Visual Studio Code - How to get the processes name with the apps name on windows?

JJG
January 3, 2023
90 views
0 votes
2 Answers

Could anyone helps me to fetch the Apps name and all the Processes opened by the App? Just like the Task Manager shows.

Can you give me an example in Java, Python or Powershell? I have tried the ways from internet, but I can only fetch the processes name, I also want to get the apps name as well.

These are what I tried:

Powershell: Get-Process

Powershell

Python:

import psutil

# Define the app group name
app_group = 'Visual Studio Code'

# Get a list of all running processes
processes = psutil.process_iter()

for process in processes:
    print(f'Process ID: {process.pid}')
    print(f'Process Name: {process.name()}')

Python

Answers

Chosen as BEST ANSWER

I find out 2 solution so far:

Solution Result 1

We can use pslist64.exe -t from Sysinternals.

Solution Result 2 - powershell

function Get-ProcessAndChildProcesses($Level, $Process) {
    "{0}[{1,-5}] [{2}]" -f ("  " * $Level), $Process.ProcessId, $Process.Name
    $Children = $Global:Processes | where-object {$_.ParentProcessId -eq $Process.ProcessId -and $_.CreationDate -ge $Process.CreationDate}
    if ($Children -ne $null) {
      foreach ($Child in $Children) {
        Get-ProcessAndChildProcesses ($Level + 1) $Child
      }
    }
  }
  $Global:Processes = Get-WMIObject -Class Win32_Process
  $RootProcesses = @()
  # Process "System Idle Process" is processed differently, as ProcessId and ParentProcessId are 0
  # $Global:Processes is sliced from index 1 to the end of the array
  foreach ($Process in $Global:Processes[1..($Global:Processes.length-1)]) {
    $Parent = $global:Processes | where-object {$_.ProcessId -eq $Process.ParentProcessId -and $_.CreationDate -lt $Process.CreationDate}
    if ($Parent -eq $null) {
      $RootProcesses += $Process
    }
  }
  #Process the "System Idle process" separately
  "[{0,-5}] [{1}]" -f $Global:Processes[0].ProcessId, $Global:Processes[0].Name
  foreach ($Process in $RootProcesses) {
    Get-ProcessAndChildProcesses 0 $Process
}

Solution Result 2 - powershell

[25488] [Code.exe]
    [15040] [Code.exe]
    [23652] [Code.exe]
    [13024] [Code.exe]
    [3800 ] [Code.exe]
    [29312] [Code.exe]
    [24024] [Code.exe]
    [20220] [Code.exe]
    [3888 ] [Code.exe]
      [31408] [Code.exe]
      [3976 ] [Code.exe]
      [1348 ] [TabNine.exe]
        [39240] [conhost.exe]
        [30688] [TabNine.exe]
          [41152] [TabNine-deep-local.exe]
    [23768] [Code.exe]
      [31400] [Code.exe]
      [33528] [Code.exe]
      [7504 ] [TabNine.exe]
        [11088] [conhost.exe]
        [38000] [TabNine.exe]
        [3892 ] [WD-TabNine.exe]
    [28860] [Code.exe]
      [32068] [Code.exe]
      [32316] [Code.exe]
        [33768] [Code.exe]
      [33124] [Code.exe]
      [33160] [Code.exe]
      [33708] [Code.exe]
      [37204] [Code.exe]
      [30968] [TabNine.exe]
        [28224] [conhost.exe]
        [40740] [TabNine.exe]
    [24716] [Code.exe]
      [32776] [Code.exe]
      [32740] [Code.exe]
      [32132] [python.exe]
        [37124] [conhost.exe]
      [33344] [Code.exe]
      [36212] [Code.exe]
      [1100 ] [TabNine.exe]
        [38124] [conhost.exe]
        [28104] [TabNine.exe]
    [27296] [Code.exe]
      [30732] [Code.exe]
        [27844] [conhost.exe]
        [32736] [powershell.exe]
        [28736] [conhost.exe]
        [36304] [powershell.exe]
        [30308] [conhost.exe]
        [37160] [powershell.exe]
        [11316] [conhost.exe]
        [39156] [powershell.exe]
      [31036] [Code.exe]
      [31056] [Code.exe]
      [31184] [Code.exe]
      [31272] [Code.exe]
    [38408] [CodeSetup-stable-e8a3071ea4344d9d48ef8a4df2c097372b0c5161.exe]
      [38552] [CodeSetup-stable-e8a3071ea4344d9d48ef8a4df2c097372b0c5161.tmp]

