I want to be able to show windows processes that call themselves say xyz.exe (simple enough) but I also want to display the copyright info.
Right now I must do this manually by going to task manager, selecting the file, right clicking properties, then go to detail tab
I searched high and low and had no success
Kindly help me
Show all processes with a name and then show detail Topic is solved
-
Maxine Rogers
Re: Show all processes with a name and then show detail
E.g. Notepad (Windows 7) version info, obtained using Resource Hacker.
And so we will use '040904B0\LegalCopyright' in the script below:
Code: Select all
BLOCK "040904B0"
{
VALUE "CompanyName", "Microsoft Corporation"
VALUE "FileDescription", "Notepad"
VALUE "FileVersion", "6.1.7601.18917 (win7sp1_gdr.150709-0600)"
VALUE "InternalName", "Notepad"
VALUE "LegalCopyright", "© Microsoft Corporation. All rights reserved."
VALUE "OriginalFilename", "NOTEPAD.EXE"
VALUE "ProductName", "Microsoft® Windows® Operating System"
VALUE "ProductVersion", "6.1.7601.18917"
}
Code: Select all
;Win32_Process class (Windows)
;https://msdn.microsoft.com/en-us/library/aa394372(v=vs.85).aspx
;FileVersion() - FileVersionInfo simplified - AutoHotkey Community
;https://autohotkey.com/boards/viewtopic.php?f=6&t=4282
q:: ;get copyright information for open processes
vOutput := ""
for oProc in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_Process")
{
vPID := oProc.ProcessId
WinGet, vPPath, ProcessPath, % "ahk_pid " vPID
WinGet, vPName, ProcessName, % "ahk_pid " vPID
if !(vPName = "") && FileExist(vPPath)
vOutput .= vPName " " FileVersion(vPPath, "040904B0\LegalCopyright") "`r`n"
}
Clipboard := vOutput
MsgBox, % "done"
return
;==================================================
FileVersion( PE := "", Qry := "040904B0\FileDescription" ) { ; by SKAN 18-Aug-2014 http://goo.gl/XdJIIC
Local pInfo := 0
If Sz := DllCall( "Version\GetFileVersionInfoSizeW", "WStr",PE ? PE : PE := A_AhkPath, "Int",0 )
If DllCall( "Version\GetFileVersionInfoW", "WStr",PE, "Int",0, "UInt",VarSetCapacity( V,Sz ), "Str",V )
If DllCall( "Version\VerQueryValueW", "Str",V, "WStr","\StringFileInfo\" . Qry, "PtrP",pInfo, "Int",0 )
Return StrGet( pInfo, "UTF-16" )
}
homepage | tutorials | wish list | fun threads | donate
WARNING: copy your posts/messages before hitting Submit as you may lose them due to CAPTCHA
WARNING: copy your posts/messages before hitting Submit as you may lose them due to CAPTCHA
-
Maxine Rogers
Re: Show all processes with a name and then show detail
my goal is to check all the running svchost.exe files and make sure all are microsoft. Virus files sometimes use svchost.exe and it is not uncommong for there to be 5+ running real svchost files, hope this explains what i am seeking to get tojeeswg wrote:E.g. Notepad (Windows 7) version info, obtained using Resource Hacker.
And so we will use '040904B0\LegalCopyright' in the script below:Code: Select all
BLOCK "040904B0" { VALUE "CompanyName", "Microsoft Corporation" VALUE "FileDescription", "Notepad" VALUE "FileVersion", "6.1.7601.18917 (win7sp1_gdr.150709-0600)" VALUE "InternalName", "Notepad" VALUE "LegalCopyright", "© Microsoft Corporation. All rights reserved." VALUE "OriginalFilename", "NOTEPAD.EXE" VALUE "ProductName", "Microsoft® Windows® Operating System" VALUE "ProductVersion", "6.1.7601.18917" }Code: Select all
;Win32_Process class (Windows) ;https://msdn.microsoft.com/en-us/library/aa394372(v=vs.85).aspx ;FileVersion() - FileVersionInfo simplified - AutoHotkey Community ;https://autohotkey.com/boards/viewtopic.php?f=6&t=4282 q:: ;get copyright information for open processes vOutput := "" for oProc in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_Process") { vPID := oProc.ProcessId WinGet, vPPath, ProcessPath, % "ahk_pid " vPID WinGet, vPName, ProcessName, % "ahk_pid " vPID if !(vPName = "") && FileExist(vPPath) vOutput .= vPName " " FileVersion(vPPath, "040904B0\LegalCopyright") "`r`n" } Clipboard := vOutput MsgBox, % "done" return ;================================================== FileVersion( PE := "", Qry := "040904B0\FileDescription" ) { ; by SKAN 18-Aug-2014 http://goo.gl/XdJIIC Local pInfo := 0 If Sz := DllCall( "Version\GetFileVersionInfoSizeW", "WStr",PE ? PE : PE := A_AhkPath, "Int",0 ) If DllCall( "Version\GetFileVersionInfoW", "WStr",PE, "Int",0, "UInt",VarSetCapacity( V,Sz ), "Str",V ) If DllCall( "Version\VerQueryValueW", "Str",V, "WStr","\StringFileInfo\" . Qry, "PtrP",pInfo, "Int",0 ) Return StrGet( pInfo, "UTF-16" ) }
thanksyou for your kind contributions
Re: Show all processes with a name and then show detail
Hello Maxine Rogers.
