Mutley2003
asked on
Trapping folder location from where an app was launched by association
Suppose someone launches winzip from Explorer by clicking on a zip file.
I would like to know the name of that folder, so I can pass it to an app that is monitoring running processes.
Is there some way of hooking this "launch by association" event so I can find the folder (or even the file) name?
Thanks
I would like to know the name of that folder, so I can pass it to an app that is monitoring running processes.
Is there some way of hooking this "launch by association" event so I can find the folder (or even the file) name?
Thanks
Enumerate the processes, the last in the list will be the most current. Using the PID gained through enumeration you can extract the filepath. Have a look here:
https://www.experts-exchange.com/questions/21204187/Processes-Filepaths.html
Regards,
Hypoviax
https://www.experts-exchange.com/questions/21204187/Processes-Filepaths.html
Regards,
Hypoviax
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hypoviax, thanks for that excellent link but it is, as Madshi says, the folder for the exe.
I want the folder which was clicked in explorer ie where the .zip file is.
I gotta say that RemoteCmdLine stuff is brilliant. I think it will do what I need, but the idea of hooking the process creation call is intriguing.
As usual, I wish I had more points to distribute. Points to gwalkeriq, points to madshi for RemoteCmdLine
thanks everyone
I want the folder which was clicked in explorer ie where the .zip file is.
I gotta say that RemoteCmdLine stuff is brilliant. I think it will do what I need, but the idea of hooking the process creation call is intriguing.
As usual, I wish I had more points to distribute. Points to gwalkeriq, points to madshi for RemoteCmdLine
thanks everyone
Hook process creation is much more complex. If you can get along with RemoteCmdLine that would be by far the better solution, because it has much less impact on the OS.
If you run a message monitor (such as winsight32 that comes with delphi), you might be able to find a message that you can use, but it will be a diffiicult task, windows messages do not include think like strings (representing the filename you might want) in them.
This is what most people think of as hooking and you are unlikely to be happy with this approach.
I would recommend you take a look at http://www.madshi.net and look at the MadCodeHook package. With this, you can hook the CreateProcessEX call globally, and this is probably the way you want to go. I'm not sure Windows Explorer uses CreateProcessEx() or CreateProcess, but if this is how it launches documents, this would be the easiest way to trap them. Of course, you would see all such WinAPI calls, but this is likely to be the easiest method.
Madshi is historically a frequent poster on Experts Exchange. (No. 2 on the Delphi list), but he has slacked off this year. His stuff is very good when you need it.