none
Can't get a process's full path RRS feed

  • Question

  • Hi,

     

    I'm playing with get-process and win32_process and I'm trying to get the name, path and thread count for a few services but the Path always comes back empty. Not sure if this is related to specifics of the application or what but I can't get the executable path for any of the services that are part of the application I'm supporting. 

     

    Here's what I'm doing:

     

    PS C:\WINDOWS\system32\WindowsPowerShell\v1.0> $a = get-wmiobject -query "select Name, ThreadCount, ExecutablePath from win32_process where Name='batchscheduler.exe'"

    PS C:\WINDOWS\system32\WindowsPowerShell\v1.0> $a

    __GENUS          : 2

    __CLASS          : Win32_Process

    __SUPERCLASS     :

    __DYNASTY        :

    __RELPATH        :

    __PROPERTY_COUNT : 3

    __DERIVATION     : {}

    __SERVER         :

    __NAMESPACE      :

    __PATH           :

    ExecutablePath   :

    Name             : BatchScheduler.exe

    ThreadCount      : 6

     

    PS C:\WINDOWS\system32\WindowsPowerShell\v1.0> ps -Name batchscheduler | select ProcessName, Path

     

    ProcessName                             Path

    -----------                             ----

    BatchScheduler

    BatchScheduler

    Tuesday, January 17, 2012 2:01 PM

Answers

  • ps | ? { $_.name -eq '<process_name>' } | ft name, path, threads -auto
    


    Thanks, Wilson Souza - MSFT This posting is provided "AS IS" with no warranties, and confers no rights
    Tuesday, January 17, 2012 8:51 PM
    Moderator
  • It looks like these processes are not sharing its path information. You might need to try another approach to gather the information you are looking for....

     


    Thanks, Wilson Souza - MSFT This posting is provided "AS IS" with no warranties, and confers no rights
    Thursday, January 19, 2012 7:32 AM
    Moderator

All replies

  • ps | ? { $_.name -eq '<process_name>' } | ft name, path, threads -auto
    


    Thanks, Wilson Souza - MSFT This posting is provided "AS IS" with no warranties, and confers no rights
    Tuesday, January 17, 2012 8:51 PM
    Moderator
  • I've tried variations of what you are suggesting, but it is not working:

     

    PS C:\WINDOWS\system32\WindowsPowerShell\v1.0> ps | ? { $_.name -eq 'HunterIILoadDataService' } | ft name, path, threads -auto

     

    Name                    Path Threads

    ----                    ---- -------

    HunterIILoadDataService      {5600, 8124, 6080, 5604...}

    HunterIILoadDataService      {2700, 7444, 7284, 7168...}

    HunterIILoadDataService      {8092, 7580, 3712, 6160...}

     

    I've tried almost everything from this link and the path just stays empty: http://rmfdevelopment.com/WhitePapers/LookingatProcessesThreadsModules.pdf

     

    Thanks

    Wednesday, January 18, 2012 7:45 AM
  • Just run this and post the output:

    $ps =  @(ps | ? { $_.name -eq 'HunterIILoadDataService' }); $ps[0] | fl *
    

     


    Thanks, Wilson Souza - MSFT This posting is provided "AS IS" with no warranties, and confers no rights
    Wednesday, January 18, 2012 5:50 PM
    Moderator
  • There you go:

    PS C:\WINDOWS\system32\WindowsPowerShell\v1.0> $ps =  @(ps | ? { $_.name -eq 'Hu

    nterIILoadDataService' }); $ps[0] | fl *

     

     

    __NounName                 : Process

    Name                       : HunterIILoadDataService

    Handles                    : 706

    VM                         : 189161472

    WS                         : 45621248

    PM                         : 44306432

    NPM                        : 15228

    Path                       :

    Company                    :

    CPU                        :

    FileVersion                :

    ProductVersion             :

    Description                :

    Product                    :

    Id                         : 3716

    PriorityClass              :

    HandleCount                : 706

    WorkingSet                 : 45621248

    PagedMemorySize            : 44306432

    PrivateMemorySize          : 44306432

    VirtualMemorySize          : 189161472

    TotalProcessorTime         :

    BasePriority               : 8

    ExitCode                   :

    HasExited                  :

    ExitTime                   :

    Handle                     :

    MachineName                : .

    MainWindowHandle           : 0

    MainWindowTitle            :

    MainModule                 :

    MaxWorkingSet              :

    MinWorkingSet              :

    Modules                    :

    NonpagedSystemMemorySize   : 15228

    NonpagedSystemMemorySize64 : 15228

    PagedMemorySize64          : 44306432

    PagedSystemMemorySize      : 246340

    PagedSystemMemorySize64    : 246340

    PeakPagedMemorySize        : 47226880

    PeakPagedMemorySize64      : 47226880

    PeakWorkingSet             : 45785088

    PeakWorkingSet64           : 45785088

    PeakVirtualMemorySize      : 192086016

    PeakVirtualMemorySize64    : 192086016

    PriorityBoostEnabled       :

    PrivateMemorySize64        : 44306432

    PrivilegedProcessorTime    :

    ProcessName                : HunterIILoadDataService

    ProcessorAffinity          :

    Responding                 : True

    SessionId                  : 0

    StartInfo                  : System.Diagnostics.ProcessStartInfo

    StartTime                  :

    SynchronizingObject        :

    Threads                    : {5600, 8124, 6080, 5604...}

    UserProcessorTime          :

    VirtualMemorySize64        : 189161472

    EnableRaisingEvents        : False

    StandardInput              :

    StandardOutput             :

    StandardError              :

    WorkingSet64               : 45621248

    Site                       :

    Container                  :

    Thursday, January 19, 2012 7:09 AM
  • Yep... Path information there is empty.

    Which OS  are you running this command from?


    Thanks, Wilson Souza - MSFT This posting is provided "AS IS" with no warranties, and confers no rights
    Thursday, January 19, 2012 7:11 AM
    Moderator
  • Thanks for the super quick response :)

     

    OS Name:                   Microsoft(R) Windows(R) Server 2003, Enterprise Edition

    OS Version:                5.2.3790 Service Pack 2 Build 3790

     

    BTW the path is properly populated for other services like notepad, it's just all the services for this particular application that don't have it populated which is why I thought there might be something peculiar about the app itself. But then again, not sure how powershell gets the path so that could be nonsense. 

     

    Thanks again for your help. Much appreciated.

    Thursday, January 19, 2012 7:14 AM
  • It looks like that specific process doesn't have path information.

    Do you see path for other processes? Check that by running the PowerShell command below:

     ps | ft name, path, threads -auto
    

     


    Thanks, Wilson Souza - MSFT This posting is provided "AS IS" with no warranties, and confers no rights
    Thursday, January 19, 2012 7:19 AM
    Moderator
  • Yep, that lists paths for all process other than those I'm after and the MOM Host service. The app is installed on the D drive btw, although the same thing happens if I move a service to the C drive.
    Thursday, January 19, 2012 7:28 AM
  • It looks like these processes are not sharing its path information. You might need to try another approach to gather the information you are looking for....

     


    Thanks, Wilson Souza - MSFT This posting is provided "AS IS" with no warranties, and confers no rights
    Thursday, January 19, 2012 7:32 AM
    Moderator
  • Bummer :( Thanks anyway
    Thursday, January 19, 2012 7:34 AM
  • I was seeing this behaviour and it was a permissions issue - in later versions of Windows you have to run powershell as an administrator (elevated permissions).
    Tuesday, July 7, 2020 11:46 AM