Welcome to the AutoHotkey community forums.
The code below reads all processes and lists them in a messagebox. The list is also copied to ClipBoard for easy pasting.
NOTE: it is important to keep in mind that reading system processes like Svchost.exe requires special privileges. Also, some process names are in Unicode, so you have to compile the code below using the Unicode64 version of AutoHotkey (or Unicode32 only if your system is 32 bits) and than run the compiled .exe as admin to get the most complete list (otherwise, you will only get a list of paths for some low privilege processes).
*All credits for the functions go to their individual authors as listed.
Best wishes.
Welcome to the AutoHotkey community forums.
The code below reads all processes and lists them in a messagebox. The list is also copied to ClipBoard for easy pasting.
NOTE: it is important to keep in mind that reading system processes like Svchost.exe requires special privileges. Also, some process names are in Unicode, so you have to compile the code below using the Unicode64 version of AutoHotkey (or Unicode32 only if your system is 32 bits) and than run the compiled .exe as admin to get the most complete list (otherwise, you will only get a list of paths for some low privilege processes).
*All credits for the functions go to their individual authors as listed.
Code: Select all
#NoEnv
#SingleInstance Force
SetBatchLines -1
AccessRights_EnableSeDebug()
OUT_LIST := "", COUNT_NO_PATHS := 0
for i, v in WTSEnumerateProcessesEx()
{
FullEXEPath := GetModuleFileNameEx( v.ProsessID )
OUT_LIST := OUT_LIST . "Name: " . v.ProcessName . "`nPath: " . FullEXEPath . "`nLegal: " . FileGetInfo( FullEXEPath ).LegalCopyright . "`n`n"
}
Clipboard := OUT_LIST
msgbox % OUT_LIST
return
; ==============================================================
; WTSEnumerateProcessesEx() By JNIZM - https://autohotkey.com/boards/viewtopic.php?t=19323
;==============================================================
Return
WTSEnumerateProcessesEx()
{
static hWTSAPI := DllCall("LoadLibrary", "str", "wtsapi32.dll", "ptr")
if !(DllCall("wtsapi32\WTSEnumerateProcessesEx", "ptr", 0, "uint*", 0, "uint", -2, "ptr*", buf, "uint*", TTL))
throw Exception("WTSEnumerateProcessesEx failed", -1)
addr := buf, WTS_PROCESS_INFO := []
loop % TTL
{
WTS_PROCESS_INFO[A_Index, "SessionID"] := NumGet(addr+0, "uint")
WTS_PROCESS_INFO[A_Index, "ProsessID"] := NumGet(addr+4, "uint")
WTS_PROCESS_INFO[A_Index, "ProcessName"] := StrGet(NumGet(addr+8, "ptr"))
WTS_PROCESS_INFO[A_Index, "UserSID"] := NumGet(addr+8+A_PtrSize, "ptr")
addr += 8 + (A_PtrSize * 2)
}
if !(DllCall("wtsapi32\WTSFreeMemoryEx", "int", 0, "ptr", buf, "uint", TTL))
throw Exception("WTSFreeMemoryEx failed", -1)
return WTS_PROCESS_INFO
}
Return
; ==================================================
; FileGetInfo() By Lexikos - https://autohotkey.com/boards/viewtopic.php?t=4282
;===================================================
FileGetInfo( lptstrFilename) {
List := "Comments InternalName ProductName CompanyName LegalCopyright ProductVersion"
. " FileDescription LegalTrademarks PrivateBuild FileVersion OriginalFilename SpecialBuild"
dwLen := DllCall("Version.dll\GetFileVersionInfoSize", "Str", lptstrFilename, "Ptr", 0)
dwLen := VarSetCapacity( lpData, dwLen + A_PtrSize)
