This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 75%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EUZ%3C/text%3E%3C/svg%3E)
Hello,
here is the idea:
I have a lot of services with name xxx.exe (and diffrent PID of course). Which service have own directory.
Let's say we have 5 services and directories: C:\srv\service1,...., C:\srv\service5
As I mentioned just a second ago the name of the services are the same. I want to know which pid is for the xxx.exe proces handling C:\srv\service1 etc.
What I know for now is that they aren't manipulating on the files and directories directly. I found out that they are creating a child process and that process are create another child process.
So we have something like that per each process:
xxx.exe has the child process yyy.exe. yyy.exe has the child process zzz.exe and this proces is using for file and directory operations.
So at first I must findout PID of the zzz.exe process for particular xxx.exe process. That's the easy part. After this I need to findout a list of files/directories handling by zzz.exe process. Seems that is even more challenging than I thought.
I've read a lot of articles, tried a lot of methods and nothing works. For example a lot of people are using combination of power script with sysinternal handle tools. In my case it's useless. That tool works for most of processes but not for zzz.exe. It shows information that the process could not be opened. If I put the directory path list is empty.
Only one tool has no problem with that - sysinternal process monitor. Unfortunately it's a graphical tool so I can't use this in the script. I am not a powershell expert so I hope that here I can find helpful experts and thay can give me a hint how I can make something similiar as sysinternal process monitor in powershell. Of course I need just part of the functionality. In my case I just want to have a list of handlinf files or directorys for particular process id.
Any ideas?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 96%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Hi,
Based on the complexity and the specific situation, we need do more researches. If we have any updates or any thoughts about this issue, we will keep you posted as soon as possible. Your kind understanding is appreciated.
Best Regards,