Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


current process's exe name?

Posted on 1999-07-26
Medium Priority
Last Modified: 2013-12-03
I use hook to inject into other process space. When I'm in somebody's process space, how can I know current process's exe name?

At first, I use GetModuleFileName(NULL), but when the current process is 16 bits, I get "kernel32.dll" or other
values. Then I use toolhelp to enum all running processes, compare each process id with the return value of GetCurrentProcessID(), I get correct exe name. But this way is too slow, I need a faster way.

So, my question is:
1. Why GetModuleFileName(NULL) return a crazy value?
2. How can I get a faster way to do it?
Question by:fengtao2000
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 86

Expert Comment

ID: 1403670
Simply call 'GetCommandLine()', which will return the command line of the process in which your hook is executed. The first token in the command line will be the process' .exe name, followed by a blank (Note that if this name contains spaces, it's embraced in double quotes)

Author Comment

ID: 1403671
Your way is worked, but my question is in two parts. Please give me the answer of first question, and I'll give you points.
LVL 86

Accepted Solution

jkr earned 1200 total points
ID: 1403672
Ooops, sorry...

The problem is that 16bit processes simply are no Win32 modules (unless they're started using 'CREATE_SEPARATE_WOW_VDM'), thus all module handle related APIs return 'rubbish' - and when calling 'GetModuleFileName()' with a NULL argument, it calls 'GetModuleHandle()' internally, which returns an invalid module handle...

On NT, this is even a security hole, see

Author Comment

ID: 1403673
Ok, you are right. Thanks!

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tutorial is about how to put some of your C++ program's functionality into a standard DLL, and how to make working with the EXE and the DLL simple and seamless.   We'll be using Microsoft Visual Studio 2008 and we will cut out the noise; that i…
zlib is a free compression library (a DLL) on which the popular gzip utility is built.  In this article, we'll see how to use the zlib functions to compress and decompress data in memory; that is, without needing to use a temporary file.  We'll be c…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA.…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question