DllCall("Version.dll\GetFileVersionInfo", "Str", lptstrFilename, "UInt", 0, "UInt", dwLen, "Ptr", &lpData)
DllCall("Version.dll\VerQueryValue", "Ptr", &lpData, "Str", "\VarFileInfo\Translation", "PtrP", lplpBuffer, "PtrP", puLen )
sLangCP := Format("{:04X}{:04X}", NumGet(lplpBuffer+0, "UShort"), NumGet(lplpBuffer+2, "UShort"))
i := {}
Loop, Parse, % List, %A_Space%
DllCall("Version.dll\VerQueryValue", "Ptr", &lpData, "Str", "\StringFileInfo\" sLangCp "\" A_LoopField, "PtrP", lplpBuffer, "PtrP", puLen )
? i[A_LoopField] := StrGet(lplpBuffer, puLen) : ""
return i
}
Return
; =================================================================================================
; GetModuleFileNameEx() By Shimanov as cited by SKAN - https://autohotkey.com/board/topic/41197-getting-a-full-executable-path-from-a-running-process/
; Modified to use GetModuleFileNameExW if A_IsUnicode - By Gio - 03-11-17
;=================================================================================================
GetModuleFileNameEx( p_pid ) ; by shimanov - www.autohotkey.com/forum/viewtopic.php?t=9000
{
if A_OSVersion in WIN_95,WIN_98,WIN_ME
{
MsgBox, This Windows version (%A_OSVersion%) is not supported.
return
}
h_process := DllCall( "OpenProcess", "uint", 0x10|0x400, "int", false, "uint", p_pid )
if ( ErrorLevel or h_process = 0 )
return
name_size = 255
VarSetCapacity( name, name_size )
If A_IsUnicode
result := DllCall( "psapi.dll\GetModuleFileNameExW", "uint", h_process, "uint", 0, "str" , name, "uint", name_size )
Else
result := DllCall( "psapi.dll\GetModuleFileNameExA", "uint", h_process, "uint", 0, "str" , name, "uint", name_size )
DllCall( "CloseHandle", h_process )
return, name
}
; =================================================================================================
; AccessRights_EnableSeDebug() By Cyruz - https://autohotkey.com/boards/viewtopic.php?t=2039
;=================================================================================================
; ----------------------------------------------------------------------------------------------------------------------
; Function .....: AccessRights_EnableSeDebug
; Description ..: Enable the SE_DEBUG_PRIVILEGE on the current script instance.
; AHK Version ..: AHK_L x32/64 Unicode
; Author .......: Cyruz - http://ciroprincipe.info
; License ......: WTFPL - http://www.wtfpl.net/txt/copying/
; Changelog ....: Feb. 5, 2014 - v0.1 - First version.
; ----------------------------------------------------------------------------------------------------------------------
AccessRights_EnableSeDebug() {
hProc := DllCall( "OpenProcess", UInt,0x0400, Int,0, UInt,DllCall("GetCurrentProcessId"), "Ptr" )
DllCall( "Advapi32.dll\OpenProcessToken", Ptr,hProc, UInt,0x0020|0x0008, PtrP,hToken )
VarSetCapacity(LUID, 8, 0)
DllCall( "Advapi32.dll\LookupPrivilegeValue", Ptr,0, Str,"SeDebugPrivilege", Ptr,&LUID )
VarSetCapacity( TOKPRIV, 16, 0 ) ; TOKEN_PRIVILEGES structure: http://goo.gl/AGXeAp.
NumPut( 1, &TOKPRIV, 0, "UInt" ) ; TOKEN_PRIVILEGES > PrivilegeCount.
NumPut( NumGet( &LUID, 0, "UInt" ), &TOKPRIV, 4, "UInt" ) ; TOKEN_PRIVILEGES > LUID_AND_ATTRIBUTES > LUID > LoPart.
NumPut( NumGet( &LUID, 4, "UInt" ), &TOKPRIV, 8, "UInt" ) ; TOKEN_PRIVILEGES > LUID_AND_ATTRIBUTES > LUID > HiPart.
