Search the Community

Tsk is a CLI task lister that includes PIDs, process names, hWnds and window titles. The listing can be limited by supplying a substring of the process name or window title. Here is the usage: TSK.exe: TaSK Lister|Switcher [CLD rev.2021-03-27] Usage ----- TSK [sub$tring] List running tasks: all tasks [tasks with process_names|window_titles matching sub$tring] TSK /SW window_title(sub$tring)|PID|hWnd Switch focus to window with matching window_title(sub$tring)|PID|hWnd TSK /?|/H Show this Help And here's the code (compiled executable is HERE): #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Outfile_type=exe #AutoIt3Wrapper_Outfile=tsk.exe #AutoIt3Wrapper_UseUpx=y #AutoIt3Wrapper_Change2CUI=y #AutoIt3Wrapper_Run_Au3Stripper=y #AutoIt3Wrapper_AU3Check_Parameters=-w 3 -w 4 -w 5 -w 6 -d #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** ; ; CLD rev.2021-03-27 AutoItSetOption("WinTitleMatchMode", -2) Global $sSub = "", $sOut = "", $iC = 0, $aW, $bSwW = 0 Global $aWinList = WinList() If $CmdLine[0] > 0 Then If StringInStr($CmdLineRaw, "/?") Or StringInStr($CmdLineRaw, "/H") Then Exit _ShowHelp() ElseIf StringInStr($CmdLineRaw, "/sw") Then $bSwW = 1 Else $sSub = $CmdLine[1] EndIf EndIf If $CmdLine[0] > 1 Then For $i = 1 To 2 If $CmdLine[$i] = "/sw" Then ContinueLoop Else $sSub = $CmdLine[$i] EndIf Next EndIf If $bSwW = 1 Then If StringInStr($sSub, "0x") = 1 Then WinActivate(HWnd($sSub)) ElseIf StringIsDigit($sSub) Then WinActivate(_GetHwndFromPID($sSub)) Else $aW = WinList($sSub) If $aW[0][0] > 1 Then WinActivate($aW[2][1]) Else ConsoleWrite("No matching window title for """ & $sSub & """" & @CRLF) EndIf EndIf Exit EndIf Global $aP = ProcessList() Global $aW[1 + $aP[0][0]][1 + $aP[0][0]] For $j = 1 To $aP[0][0] If String($aP[$j][1]) <> "" Then $aW[$j][0] = _GetHwndFromPID($aP[$j][1]) $aW[$j][1] = WinGetTitle($aW[$j][0]) Else $aW[$j][0] = "" $aW[$j][1] = "" EndIf Next Global $iX = 10 For $k = 1 To $aP[0][0] If $sSub Then If StringInStr($aP[$k][0], $sSub) = 0 Then If $aP[$k][1] Then If StringInStr($aW[$k][1], $sSub) = 0 Then ContinueLoop Else ContinueLoop EndIf EndIf EndIf If StringLen($aP[$k][0]) >= $iX Then $iX = 2 + StringLen($aP[$k][0]) Next Global $sHdr = StringFormat("%7s", "PID") & " " & StringFormat("%-" & $iX & "s", "Process") & StringFormat("%-12s", "hWnd") & "Window Title" & @CRLF For $i = 1 To $aP[0][0] If $sSub Then If StringInStr($aP[$i][0], $sSub) = 0 Then If $aW[$i][0] Then If StringInStr($aW[$i][1], $sSub) = 0 Then ContinueLoop Else ContinueLoop EndIf EndIf EndIf $iC += 1 $sOut &= StringFormat("%7s", $aP[$i][1]) & " " & StringFormat("%-" & $iX & "s", $aP[$i][0]) & StringFormat("%-12s", $aW[$i][0]) & $aW[$i][1] & @CRLF Next If $iC > 0 Then If $CmdLine[0] = 0 Then $sOut &= @CRLF & "Command " & StringUpper(StringTrimRight(@ScriptName, 4)) & StringLower(StringRight(@ScriptName, 4)) & " /? for usage" & @CRLF ConsoleWrite($sHdr & $sOut) Else ConsoleWrite("No matches" & @CRLF) EndIf Exit Func _GetHwndFromPID($PID) Local $hWnd = 0 Local $stPID = DllStructCreate("int") For $i = 1 To $aWinList[0][0] If $aWinList[$i][0] <> "" Then DllCall("user32.dll", "int", "GetWindowThreadProcessId", "hwnd", $aWinList[$i][1], "ptr", DllStructGetPtr($stPID)) If DllStructGetData($stPID, 1) = $PID Then Return $aWinList[$i][1] EndIf Next Return $hWnd EndFunc ;==>_GetHwndFromPID Func _ShowHelp() Local $sTxt = StringUpper(StringTrimRight(@ScriptName, 4)) & StringLower(StringRight(@ScriptName, 4)) & ": TaSK Lister|Switcher [CLD rev.2021-03-27]" & @CRLF & @CRLF & "Usage" & @CRLF & "-----" & @CRLF & StringUpper(StringTrimRight(@ScriptName, 4)) & " [sub$tring]" & @CRLF & " List running tasks: all tasks [tasks with process_names|window_titles matching sub$tring]" & @CRLF & StringUpper(StringTrimRight(@ScriptName, 4)) & " /SW window_title(sub$tring)|PID|hWnd" & @CRLF & " Switch focus to window with matching window_title(sub$tring)|PID|hWnd" & @CRLF & StringUpper(StringTrimRight(@ScriptName, 4)) & " /?|/H" & @CRLF & " Show this Help" ConsoleWrite($sTxt & @CRLF) EndFunc ;==>_ShowHelp

I have a script that runs another application (vDos.exe), and the same script can be run multiple times to open other instances of the same vDos.exe application. When I open a new instance of vDos.exe, I want to make sure that its window does not open directly over a previous instance, so I want to get the window positions of previous instances. Has someone written a method of finding the PIDs of all instances of the same executable, so that I can get the window positions of each of them? I've found various application counters in the forum, but they seem to be designed to find multiple instances of the script, not of another application. Many thanks for any pointers.

