kpu Posted September 28, 2005 Share Posted September 28, 2005 I'm trying to come up with a solution to read the output from the tasklist.exe command and build a gui so you can then kill the task on a remote system if so desired. For instance, the text output looks like so: Image Name PID Session Name Session# Mem Usage ========================= ====== ================ ======== ============ System Idle Process 0 Console 0 16 K System 4 Console 0 212 K smss.exe 548 Console 0 464 K csrss.exe 612 Console 0 3,256 K winlogon.exe 636 Console 0 13,100 K Sorry, the formating doesn't stay. How would I capture all "*.exe" text listed and then put it in a Dropdown menu? Any help would greatly be appreciated! http://www.kpunderground.com Link to comment Share on other sites More sharing options...
AutoChris Posted September 28, 2005 Share Posted September 28, 2005 I'm trying to come up with a solution to read the output from the tasklist.exe command and build a gui so you can then kill the task on a remote system if so desired. For instance, the text output looks like so:Image Name PID Session Name Session# Mem Usage ========================= ====== ================ ======== ============ System Idle Process 0 Console 0 16 K System 4 Console 0 212 K smss.exe 548 Console 0 464 K csrss.exe 612 Console 0 3,256 K winlogon.exe 636 Console 0 13,100 KSorry, the formating doesn't stay.How would I capture all "*.exe" text listed and then put it in a Dropdown menu?Any help would greatly be appreciated! Use PsTools from Sysinternals--specifically, pslist.exe which is contained within the PsTools. This will give you the list of taks on a remote machine. You can then output this information to a text file and use some String functions to extract what information you want out of the file. Link to comment Share on other sites More sharing options...
jonk Posted September 28, 2005 Share Posted September 28, 2005 How would I capture all "*.exe" text listed and then put it in a Dropdown menu?Hi,to capture all Strings which match *.exe you could use something like this:$inputline = "winlogon.exe 636 Console 0 13,100 K"$info = StringRegExp ( $inputline, "(.*\.exe)" ,1)GUICtrlSetData ( controlID, info[0])... for errorhandling and further Information read a helpfile (of a Betaversion) Link to comment Share on other sites More sharing options...
Gigglestick Posted September 28, 2005 Share Posted September 28, 2005 (edited) In your Run() statement, pipe tasklist into FindRun('tasklist|find ".exe" ') For a remote system:Run('tasklist /s ' & strRemoteMachine & ' /u username /p password|find ".exe"') Edited September 28, 2005 by c0deWorm My UDFs: ExitCodes Link to comment Share on other sites More sharing options...
Valik Posted September 28, 2005 Share Posted September 28, 2005 It's possible for a process to have an extension other than ".exe". Link to comment Share on other sites More sharing options...
kpu Posted September 28, 2005 Author Share Posted September 28, 2005 Use PsTools from Sysinternals--specifically, pslist.exe which is contained within the PsTools. This will give you the list of taks on a remote machine. You can then output this information to a text file and use some String functions to extract what information you want out of the file.I've already scripted somthing very similar. Pstools works great, but XP has it's own built in tools "tasklist.exe" and "taskkill.exe". Second, my company has those tools listed as no-no's in McAffe so I can't use them on our network. Hi,to capture all Strings which match *.exe you could use something like this:$inputline = "winlogon.exe 636 Console 0 13,100 K"$info = StringRegExp ( $inputline, "(.*\.exe)" ,1)GUICtrlSetData ( controlID, info[0])... for errorhandling and further Information read a helpfile (of a Betaversion)Thanks, I'll look into this.In your Run() statement, pipe tasklist into FindWhen you use the "find" command, it will list the text from the entire line.Thanks for all the input so far! http://www.kpunderground.com Link to comment Share on other sites More sharing options...
jefhal Posted October 8, 2005 Share Posted October 8, 2005 (edited) From the FM: ; List just *.exe processes $list = ProcessList("*.exe") for $i = 1 to $list[0][0] msgbox(0, $list[$i][0], $list[$i][1]) next Edited October 8, 2005 by jefhal ...by the way, it's pronounced: "JIF"... Bob Berry --- inventor of the GIF format Link to comment Share on other sites More sharing options...