NumPut( 2, &TOKPRIV, 12, "UInt" ) ; TOKEN_PRIVILEGES > LUID_AND_ATTRIBUTES > Attributes.
; SE_PRIVILEGE_ENABLED = 2.
DllCall( "Advapi32.dll\AdjustTokenPrivileges", Ptr,hToken, Int,0, Ptr,&TOKPRIV, UInt,0, Ptr,0, Ptr,0 )
DllCall( "CloseHandle", Ptr,hToken )
DllCall( "CloseHandle", Ptr,hProc )
}Best wishes.
"What is suitable automation? Whatever saves your day for the greater matters."
Barcoder - Create QR Codes and other Barcodes using only Autohotkey !!
Archmage Gray - A fantasy shooter game fully coded in AutoHotkey
Barcoder - Create QR Codes and other Barcodes using only Autohotkey !!
Archmage Gray - A fantasy shooter game fully coded in AutoHotkey
Re: Show all processes with a name and then show detail
this one checks many details of your running processes called svchost.exe à la task manager such as the command lines, which can help you identify fakes
Code: Select all
#SingleInstance Ignore
;request admin rights
full_command_line := DllCall("GetCommandLine", "str")
if not (A_IsAdmin or RegExMatch(full_command_line, " /restart(?!\S)"))
{
try
{
if A_IsCompiled
RunWait *RunAs "%A_ScriptFullPath%" /restart
else
RunWait *RunAs "%A_AhkPath%" /restart "%A_ScriptFullPath%"
}
}
if not A_IsAdmin
{
MsgBox,Administrator rights not found, the program might not work correctly.
}
Gui, New, -DPIScale
;https://msdn.microsoft.com/en-us/library/aa394372.aspx
Gui, Add, ListView, x0 y0 w%A_ScreenWidth% h480, CreationClassName|Caption|CommandLine|CreationDate|CSCreationClassName|CSName|Description|ExecutablePath|ExecutionState|Handle|HandleCount|InstallDate|KernelModeTime|MaximumWorkingSetSize|MinimumWorkingSetSize|Name|OSCreationClassName|OSName|OtherOperationCount|OtherTransferCount|PageFaults|PageFileUsage|ParentProcessId|PeakPageFileUsage|PeakVirtualSize|PeakWorkingSetSize|Priority|PrivatePageCount|ProcessId|QuotaNonPagedPoolUsage|QuotaPagedPoolUsage|QuotaPeakNonPagedPoolUsage|QuotaPeakPagedPoolUsage|ReadOperationCount|ReadTransferCount|SessionId|Status|TerminationDate|ThreadCount|UserModeTime|VirtualSize|WindowsVersion|WorkingSetSize|WriteOperationCount|WriteTransferCount
for process in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_Process where Name='svchost.exe'")
LV_Add("", process.CreationClassName, process.Caption, process.CommandLine, process.CreationDate, process.CSCreationClassName, process.CSName, process.Description, process.ExecutablePath, process.ExecutionState, process.Handle, process.HandleCount, process.InstallDate, process.KernelModeTime, process.MaximumWorkingSetSize, process.MinimumWorkingSetSize, process.Name, process.OSCreationClassName, process.OSName, process.OtherOperationCount, process.OtherTransferCount, process.PageFaults, process.PageFileUsage, process.ParentProcessId, process.PeakPageFileUsage, process.PeakVirtualSize, process.PeakWorkingSetSize, process.Priority, process.PrivatePageCount, process.ProcessId, process.QuotaNonPagedPoolUsage, process.QuotaPagedPoolUsage, process.QuotaPeakNonPagedPoolUsage, process.QuotaPeakPagedPoolUsage, process.ReadOperationCount, process.ReadTransferCount, process.SessionId, process.Status, process.TerminationDate, process.ThreadCount, process.UserModeTime, process.VirtualSize, process.WindowsVersion, process.WorkingSetSize, process.WriteOperationCount, process.WriteTransferCount)
LV_ModifyCol()
Gui, Show,, Process List
return
GuiClose:
ExitAppYOU'RE NOT ALEXANDER
-
Maxine Rogers
Re: Show all processes with a name and then show detail
