get process name from it's own description?

How can I get the process name from computer memory by using loop depending on the process description ?

Example:

My program name is "dev.exe" in memory and its description is "a tool for helping php developers"

Is there any way to find my process name by using process description even if the user change the name?

Can we do this an autoit or cmd or wmic?

2 Answers

I found this link trying to solve the same problem. Building off the existing answer, a simple line that can be added to an existing script:

 Get-Process | where {$_.Description -like '*note*'} | select Path, Description, ProcessName

Example output:

 Path Description ProcessName
---- ----------- -----------
C:\Windows\system32\notepad.exe Notepad notepad
C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE Microsoft OneNote ONENOTE
C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE Send to OneNote Tool ONENOTEM

How do I find a running Process Name given it's "File description" property value?

Improved solution (thanks to @BenN following discussion in chat):

Use the following PowerShell Script (Get-ProcessName.ps1).

$_match=$Args[0].ToLowerInvariant()
Get-Process | where {$_.Description -ne $null -and $_.Description.ToLowerInvariant().Contains($_match)} | select Path, Description, ProcessName

Notes:

The first parameter passed to the script is used to perform a case insensitive search within the "File description" property value.
Passing "notepad" will match both "notepad.exe" and "notepad++.exe" if they are both running.

Example output:

PS F:\test> .\Get-ProcessName notepad
Path Description ProcessName
---- ----------- -----------
C:\Windows\system32\notepad.exe Notepad notepad
E:\LiberKey\Apps\Notepad++\App\Notepad++\notepad++.exe Notepad++ : a free (GNU) source code editor notepad++
E:\LiberKey\Apps\Notepad++\App\Notepad++\notepad++.exe Notepad++ : a free (GNU) source code editor notepad++
PS F:\test>

Original solution:

Use the following Powershell Script (Get-ProcessName.ps1).

$_name=$Args[0]
$_match="*"+$Args[0]+"*"
Get-Process | ForEach { if ($_.Path) { $_filedescription=(Get-Item $_.Path).VersionInfo.FileDescription if ($_filedescription -like $_match) { Write-Output "File Description: '$_filedescription', Process Path: '$($_.Path)', Process Name: '$($_.ProcessName)'" } } }

Notes:

The first parameter passed to the script is used to perform a "wildcard" case insensitive search within the "File description" property value.
If you pass string it will search using *string* and will match string anywhere within the "File description" property
Passing "notepad" will match both "notepad.exe" and "notepad++.exe" if they are both running.
The script outputs the "File Description", "Process Path" and "Process Name.

Example output:

PS F:\test> .\Get-ProcessName notepad
File Description: 'Notepad', Process Path: 'C:\Windows\system32\notepad.exe', Process Name: 'notepad'
File Description: 'Notepad++ : a free (GNU) source code editor', Process Path: 'E:\LiberKey\Apps\Notepad++\App\Notepad++\notepad++.exe', Process Name: 'notepad++'
File Description: 'Notepad++ : a free (GNU) source code editor', Process Path: 'E:\LiberKey\Apps\Notepad++\App\Notepad++\notepad++.exe', Process Name: 'notepad++'
PS F:\test>

Notes:

"notepad++.exe" has two processes in memory when running the portable version.

2 Answers

How do I find a running Process Name given it's "File description" property value?

Your Answer

Sign up or log in

Post as a guest

Related Journals

Plan B for spy (What spy revolver?)

Where to locate png for nether portal in assets

How to get a Ships-of-the-Line?

In Score Attack mode, what affects the score?