Get process info
From NSIS Wiki
Jump to navigationJump to search
Description
Get process info by process id (0 - current process)
- Real process id (useful for current process)
- Parent pid
- Priority
- Process name
- Fully-qualified process name (with path)
Warning: if you're using this from an uninstaller to get information about the currently running process, you will get unexpected e.g. file names since the NSIS uninstaller copies itself to a temporary folder with a weird name so that the original uninstaller can be deleted.
Usage
!include GetProcessInfo.nsh OutFile GetProcessInfo.exe Section ;get own process info ${GetProcessInfo} 0 $0 $1 $2 $3 $4 DetailPrint "pid=$0 parent_pid=$1 priority=$2 name=$3 fullname=$4" ;and now get parent process info! ${GetProcessInfo} $1 $0 $1 $2 $3 $5 DetailPrint "pid=$0 parent_pid=$1 priority=$2 name=$3 fullname=$4" ;woila SectionEnd
The Script
File content:
; NSIS PROCESS INFO LIBRARY - GetProcessInfo.nsh ; Version 1.1 - Mar 28th, 2011 ; ; Description: ; Gets process information. ; ; Usage example: ; ${GetProcessInfo} 0 $0 $1 $2 $3 $4 ; DetailPrint "pid=$0 parent_pid=$1 priority=$2 process_name=$3 exe=$4" ; ; History: ; 1.1 - 28/03/2011 - Added uninstall function, include guards, file header. Fixed getting full exe path on pre vista systems. (Sergius) ; !ifndef GETPROCESSINFO_INCLUDED !define GETPROCESSINFO_INCLUDED !define PROCESSINFO.TH32CS_SNAPPROCESS 2 !define PROCESSINFO.INVALID_HANDLE_VALUE -1 !define GetProcessInfo '!insertmacro GetProcessInfo' ;@in pid_in - if 0 - get current process info ;@out pid_out - real process id (may be useful, if pid_in=0) ;@out ppid - parent process id ;@out priority ;@out name - name of process ;@out fullname - fully-qualified path of process !macro GetProcessInfo pid_in pid_out ppid priority name fullname Push ${pid_in} !ifdef __UNINSTALL__ Call un._GetProcessInfo !else Call _GetProcessInfo !endif ;name;pri;ppid;fname;pid; Pop ${name} Pop ${priority} Pop ${ppid} Pop ${fullname} Pop ${pid_out} !macroend !macro FUNC_GETPROCESSINFO Exch $R3 ;pid Push $0 Push $1 Push $2 Push $3 Push $4 Push $5 Push $R0 ;hSnapshot Push $R1 ;result Push $R9 ;PROCESSENTRY32;MODULEENTRY32 and so on Push $R8 ;zero registers to waste trash, if error occurred StrCpy $0 "" StrCpy $1 "" StrCpy $2 "" StrCpy $3 "" StrCpy $4 "" StrCpy $5 "" IntCmp $R3 0 0 skip_pid_detection skip_pid_detection System::Call 'kernel32::GetCurrentProcess() i.R0' System::Call "Kernel32::GetProcessId(i R0) i.R3" skip_pid_detection: System::Call 'Kernel32::CreateToolhelp32Snapshot(i ${PROCESSINFO.TH32CS_SNAPPROCESS},i R3) i.R0' IntCmp $R0 ${PROCESSINFO.INVALID_HANDLE_VALUE} end ;someting wrong ;$R9=PROCESSENTRY32 ;typedef struct tagPROCESSENTRY32 { ; DWORD dwSize; ; DWORD cntUsage; ; DWORD th32ProcessID; ; ULONG_PTR th32DefaultHeapID; ; DWORD th32ModuleID; ; DWORD cntThreads; ; DWORD th32ParentProcessID; ; LONG pcPriClassBase; ; DWORD dwFlags; ; TCHAR szExeFile[MAX_PATH]; ;}PROCESSENTRY32, *PPROCESSENTRY32; ;dwSize=4*9+260 System::Alloc 1024 pop $R9 System::Call "*$R9(i 296)" System::Call 'Kernel32::Process32First(i R0, i $R9) i.R1' StrCmp $R1 0 end nnext_iteration: System::Call "*$R9(i,i,i.R1)" ;get PID IntCmp $R1 $R3 exitloop System::Call 'Kernel32::Process32Next(i R0, i $R9) i.R1' IntCmp $R1 0 0 nnext_iteration nnext_iteration exitloop: ;$0 - pid ;$1 - threads ;$2 - ppid ;$3 - priority ;$4 - process name System::Call "*$R9(i,i,i.r0,i,i,i.r1,i.r2,i.r3,i,&t256.r4)" ; Get next module ;free: System::Free $R9 System::Call "Kernel32::CloseToolhelp32Snapshot(i R0)" ;=============== ;now get full path and commandline System::Call "Kernel32::OpenProcess(i 1040, i 0, i r0)i .R0" StrCmp $R0 0 end IntOp $R8 0 + 256 System::Call "psapi::GetModuleFileNameEx(i R0,i 0,t .r5, *i $R8)i .R1" end: Pop $R8 Pop $R9 Pop $R1 Pop $R0 Exch $5 Exch 1 Exch $4 Exch 2 Exch $3 Exch 3 Exch $2 Exch 4 Pop $1 Exch 4 Exch $0 Exch 5 Pop $R3 !macroend ;FUNC_GETPROCESSINFO Function _GetProcessInfo !insertmacro FUNC_GETPROCESSINFO FunctionEnd Function un._GetProcessInfo !insertmacro FUNC_GETPROCESSINFO FunctionEnd !endif ;GETPROCESSINFO_INCLUDED
