10 Years of Service
66%
[HIDE-THANKS]
[/HIDE-THANKS]
Code:
>;===============================================================================
;
; Script Name: Window Tracer
; Description: Identify source process for visible windows
; Return Value(s): Message box displaying basic process information and opens
; an Explorer window for the source folder of the process
; Author(s): Monamo
; Build: 1.2 - Updated to AutoIt code base of v3.3.0.0
; AutoIt: v3.3.0.0
;
;===============================================================================
;
#NoTrayIcon
#Region;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_Res_Fileversion=1.0.0.0
#AutoIt3Wrapper_Res_Language=1033
#EndRegion;**** Directives created by AutoIt3Wrapper_GUI ****
#include
#include
AutoItSetOption("GUIOnEventMode", 1)
Global $aVisibleWindows[1] = ["0"]
Global Const $wbemFlagReturnImmediately = 0x10
Global Const $wbemFlagForwardOnly = 0x20
$GUITitle = "Window Tracer"
$GUIWidth = 400
$GUIHeight = 50
$GUI = GUICreate($GUITitle, $GUIWidth, $GUIHeight, (@DesktopWidth - $GUIWidth) / 2, (@DesktopHeight - $GUIHeight) / 2)
$comboWindows = GUICtrlCreateCombo("", 10, 10, $GUIWidth - 20, 20, $CBS_DROPDOWNLIST)
_GetWindows()
GUISetState()
#Region Events list
GUISetOnEvent($GUI_EVENT_CLOSE, "_ExitIt")
GUICtrlSetOnEvent($comboWindows, "_ProcessTrace")
#EndRegion Events list
While 1
Sleep(10)
WEnd
#Region Functions
Func _ExitIt()
Exit
EndFunc
Func _ProcessTrace()
$sWinTitle = GUICtrlRead($comboWindows)
If $sWinTitle = "" Or $sWinTitle = "" Then Return
$aWindow = WinList($sWinTitle)
$iPID = WinGetProcess($sWinTitle)
Dim $sProcessName
$aProcesses = ProcessList()
For $i = 1 To $aProcesses[0][0]
If $aProcesses[$i][1] = $iPID Then
$sProcessName = $aProcesses[$i][0]
ExitLoop
EndIf
Next
If $sProcessName <> "" Then
$sProcessPath = _ProcessPath($iPID)
$sFolder = ""
$sMsg = "Window title:" & @CRLF & " " & $sWinTitle & @CRLF
$sMsg &= @CRLF
$sMsg &= "Process: " & $sProcessName & @CRLF
$sMsg &= "Process ID: " & $iPID & @CRLF
$sMsg &= "Process location: " & $sProcessPath & @CRLF
If FileExists($sProcessPath) Then
$sFolder = StringTrimRight($sProcessPath, StringLen($sProcessPath) - StringInStr($sProcessPath, "\", 0, -1))
$sMsg &= "Process folder: " & $sFolder & @CRLF
ShellExecute($sFolder, "", $sFolder)
EndIf
MsgBox(8192 + 64, $sProcessName, $sMsg)
Else
$sMsg = "No matches found. Unable to determine source process for window title: " & @CRLF & " " & $sWinTitle
$sMsg &= @CRLF & @CRLF &"Please verify that the target window is still running."
MsgBox(8192 + 48, $sProcessName, $sMsg)
EndIf
EndFunc
Func _GetWindows()
$AllWindows = WinList()
$sTmp = ""
For $i = 1 To $AllWindows[0][0]
If IsVisible($AllWindows[$i][1]) Then
If $AllWindows[$i][0] <> "" And $AllWindows[$i][0] <> "Program Manager" Then
$iIndex = $aVisibleWindows[0] + 1
ReDim $aVisibleWindows[$iIndex + 1]
$aVisibleWindows[0] = $iIndex
$aVisibleWindows[$iIndex] = $AllWindows[$i][0]
If $sTmp = "" Then
$sTmp &= $aVisibleWindows[$iIndex]
Else
$sTmp &= "|" & $aVisibleWindows[$iIndex]
EndIf
EndIf
Else
EndIf
Next
If $sTmp <> "" Then
GUICtrlSetData($comboWindows, $sTmp)
Else
GUICtrlSetData($comboWindows, "")
EndIf
EndFunc
Func IsVisible($handle)
If BitAND(WinGetState($handle), 4) Then
If BitAND(WinGetState($handle), 2) Then
Return 1
Else
Return 0
EndIf
EndIf
EndFunc
Func _ProcessPath($iCheckPID)
$strComputer = "."
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)
If IsObj($colItems) Then
For $objItem In $colItems
$sProcessPID = $objItem.ProcessId
If $sProcessPID = $iCheckPID Then
$sProcessPath = $objItem.ExecutablePath
ExitLoop
EndIf
Next
EndIf
If $sProcessPath <> "" Then Return $sProcessPath
EndFunc