(Edit)

Is PS, you can just do this.

Clear-Host
Get-Process | 
Where-Object {$PSItem.ProcessName -eq 'Code'} |
Select-Object -Property Id, Name, ProcessName

Update

Grouping

Clear-Host
Get-Process | 
Select-Object -Property Id, Name, ProcessName | 
Group-Object -Property ProcessName

Update

Process details

Clear-Host
Get-Process | 
Where-Object {$PSItem.ProcessName -eq 'Code'} |
Select-Object -Property '*' -First 1
# Results
<#
Name                       : Code
Id                         : 6228
PriorityClass              : Normal
FileVersion                : 1.72.2
HandleCount                : 196
WorkingSet                 : 82386944
PagedMemorySize            : 25554944
PrivateMemorySize          : 25554944
VirtualMemorySize          : 532230144
TotalProcessorTime         : 00:00:00.5312500
SI                         : 1
Handles                    : 196
VM                         : 2225325289472
WS                         : 82386944
PM                         : 25554944
NPM                        : 14048
Path                       : C:UsersDanielAppDataLocalProgramsMicrosoft VS CodeCode.exe
Company                    : Microsoft Corporation
CPU                        : 0.53125
ProductVersion             : 1.72.2
Description                : Visual Studio Code
Product                    : Visual Studio Code
__NounName                 : Process
BasePriority               : 8
ExitCode                   : 
HasExited                  : False
ExitTime                   : 
Handle                     : 3940
SafeHandle                 : Microsoft.Win32.SafeHandles.SafeProcessHandle
MachineName                : .
MainWindowHandle           : 0
MainWindowTitle            : 
MainModule                 : System.Diagnostics.ProcessModule (Code.exe)
MaxWorkingSet              : 1413120
MinWorkingSet              : 204800
Modules                    : {System.Diagnostics.ProcessModule (Code.exe),...
NonpagedSystemMemorySize64 : 14048
PagedMemorySize64          : 25554944
PagedSystemMemorySize      : 490896
PagedSystemMemorySize64    : 490896
PeakPagedMemorySize        : 34410496
PeakPagedMemorySize64      : 34410496
PeakWorkingSet             : 87883776
PeakWorkingSet64           : 87883776
PeakVirtualMemorySize      : 637603840
PeakVirtualMemorySize64    : 2225430663168
PriorityBoostEnabled       : True
PrivateMemorySize64        : 25554944
PrivilegedProcessorTime    : 00:00:00.0625000
ProcessName                : Code
ProcessorAffinity          : 255
Responding                 : True
SessionId                  : 1
StartInfo                  : System.Diagnostics.ProcessStartInfo
StartTime                  : 02-Jan-23 20:11:26
SynchronizingObject        : 
Threads                    : {11556, 21344, 18128, 21444, 14468, 9144, 18068, 17528, 20796, 13064, 17536, 18828, 19724, 18900}
UserProcessorTime          : 00:00:00.4687500
VirtualMemorySize64        : 2225325289472
EnableRaisingEvents        : False
StandardInput              : 
StandardOutput             : 
StandardError              : 
WorkingSet64               : 82386944
Site                       : 
Container                  : 
#>

Update

Clear-Host
Get-Process | 
Where-Object {$PSItem.ProcessName -eq 'Code'} |
Select-Object -Property Id, Name, ProcessName, Description, Product
# Results
<#
Id          : 6228
Name        : Code
ProcessName : Code
Description : Visual Studio Code
Product     : Visual Studio Code
...
#>

Group data and details.

