sImageName = $avProcs[$i][0]
        ExitLoop
    EndIf
Next

If $sImageName <> "" Then ConsoleWrite(_WinAPI_FindExecutable($sImageName) & @CRLF)

I didn't think that was the intended use of _WinAPI_FindExecutable() and tried it this way:

#include <WinAPI.au3>

$avProcs = ProcessList()
$sImageName = ""

For $i = 1 To $avProcs[0][0]
    $sImageName = $avProcs[$i][0]
    If $sImageName <> "" Then ConsoleWrite($sImageName & " = " & _WinAPI_FindExecutable($sImageName) & @CRLF)
Next

Although it works for Notepad, it doesn't return the executable path for many things (like firefox.exe).

[Authenticity]

Yes, this is the problem with FindExecutable and QueryAssocString() functions. They're inconsistent, I guess.

expandcollapse popup

#include <NomadMemory.au3>
SetPrivilege("SeDebugPrivilege", 1)


Local $avProcs = ProcessList()

For $i = 1 To $avProcs[0][0]
    $hSnapShot = _CreateToolhelp32Snapshot(8, $avProcs[$i][1])
    If $hSnapShot Then
        $tME32 = _Module32First($hSnapShot)
        If Not @error Then
            $sExePath = DllStructGetData($tME32, 10)
            ConsoleWrite(FileGetLongName($sExePath) & @CRLF)
        EndIf
        _CloseHandle($hSnapShot)
    EndIf
Next
    

Func _CreateToolhelp32Snapshot($iFlags, $iTh32ProcessID)
    Local $aResult = DllCall("kernel32.dll", "hwnd", "CreateToolhelp32Snapshot", "uint", $iFlags, "uint", $iTh32ProcessID)

    If @error Then Return SetError(@error, @extended, 0)
    Return $aResult[0]
EndFunc

Func _Module32First($hSnapShot)
    Local $tMODULEENTRY32 = DllStructCreate("uint;uint;uint;uint;uint;ptr;uint;hwnd;wchar[256];wchar[260]")
    Local $pMODULEENTRY32 = DllStructGetPtr($tMODULEENTRY32)
    Local $iMODULEENTRY32 = DllStructGetSize($tMODULEENTRY32)
    Local $aResult
    
    DllStructSetData($tMODULEENTRY32, 1, $iMODULEENTRY32)
    $aResult = DllCall("kernel32.dll", "int", "Module32FirstW", "hwnd", $hSnapShot, "ptr", $pMODULEENTRY32)
    
    If @error Or $aResult[0] = 0 Then Return SetError(1, 0, 0)
    Return SetError(0, 0, $tMODULEENTRY32)
EndFunc

Func _CloseHandle($hHandle)
    Local $aResult = DllCall("kernel32.dll", "int", "CloseHandle", "int", $hHandle)
    
    Return $aResult[0]
EndFunc