Jump to content
Sign in to follow this  
Glyph

Finding processes run location?

Recommended Posts

Glyph

I'm trying to programatically locate where a process started, e.g. "c:\mydir\foo.exe".

I don't see anything under the WMI classes, and I don't see anything done in AutoIt already, has anyone done this before?


tolle indicium

Share this post


Link to post
Share on other sites
Bowmore

This is a example of how to get the path of a running process I did some time ago. Modify it to meet you requirements.

#include <WinAPI.au3>
#include <Process.au3>

; This is just an example application
$sProcess = "notepad.exe"

Run($sProcess)
WinWaitActive("Untitled - Notepad", "")

; Get the PID from the application window
$iPID = WinGetProcess("Untitled - Notepad", "")
If Not $iPID Then
    MsgBox(0, "Process Exist", "Process = " & $sProcess & "Does not exist")
Else
    $sMsg = ''
    ; Attempt to get the full path for the running process
    $sFullPath = _Process_GetPath($iPID)
    If @error <> 0 Then
        ; Check reason path was not returned
        Switch @error
            Case 1 
                $sMsg = 'Unable to get handel to process'
            Case 2
                $sMsg = 'DllCall to Psapi.dll failed'
            Case 3
                $sMsg = 'No path returned'
        EndSwitch
        ; Display error message
        MsgBox(0, "Process Full Path - Error", "Error = " & $sMsg)
    Else
        ; Display the path returned 
        MsgBox(0, "Process Full Path", "Process = " & $sProcess & @CRLF _ 
                & "Path = " & $sFullPath)
    EndIf
EndIf

"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the universe trying to build bigger and better idiots. So far, the universe is winning."- Rick Cook

Share this post


Link to post
Share on other sites
Glyph

Um, the function is missing, can I get your includes?

F:\Glyph\Projects\runloc.au3(17,40) : ERROR: _Process_GetPath(): undefined function.

$sFullPath = _Process_GetPath($iPID)


tolle indicium

Share this post


Link to post
Share on other sites
Bowmore

Um, the function is missing, can I get your includes?

Oop! Here is the missing function.

; #FUNCTION# ;===============================================================================
;
; Name...........: _Process_GetPath
; Description ...: Returns the fully qualified path for a process
; Syntax.........: _Process_GetPath($iPID)
; Parameters ....: $iPID_In - The PID of the process to get the path for. e.g. 1234
; Return values .: Success - The fully qualified path for the process.
;                  Failure - Returns 0 and Sets @Error:
;                  |0 - No error.
;                  |1 - Unable to get handel to process
;                  |2 - DllCall to Psapi.dll failed
;                  |3 - No path returned
; Author ........: Bowmore
; Modified.......:
; Remarks .......: May not work with certain system processes that can not be opened unless you have the debug security privilege.
; Related .......: ProcessExists
; Link ..........;
; Example .......; Yes
;
; ;==========================================================================================
Func _Process_GetPath($iPID_In)
    Local $hModule = 0
    Local $hProc = 0
    Local $stString = ''
    Local $iResult = 0
    Local $sPath = ''

    $hProc = _WinAPI_OpenProcess(BitOR(0x0400, 0x0010), False, $iPID_In)
    If Not $hProc Then Return SetError(1,0,0)
    
    $stString = DllStructCreate("char[260]")
    DllCall("Psapi.dll", "dword", "GetModuleFileNameEx", _
           "hwnd", $hProc, _ 
           "hwnd", $hModule, _ 
           "ptr", DllStructGetPtr($stString), _ 
           "dword", 260)
    If @error Then Return SetError(2,0,0)
    
    $sPath = DllStructGetData($stString, 1)
    If $sPath = '' Then 
        Return SetError(3,0,0)
    Else
        Return $sPath
    EndIf
EndFunc   ;==>_GetProcPath

"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the universe trying to build bigger and better idiots. So far, the universe is winning."- Rick Cook

Share this post


Link to post
Share on other sites
SoulA

This might help you. Link

Share this post


Link to post
Share on other sites
Glyph

This might help you. Link

ah, so it is possible with WMI!

@Bowmore Thank you very much for sharing your code!

I'm going to have to figure out if the DLL call is best, or the WMI.

Edited by Glyph

tolle indicium

Share this post


Link to post
Share on other sites
oMBRa

@Bowmore for somme process I get access denied, should we Set Debug Privilege?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×