Version for Unicode NSIS
; NSIS PROCESS INFO LIBRARY - GetProcessInfo.nsh ; Version 1.1 - Mar 28th, 2011 ; ; Description: ; Gets process information. ; ; Usage example: ; ${GetProcessInfo} 0 $0 $1 $2 $3 $4 ; DetailPrint "pid=$0 parent_pid=$1 priority=$2 process_name=$3 exe=$4" ; ; History: ; 1.1 - 28/03/2011 - Added uninstall function, include guards, file header. Fixed getting full exe path on pre vista systems. (Sergius) ; !ifndef GETPROCESSINFO_INCLUDED !define GETPROCESSINFO_INCLUDED !define PROCESSINFO.TH32CS_SNAPPROCESS 2 !define PROCESSINFO.INVALID_HANDLE_VALUE -1 !define GetProcessInfo '!insertmacro GetProcessInfo' ;@in pid_in - if 0 - get current process info ;@out pid_out - real process id (may be useful, if pid_in=0) ;@out ppid - parent process id ;@out priority ;@out name - name of process ;@out fullname - fully-qualified path of process !macro GetProcessInfo pid_in pid_out ppid priority name fullname Push ${pid_in} !ifdef __UNINSTALL__ Call un._GetProcessInfo !else Call _GetProcessInfo !endif ;name;pri;ppid;fname;pid; Pop ${name} Pop ${priority} Pop ${ppid} Pop ${fullname} Pop ${pid_out} !macroend !macro FUNC_GETPROCESSINFO Exch $R3 ;pid Push $0 Push $1 Push $2 Push $3 Push $4 Push $5 Push $R0 ;hSnapshot Push $R1 ;result Push $R9 ;PROCESSENTRY32;MODULEENTRY32 and so on Push $R8 ;zero registers to waste trash, if error occurred StrCpy $0 "" StrCpy $1 "" StrCpy $2 "" StrCpy $3 "" StrCpy $4 "" StrCpy $5 "" IntCmp $R3 0 0 skip_pid_detection skip_pid_detection System::Call 'kernel32::GetCurrentProcess() i.R0' System::Call "Kernel32::GetProcessId(i R0) i.R3" skip_pid_detection: System::Call 'Kernel32::CreateToolhelp32Snapshot(i ${PROCESSINFO.TH32CS_SNAPPROCESS},i R3) i.R0' IntCmp $R0 ${PROCESSINFO.INVALID_HANDLE_VALUE} end ;someting wrong ;$R9=PROCESSENTRY32 ;typedef struct tagPROCESSENTRY32 { ; DWORD dwSize; ; DWORD cntUsage; ; DWORD th32ProcessID; ; ULONG_PTR th32DefaultHeapID; ; DWORD th32ModuleID; ; DWORD cntThreads; ; DWORD th32ParentProcessID; ; LONG pcPriClassBase; ; DWORD dwFlags; ; TCHAR szExeFile[MAX_PATH]; ;}PROCESSENTRY32, *PPROCESSENTRY32; ;dwSize=4*9+2*260 System::Alloc 1024 pop $R9 System::Call "*$R9(i 556)" System::Call 'Kernel32::Process32FirstW(i R0, i $R9) i.R1' StrCmp $R1 0 end nnext_iteration: System::Call "*$R9(i,i,i.R1)" ;get PID IntCmp $R1 $R3 exitloop System::Call 'Kernel32::Process32NextW(i R0, i $R9) i.R1' IntCmp $R1 0 0 nnext_iteration nnext_iteration exitloop: ;$0 - pid ;$1 - threads ;$2 - ppid ;$3 - priority ;$4 - process name System::Call "*$R9(i,i,i.r0,i,i,i.r1,i.r2,i.r3,i,&w256.r4)" ; Get next module ;free: System::Free $R9 System::Call "Kernel32::CloseToolhelp32Snapshot(i R0)" ;=============== ;now get full path and commandline System::Call "Kernel32::OpenProcess(i 1040, i 0, i r0)i .R0" StrCmp $R0 0 end IntOp $R8 0 + 256 System::Call "psapi::GetModuleFileNameExW(i R0,i 0,t .r5, *i $R8)i .R1" end: Pop $R8 Pop $R9 Pop $R1 Pop $R0 Exch $5 Exch 1 Exch $4 Exch 2 Exch $3 Exch 3 Exch $2 Exch 4 Pop $1 Exch 4 Exch $0 Exch 5 Pop $R3 !macroend ;FUNC_GETPROCESSINFO Function _GetProcessInfo !insertmacro FUNC_GETPROCESSINFO FunctionEnd Function un._GetProcessInfo !insertmacro FUNC_GETPROCESSINFO FunctionEnd !endif ;GETPROCESSINFO_INCLUDED