GaryFrost Posted October 8, 2005 Share Posted October 8, 2005 with beta, set the $strComputer variable to the machine name, you'll get the process list from the remote machine if it is NT/2000/XP/2003 OSCODE#include <GUIConstants.au3>#include <GuiListView.au3>$MAIN_WINDOW = GUICreate("Process Info", 500, 500)$lv_pid = GUICtrlCreateListView("PID|Name|Path", 5, 10, 490, 440, $LVS_SHOWSELALWAYS)GUICtrlSendMsg($lv_pid, $LVM_SETEXTENDEDLISTVIEWSTYLE, $LVS_EX_FULLROWSELECT, $LVS_EX_FULLROWSELECT)_GUICtrlListViewSetColumnWidth ($lv_pid, 0, 50)_GUICtrlListViewSetColumnWidth ($lv_pid, 1, 10)_GUICtrlListViewSetColumnWidth ($lv_pid, 2, 320)If @OSTYPE = "WIN32_NT" Then $wbemFlagReturnImmediately = 0x10 $wbemFlagForwardOnly = 0x20 $colItems = "" $strComputer = @ComputerName $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2") $colItems = $objWMIService.ExecQuery ("SELECT * FROM Win32_Process", "WQL", _ $wbemFlagReturnImmediately + $wbemFlagForwardOnly) If IsObj($colItems) Then For $objItem In $colItems If $objItem.ExecutablePath Then GUICtrlCreateListViewItem(Int($objItem.ProcessId) & "|" & $objItem.Caption & "|" & $objItem.ExecutablePath, $lv_pid) Else GUICtrlCreateListViewItem(Int($objItem.ProcessId) & "|" & $objItem.Caption & "| ", $lv_pid) EndIf Next EndIfElse $a_pids = ProcessList() $pid_path = "" For $n = 1 To $a_pids[0][0] $pid_path = GetProcessName95($a_pids[$n][1]) If $pid_path <> 1 Then GUICtrlCreateListViewItem($a_pids[$n][1] & "|" & $a_pids[$n][0] & "|" & $pid_path, $lv_pid) Else GUICtrlCreateListViewItem($a_pids[$n][1] & "|" & $a_pids[$n][0] & "| ", $lv_pid) EndIf NextEndIfGUISetState(@SW_SHOW)Dim $B_DESCENDING[_GUICtrlListViewGetSubItemsCount ($lv_pid) ]_GUICtrlListViewSort ($lv_pid, $B_DESCENDING, 0)While 1 $msg = GUIGetMsg() Select Case $msg = $GUI_EVENT_CLOSE ExitLoop Case $msg = $lv_pid ; sort the list by the column header clicked on _GUICtrlListViewSort ($lv_pid, $B_DESCENDING, GUICtrlGetState($lv_pid)) EndSelectWEndFunc GetProcessName95(ByRef $PID) Const $TH32CS_SNAPPROCESS = 0x00000002 Const $INVALID_HANDLE_VALUE = -1 Local $ToolHandle, $Process, $nRet $ToolHandle = DllCall("kernel32.dll", "hwnd", "CreateToolhelp32Snapshot", "int", $TH32CS_SNAPPROCESS, "int", 0) If $ToolHandle[0] = $INVALID_HANDLE_VALUE Then Return ("" & SetError(1)) $Process = DllStructCreate("int;int;int;uint;int;int;int;int;int;char[260]") DllStructSetData($Process, 1, DllStructGetSize($Process)) $nRet = DllCall("kernel32.dll", "int", "Process32First", "hwnd", $ToolHandle[0], "ptr", DllStructGetPtr($Process)) If $nRet[0] Then Do If DllStructGetData($Process, 3) = $PID Then $nRet = DllStructGetData($Process, 10) DllStructDelete($Process) Return $nRet EndIf $nRet = DllCall("kernel32.dll", "int", "Process32Next", "hwnd", $ToolHandle[0], "ptr", DllStructGetPtr($Process)) Until Not $nRet[0] EndIf DllStructDelete($Process) DllCall("kernel32.dll", "int", $ToolHandle[0]) SetError(1) ReturnEndFunc ;==>GetProcessName95 SciTE for AutoItDirections for Submitting Standard UDFs  Don't argue with an idiot; people watching may not be able to tell the difference.  Link to comment Share on other sites More sharing options...
w0uter Posted October 8, 2005 Share Posted October 8, 2005 It's possible for a process to have an extension other than ".exe".ive never seen an other extention then .execould you give us an example ? My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll Link to comment Share on other sites More sharing options...
Valik Posted October 8, 2005 Share Posted October 8, 2005 ive never seen an other extention then .exe could you give us an example ?Most commonly, a screen saver has the extension .scr and its occasionally possible to see it running if your PC is extremely busy and the process is still running but isn't obscuring the display. Alternatively, you could also log all running processes to a file while the screen saver is running and you will see it. Its also possible to make an executable file "run itself".Take the below AutoIt script: MsgBox(4096, "", "Test")Compile the script.Rename the compiled script to "Test.extension".Right-click -> Open With -> Choose Program on the "Test.extension".In the Open With dialog, select Browse.Select "Test.extension" as the program to use to run the file. This may require directory navigation.While the message box "Test" is displayed (signifying that what we did just worked), look at Task Manager and you will see "Test.extension" listed.A practical application that will have a process running without the .exe extension is Kazaa Lite K++. It has a process running called "KazaaLite.kpp". So, contrary to popular misconception, the file extension .exe is not significant to Windows to determine executable files. What is important is how the registry entry is set up for a .exe file when the shell encounters it. The magic of double clicking an executable file comes from the registry (Just like every other file type registered) and not from the format of the file. The file extension is irrelevant; all that matters is if the file is a valid Windows binary. If it is, then it can be run regardless of its extension. It just may not be as "convenient" as double clicking it (Though it is possible to set that up as well). Link to comment Share on other sites More sharing options...
w0uter Posted October 8, 2005 Share Posted October 8, 2005 damn, thats so cool. My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now