How to get information of running applications

(imported topic written by wazty200291)

Hi,

I want get company names,product names, and versions of running applications, and I only know how to get versions of running applications at this time, but how to get company name and product name? Please help me, thanks!

(imported comment written by Lee Wei)

Hello,

A few notes that will help getting what we need:

  • Note that the “application” inspector inherits from the “file” inspector, so take a look at the properties for the File inspector to figure out what is available.
  • Perhaps the most tricky part is that many application do not specify their version number or company name. So it is important to check for non-existence scenarios.

I have included a few queries for you to test. The last one is the query you need.

q: ((if (exists version of it) then (version of it as string) else “No version info”)) of running applications

q: (if (exists version block 1 of it) then (value “CompanyName” of version block 1 of it) else (“No company info”)) of running applications

q: ((if (exists version block 1 of it) then (value “CompanyName” of version block 1 of it) else (“No company info”)), (if (exists version block 1 of it) then (value “ProductName” of version block 1 of it) else (“No product info”)), (if (exists version of it) then (version of it as string) else “No version info”)) of running applications

q: ((if (exists version block 1 of it) then (value “CompanyName” of version block 1 of it) else (“No company info”)) & " - " & (if (exists version block 1 of it) then (value “ProductName” of version block 1 of it) else (“No product info”)) & " - " & (if (exists version of it) then (version of it as string) else “No version info”)) of running applications

A: Intel Corporation - Intel® PROSet/Wireless Event Log - 10.1.0.1

A: Computer Associates International, Inc. - eTrust Antivirus - 7.1.192.0

A: NVIDIA Corporation - NVIDIA Driver Helper Service, Version 83.13 - 6.14.10.8313

A: BigFix, Inc. - BES UnmanagedAssetImporter-NMAP - 7.1.1.9

A: SigmaTel, Inc. - C-Major Audio - 1.0.4995.1

(imported comment written by wazty200291)

Hi Lee,

Thanks for your help, and I know how to get company name, product name and etc. from version block of file, but I think I need a relevance like “versions of running applications” or “product name of running application”, after test it, only “versions of running applications” works fine.

q:versions of running applications

A: 5.1.2600.2180

A: 5.1.2600.2180

A: 5.1.2600.2180

A: 5.1.2600.2180

A: 5.1.2600.2180

A: 5.1.2600.2180

A: 6.0.2900.3156

A: 1.4.3.8645

A: 10.0.0.4

A: 4.10.3.76

A: 4.1.8.1004

A: 5.1.2600.2180

A: 5.1.0.706

A: 11.0.8217.0

A: 6.0.28.4

A: 11.0.8215.0

A: 5.1.2600.2180

A: 5.1.2600.2180

A: 5.1.2600.2180

A: 3.6.4.141

A: 1.5.0.3

A: 8.0.714.1791

A: 1.0.170.0

A: 5.8.3.556

A: 11.6.0.20

A: 1.9.0.3105

A: 6.0.21.5

(imported comment written by Lee Wei)

wazty2002,

The relevance examples I provided is the way we can retrieve the product name and company name.

We cannot get them from the the Application inspector.

Sorry I did not understand the question - if you “know how to get company name, product name and etc. from version block of file”, what else is desired?

Lee Wei

(imported comment written by jessewk)

Can you post an example of the result you are looking for?

(imported comment written by wazty200291)

Sorry for my faint description.

For example:

Q: running applications “skype.exe”

A: “Skype.exe” “3.6.0.0” “TOM-Skype” “3.6.4.141” “Skype Technologies S.A.”

Here is “TOM-Skype” and “Skype Technologies S.A.”, I think the “TOM-Skype” is product name, and the “Skype Technologies S.A.” is company name, so I wonder whether there is a simple relevance just return “TOM-Skype” or “Skype Technologies S.A.”.

The version information can get from a simple relevance as below:

Q: version of running applications “skype.exe”

A: 3.6.4.141

Q: product version of running applications “skype.exe”

A: 3.6.0.0

I said that I known how to get company name, product name and etc. from version block of file as below:

Q: values “ProductName” of version blocks of files (pathnames of running applications “skype.exe”)

A: Skype

Q: values “Company” of version blocks of files (pathnames of running applications “skype.exe”)

A: Skype Technologies S.A.

In fact, I just want to get “TOM-Skype” from running application “skype.exe” results.

(imported comment written by jessewk)

The running applications inspector treats itself as a file object when cast as a string.

The format of the string returned when casting a file using ‘as string’ is:

“” “” “” “” “”

Where:

The name of the file

The ‘Product Version’ of the file.

The value ‘FileDescription’ of version block 1 of the file.

The value ‘FileVersion’ of version block 1 of the file.

The value ‘CompanyName’ of version block 1 of the file.

So you’re looking for this then:

Q: values “FileDescription” of version blocks of files (pathnames of running applications)

(imported comment written by wazty200291)

ok, I see, thank you very much.

(imported comment written by lmpymilk91)

can you also get the “User Name” of the running application?

(imported comment written by BenKus)

Not currently… You will need to find WMI querys for user process info…

Ben