hi, thank you, is there a way to see the copyright info? is you go to task manager, select svchost.exe, right click, select properties, then select the details tab you will see copyright info, there someone can see if its microsoft, all real svchosts should have that and fake ones cannot.WAZAAAAA wrote:this one checks many details of your running processes called svchost.exe à la task manager such as the command lines, which can help you identify fakesCode: Select all
#SingleInstance Ignore ;request admin rights full_command_line := DllCall("GetCommandLine", "str") if not (A_IsAdmin or RegExMatch(full_command_line, " /restart(?!\S)")) { try { if A_IsCompiled RunWait *RunAs "%A_ScriptFullPath%" /restart else RunWait *RunAs "%A_AhkPath%" /restart "%A_ScriptFullPath%" } } if not A_IsAdmin { MsgBox,Administrator rights not found, the program might not work correctly. } Gui, New, -DPIScale ;https://msdn.microsoft.com/en-us/library/aa394372.aspx Gui, Add, ListView, x0 y0 w%A_ScreenWidth% h480, CreationClassName|Caption|CommandLine|CreationDate|CSCreationClassName|CSName|Description|ExecutablePath|ExecutionState|Handle|HandleCount|InstallDate|KernelModeTime|MaximumWorkingSetSize|MinimumWorkingSetSize|Name|OSCreationClassName|OSName|OtherOperationCount|OtherTransferCount|PageFaults|PageFileUsage|ParentProcessId|PeakPageFileUsage|PeakVirtualSize|PeakWorkingSetSize|Priority|PrivatePageCount|ProcessId|QuotaNonPagedPoolUsage|QuotaPagedPoolUsage|QuotaPeakNonPagedPoolUsage|QuotaPeakPagedPoolUsage|ReadOperationCount|ReadTransferCount|SessionId|Status|TerminationDate|ThreadCount|UserModeTime|VirtualSize|WindowsVersion|WorkingSetSize|WriteOperationCount|WriteTransferCount for process in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_Process where Name='svchost.exe'") LV_Add("", process.CreationClassName, process.Caption, process.CommandLine, process.CreationDate, process.CSCreationClassName, process.CSName, process.Description, process.ExecutablePath, process.ExecutionState, process.Handle, process.HandleCount, process.InstallDate, process.KernelModeTime, process.MaximumWorkingSetSize, process.MinimumWorkingSetSize, process.Name, process.OSCreationClassName, process.OSName, process.OtherOperationCount, process.OtherTransferCount, process.PageFaults, process.PageFileUsage, process.ParentProcessId, process.PeakPageFileUsage, process.PeakVirtualSize, process.PeakWorkingSetSize, process.Priority, process.PrivatePageCount, process.ProcessId, process.QuotaNonPagedPoolUsage, process.QuotaPagedPoolUsage, process.QuotaPeakNonPagedPoolUsage, process.QuotaPeakPagedPoolUsage, process.ReadOperationCount, process.ReadTransferCount, process.SessionId, process.Status, process.TerminationDate, process.ThreadCount, process.UserModeTime, process.VirtualSize, process.WindowsVersion, process.WorkingSetSize, process.WriteOperationCount, process.WriteTransferCount) LV_ModifyCol() Gui, Show,, Process List return GuiClose: ExitApp
I tried playing with your code but I could not get it to pull that data.
Thank you
Re: Show all processes with a name and then show detail Topic is solved
Sure. This is how you would add it to WAZAAAAAs code (check it as a new column to the end of the listview):is there a way to see the copyright info?
I tried playing with your code but I could not get it to pull that data.
Code: Select all
#SingleInstance Ignore
;request admin rights
full_command_line := DllCall("GetCommandLine", "str")
if not (A_IsAdmin or RegExMatch(full_command_line, " /restart(?!\S)"))
{
try
{
if A_IsCompiled
RunWait *RunAs "%A_ScriptFullPath%" /restart
else
RunWait *RunAs "%A_AhkPath%" /restart "%A_ScriptFullPath%"
}
}
if not A_IsAdmin
{
MsgBox,Administrator rights not found, the program might not work correctly.
