Why arguments of ProcessStartInfo is empty?

Question

When I tried to get command line arguments of a executable, I tried inspect the ProcessStartInfo structure returned by Get-Process, but the argument field is empty no matter what:

PS C:\> ps notepad

Handles  NPM(K)    PM(K)      WS(K)     CPU(s)     Id  SI ProcessName
-------  ------    -----      -----     ------     --  -- -----------
    272      15     3484      19888       0.39  33696   1 notepad

PS C:\> $(ps notepad).StartInfo

Verb                    :
Arguments               :
CreateNoWindow          : False
EnvironmentVariables    : {ConEmuBaseDir, ConEmuConfig, ConEmuArgs,    PROCESSOR_REVISION...}
Environment             : {[ConEmuBaseDir, C:\Users\fluter\Tools\ConEmu.Core.17.1.18.0\Tools\ConEmu], [ConEmuConfig, ], [ConEmuArgs, ], [PROCESSOR_REVISION, 4501]...}
RedirectStandardInput   : False
RedirectStandardOutput  : False
RedirectStandardError   : False
StandardErrorEncoding   :
StandardOutputEncoding  :
UseShellExecute         : True
Verbs                   : {}
UserName                :
Password                :
PasswordInClearText     :
Domain                  :
LoadUserProfile         : False
FileName                :
WorkingDirectory        :
ErrorDialog             : False
ErrorDialogParentHandle : 0
WindowStyle             : Normal

But as expected, the procexp utility in sysinternals suite can get full command line:

Also, as comments pointed out, using win32 wmi object interface can get it. However, why is this feature missing from powershell?

Possible duplicate of [How to get Command Line info for a process in PowerShell or C#](https://stackoverflow.com/questions/17563411/how-to-get-command-line-info-for-a-process-in-powershell-or-c-sharp) — , Jun 13 '17 at 00:40
Sorry, no. Must have had a reason why MicroSoft baught Sysinternals. Task-Manager grew better, but I'm still using ProcExp. — , Jun 13 '17 at 00:50
a) https://stackoverflow.com/a/6522047/478656 - you cannot reliably get it. and b) if you want to anyway, https://superuser.com/a/519802/67909 and https://serverfault.com/q/696460/57144 — TessellatingHeckler, Jun 13 '17 at 01:12
The documentation for the [Process.StartInfo property](https://msdn.microsoft.com/en-us/library/system.diagnostics.process.startinfo%28v=vs.110%29.aspx) says that it's the information with which to start the process. But you didn't start the process, so the StartInfo doesn't mean anything. The confusion is that the `Process` class is used for two different things. One is for starting a new process. The other is for getting information about existing processes. Only the first cases uses `StartInfo`. — Raymond Chen, Jun 13 '17 at 04:45

JPBlanc · Accepted Answer · 2017-06-13T04:44:15.560

Not sure to understand, but @LotPing point the answer :

$proc = Get-Process notepad
$pInfos = Get-WmiObject Win32_Process -Filter "name = '$($proc.MainModule.ModuleName)'" 
$pInfos.CommandLine

CommandLine gives you the same information as ProcessXP

You will find something in startinfo when this object is used to start the process :

$startInfo = New-Object Diagnostics.ProcessStartInfo
$startInfo.Filename = "notepad"
$startInfo.Arguments = "toto.txt"
$startInfo.UseShellExecute = $false
$Proc = [Diagnostics.Process]::Start($startInfo)

It exists many way to start a process this one use an object Process that encapsulate the Win32 CreateProcess. As far as I understand when the command line is used, you will not find data in startinfo, when the process is started programaticaly it can append.

My question was more like why This information is not in `ProcessStartupInfo`? using WMI is only last resort. — fluter, Jun 13 '17 at 03:50

Why arguments of ProcessStartInfo is empty?

1 Answers1