Clear-Host
Get-Process | 
Select-Object -Property Id, Name, ProcessName, Description, Product | 
Group-Object -Property ProcessName
# Results
<#
Count Name                      Group
----- ----                      -----
...
   12 Code                      {@{Id=6228; Name=Code; ProcessName=Code; Description=Visual Studio Code; Product=Visual Studio Code}, @{Id=9308; Name=Code; ProcessName=Code; Descri...
...
#>


Clear-Host
(
    Get-Process | 
    Select-Object -Property Id, Name, ProcessName, Description, Product | 
    Group-Object -Property ProcessName
).Group
# Results
<#
...

Id          : 6228
Name        : Code
ProcessName : Code
Description : Visual Studio Code
Product     : Visual Studio Code

Id          : 9308
Name        : Code
ProcessName : Code
Description : Visual Studio Code
Product     : Visual Studio Code

Id          : 9448
Name        : Code
ProcessName : Code
Description : Visual Studio Code
Product     : Visual Studio Code

...
#>

Update as per my comment about the child-parent resolution approach.

Clear-host
# The environment this code is being executed from 
Get-Process -Name powershell_ise

# Some external command thing
$PingCommand = cmd.exe /c where ping 

'https://stackoverflow.com/', 'www.google.com', 'www.yahoo.com' | 
ForEach-Object {Start-Process -FilePath $PingCommand $PSItem}

# Get parent and child details
Get-CimInstance -Class Win32_Process -Filter "name ='ping.exe'" | 
Select-Object -Property @{
    Name       = 'ParentProcessName'
    Expression = {(Get-Process -Id $($PSItem.ParentProcessId)).Description}
}, ParentProcessId, ProcessName, ProcessId, CommandLine

# Results
<#
Handles  NPM(K)    PM(K)      WS(K)     CPU(s)     Id  SI ProcessName
-------  ------    -----      -----     ------     --  -- -----------
   1008      70   308036     366812     294.80  19824   1 powershell_ise

ParentProcessName : Windows PowerShell ISE
ParentProcessId   : 19824
ProcessName       : PING.EXE
ProcessId         : 18248
CommandLine       : "C:WindowsSystem32PING.EXE" www.google.com 


ParentProcessName : Windows PowerShell ISE
ParentProcessId   : 19824
ProcessName       : PING.EXE
ProcessId         : 5824
CommandLine       : "C:WindowsSystem32PING.EXE" www.yahoo.com 
#>

Or even this way.

($Process = Get-Process powershell_ise)
Start-Process 'cmd' '/C notepad.exe'

Get-CimInstance win32_process -Filter "ParentProcessId = $($Process.id)" | 
Select-Object -Property @{
    Name       = 'ParentProcessName'
    Expression = {(Get-Process -Id $($PSItem.ParentProcessId)).Description}
}, ParentProcessId, ProcessName, ProcessId, CommandLine
# Results
<#
Handles  NPM(K)    PM(K)      WS(K)     CPU(s)     Id  SI ProcessName
-------  ------    -----      -----     ------     --  -- -----------
    975      71   324604     385188     397.77  19824   1 powershell_ise

ParentProcessName : Windows PowerShell ISE
ParentProcessId   : 19824
ProcessName       : conhost.exe
ProcessId         : 4888
CommandLine       : ??C:Windowssystem32conhost.exe 0x4


ParentProcessName : Windows PowerShell ISE
ParentProcessId   : 19824
ProcessName       : cmd.exe
ProcessId         : 17180
CommandLine       : "C:Windowssystem32cmd.exe" /C notepad.exe 
#>

Then of course use the Group-Object cmdlet already shown earlier.

Please signup or login to give your own answer.

Click here to cancel reply.

Visual Studio Code – How to get the processes name with the apps name on windows?

Answers