}
Gui, New, -DPIScale
;https://msdn.microsoft.com/en-us/library/aa394372.aspx
Gui, Add, ListView, x0 y0 w%A_ScreenWidth% h480, CreationClassName|Caption|CommandLine|CreationDate|CSCreationClassName|CSName|Description|ExecutablePath|ExecutionState|Handle|HandleCount|InstallDate|KernelModeTime|MaximumWorkingSetSize|MinimumWorkingSetSize|Name|OSCreationClassName|OSName|OtherOperationCount|OtherTransferCount|PageFaults|PageFileUsage|ParentProcessId|PeakPageFileUsage|PeakVirtualSize|PeakWorkingSetSize|Priority|PrivatePageCount|ProcessId|QuotaNonPagedPoolUsage|QuotaPagedPoolUsage|QuotaPeakNonPagedPoolUsage|QuotaPeakPagedPoolUsage|ReadOperationCount|ReadTransferCount|SessionId|Status|TerminationDate|ThreadCount|UserModeTime|VirtualSize|WindowsVersion|WorkingSetSize|WriteOperationCount|WriteTransferCount|Legal Info
for process in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_Process where Name='svchost.exe'")
LV_Add("", process.CreationClassName, process.Caption, process.CommandLine, process.CreationDate, process.CSCreationClassName, process.CSName, process.Description, process.ExecutablePath, process.ExecutionState, process.Handle, process.HandleCount, process.InstallDate, process.KernelModeTime, process.MaximumWorkingSetSize, process.MinimumWorkingSetSize, process.Name, process.OSCreationClassName, process.OSName, process.OtherOperationCount, process.OtherTransferCount, process.PageFaults, process.PageFileUsage, process.ParentProcessId, process.PeakPageFileUsage, process.PeakVirtualSize, process.PeakWorkingSetSize, process.Priority, process.PrivatePageCount, process.ProcessId, process.QuotaNonPagedPoolUsage, process.QuotaPagedPoolUsage, process.QuotaPeakNonPagedPoolUsage, process.QuotaPeakPagedPoolUsage, process.ReadOperationCount, process.ReadTransferCount, process.SessionId, process.Status, process.TerminationDate, process.ThreadCount, process.UserModeTime, process.VirtualSize, process.WindowsVersion, process.WorkingSetSize, process.WriteOperationCount, process.WriteTransferCount, FileGetInfo(process.ExecutablePath).LegalCopyright )
LV_ModifyCol()
Gui, Show,, Process List
return
GuiClose:
ExitApp
; ==================================================
; FileGetInfo() By Lexikos - https://autohotkey.com/boards/viewtopic.php?t=4282
;===================================================
FileGetInfo( lptstrFilename) {
List := "Comments InternalName ProductName CompanyName LegalCopyright ProductVersion"
. " FileDescription LegalTrademarks PrivateBuild FileVersion OriginalFilename SpecialBuild"
dwLen := DllCall("Version.dll\GetFileVersionInfoSize", "Str", lptstrFilename, "Ptr", 0)
dwLen := VarSetCapacity( lpData, dwLen + A_PtrSize)
DllCall("Version.dll\GetFileVersionInfo", "Str", lptstrFilename, "UInt", 0, "UInt", dwLen, "Ptr", &lpData)
DllCall("Version.dll\VerQueryValue", "Ptr", &lpData, "Str", "\VarFileInfo\Translation", "PtrP", lplpBuffer, "PtrP", puLen )
sLangCP := Format("{:04X}{:04X}", NumGet(lplpBuffer+0, "UShort"), NumGet(lplpBuffer+2, "UShort"))
i := {}
Loop, Parse, % List, %A_Space%
DllCall("Version.dll\VerQueryValue", "Ptr", &lpData, "Str", "\StringFileInfo\" sLangCp "\" A_LoopField, "PtrP", lplpBuffer, "PtrP", puLen )
? i[A_LoopField] := StrGet(lplpBuffer, puLen) : ""
return i
}
Return"What is suitable automation? Whatever saves your day for the greater matters."
Barcoder - Create QR Codes and other Barcodes using only Autohotkey !!
Archmage Gray - A fantasy shooter game fully coded in AutoHotkey
Barcoder - Create QR Codes and other Barcodes using only Autohotkey !!
Archmage Gray - A fantasy shooter game fully coded in AutoHotkey
-
Maxine Rogers
Re: Show all processes with a name and then show detail
exactly what I needed,, found 18 different svchosts and all are microsoft, will keep on checking on my machines, thank you
Gio wrote:Sure. This is how you would add it to WAZAAAAAs code (check it as a new column to the end of the listview):is there a way to see the copyright info?
I tried playing with your code but I could not get it to pull that data.
Code: Select all
#SingleInstance Ignore ;request admin rights full_command_line := DllCall("GetCommandLine", "str") if not (A_IsAdmin or RegExMatch(full_command_line, " /restart(?!\S)")) { try { if A_IsCompiled RunWait *RunAs "%A_ScriptFullPath%" /restart else RunWait *RunAs "%A_AhkPath%" /restart "%A_ScriptFullPath%" } } if not A_IsAdmin { MsgBox,Administrator rights not found, the program might not work correctly. } Gui, New, -DPIScale ;https://msdn.microsoft.com/en-us/library/aa394372.aspx Gui, Add, ListView, x0 y0 w%A_ScreenWidth% h480, CreationClassName|Caption|CommandLine|CreationDate|CSCreationClassName|CSName|Description|ExecutablePath|ExecutionState|Handle|HandleCount|InstallDate|KernelModeTime|MaximumWorkingSetSize|MinimumWorkingSetSize|Name|OSCreationClassName|OSName|OtherOperationCount|OtherTransferCount|PageFaults|PageFileUsage|ParentProcessId|PeakPageFileUsage|PeakVirtualSize|PeakWorkingSetSize|Priority|PrivatePageCount|ProcessId|QuotaNonPagedPoolUsage|QuotaPagedPoolUsage|QuotaPeakNonPagedPoolUsage|QuotaPeakPagedPoolUsage|ReadOperationCount|ReadTransferCount|SessionId|Status|TerminationDate|ThreadCount|UserModeTime|VirtualSize|WindowsVersion|WorkingSetSize|WriteOperationCount|WriteTransferCount|Legal Info for process in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_Process where Name='svchost.exe'") LV_Add("", process.CreationClassName, process.Caption, process.CommandLine, process.CreationDate, process.CSCreationClassName, process.CSName, process.Description, process.ExecutablePath, process.ExecutionState, process.Handle, process.HandleCount, process.InstallDate, process.KernelModeTime, process.MaximumWorkingSetSize, process.MinimumWorkingSetSize, process.Name, process.OSCreationClassName, process.OSName, process.OtherOperationCount, process.OtherTransferCount, process.PageFaults, process.PageFileUsage, process.ParentProcessId, process.PeakPageFileUsage, process.PeakVirtualSize, process.PeakWorkingSetSize, process.Priority, process.PrivatePageCount, process.ProcessId, process.QuotaNonPagedPoolUsage, process.QuotaPagedPoolUsage, process.QuotaPeakNonPagedPoolUsage, process.QuotaPeakPagedPoolUsage, process.ReadOperationCount, process.ReadTransferCount, process.SessionId, process.Status, process.TerminationDate, process.ThreadCount, process.UserModeTime, process.VirtualSize, process.WindowsVersion, process.WorkingSetSize, process.WriteOperationCount, process.WriteTransferCount, FileGetInfo(process.ExecutablePath).LegalCopyright ) LV_ModifyCol() Gui, Show,, Process List return GuiClose: ExitApp ; ================================================== ; FileGetInfo() By Lexikos - https://autohotkey.com/boards/viewtopic.php?t=4282 ;=================================================== FileGetInfo( lptstrFilename) { List := "Comments InternalName ProductName CompanyName LegalCopyright ProductVersion" . " FileDescription LegalTrademarks PrivateBuild FileVersion OriginalFilename SpecialBuild" dwLen := DllCall("Version.dll\GetFileVersionInfoSize", "Str", lptstrFilename, "Ptr", 0) dwLen := VarSetCapacity( lpData, dwLen + A_PtrSize) DllCall("Version.dll\GetFileVersionInfo", "Str", lptstrFilename, "UInt", 0, "UInt", dwLen, "Ptr", &lpData) DllCall("Version.dll\VerQueryValue", "Ptr", &lpData, "Str", "\VarFileInfo\Translation", "PtrP", lplpBuffer, "PtrP", puLen ) sLangCP := Format("{:04X}{:04X}", NumGet(lplpBuffer+0, "UShort"), NumGet(lplpBuffer+2, "UShort")) i := {} Loop, Parse, % List, %A_Space% DllCall("Version.dll\VerQueryValue", "Ptr", &lpData, "Str", "\StringFileInfo\" sLangCp "\" A_LoopField, "PtrP", lplpBuffer, "PtrP", puLen ) ? i[A_LoopField] := StrGet(lplpBuffer, puLen) : "" return i } Return
Who is online
Users browsing this forum: OrangeCat and 281 guests