I hoping some of you young people can help an old man get off the nickel... I have a small project I'd like to complete before I retire. My problem is that on a terminal server environment I need to be able to detect the PID of a process by 'process name' AND 'process owner' so I can kill that specific process and not affect others who may be running the same process in another session. I can seem to do one or the other but not both. Can anyone please point me in the right direction? Thanks very much in advance. -Glen

I'm trying to kill a malware process, that I can't remove with my www.sophus.com/hom antivirus. The malware is known as coinminer,config and my Sophus only creates popups of blocking the malware. I know that the malware is constantly launching a svchost *32.exe processes, where the svchost.exe processes are from my Windows 7 operating system. I have with no luck tried to do this: Global $_bStatus = False While $_bStatus = False Global $_iPid Global $_sActiveTitleNew = "svchost *32.exe" $_iPid = WinGetProcess($_sActiveTitleNew) If $_iPid <> -1 Then $_bStatus = ProcessClose($_iPid) Wend EXIT But the $_iPid doesn't ever show anything else than -1, even if I can see the svchost *32.exe process in my TaskManager YES - I know I shouldn't EXIT after killing the first malware detection, but it is easier to explain the above for you, so I can get a solution.

Hello all, I've written the code below which launches chrome in incognito mode and then proceeds to go to the autoit website. From my understanding, the Run() command is also supposed to output the PID number related to the application that got launched from the Run command. However when I run the below lines, it outputs a PID number that is different from the newly launched chrome browser's PID number, does anyone know why and possibly explain how I could retrieve the accurate PID number associated with the newly launched browser? Global $iPid = Run(@ComSpec & ' /c start chrome.exe https://www.autoitscript.com/forum/ -incognito' ,"", "") msgbox(0,"",$iPid) Thank you, Brian

Is it posible to get Internet traffic from a PID, like download and upload speeds. I did some research but nothing useful. ty

I know it was discussed before, but the Wiki supposedly has an official solution to "How can I get a window handle when all I have is a PID?". Alas, it doesn't seem to work for anything more complicated than Notepad. It completely fails, for example, with IE & Firefox (even with "-new-window URL"). In addition, if you try to run multiple instances of the same program, than it fails with programs such as Chrome (i.e. it only works on the first instance). I've tried the various alternative unofficial forum versions as well, to no avail. The reason why it's so important is, for example, launching a browser with multiple resolutions. Thanks!

Func Button2Click() ;==> SonoLvl2 ******************************************************* SoundPlay(@ScriptDir & "\schoolbell.wav", 1) Local $Test2 = IniRead(@ScriptDir & "\runer.ini", "Levels", "LComplete1", "Default Value") If $Test2 = 1 Then ; $updatepid = RunWait(@ScriptDir & "\SonoLvl2\SonoLvl2_.exe", "", @SW_SHOWDEFAULT) Else MsgBox(4096, "", "You did not complete Lesson1") EndIf ;MsgBox($MB_SYSTEMMODAL, "Bug Report Environment", _DebugBugReportEnv()) IniWrite(@ScriptDir & "\runer.ini", "Levels", "LComplete2", "2") EndFunc ;==>Button2Click I have tried PID checks and updatepid per the help file and they just didn't work out. and usually caused errors. Then (not included I tried making a separate function to write to a INI file. that was a lesson in frustration and defeat. It worked.. just the same as the code in the function now. as soon as you click the button and the runwait line starts the ini gets updated. The file can only be written to after runwait is running is closed. Also tried the ProcessWait, ProcessWaitClose, ShellExecute, ShellExecuteWait Then in desperation I tried a Debug i read about Func Button2Click() ;==> SonoLvl2 ******************************************************* $__iLineNumber=162 & ' - SoundPlay(@ScriptDir & "\schoolbell.wav", 1)•' SoundPlay(@ScriptDir & "\schoolbell.wav", 1) $__iLineNumber=163 & ' - Local $Test2 = IniRead(@ScriptDir & "\runer.ini", "Levels", ...•' Local $Test2 = IniRead(@ScriptDir & "\runer.ini", "Levels", "LComplete1", "Default Value") $__iLineNumber=164 & ' - If $Test2 = 1 Then•' If $Test2 = 1 Then $__iLineNumber=165 & ' - $updatepid = RunWait(@ScriptDir & "\SonoLvl2\SonoLvl2_.exe", ...•' $updatepid = RunWait(@ScriptDir & "\SonoLvl2\SonoLvl2_.exe", "", @SW_SHOWDEFAULT) Else $__iLineNumber=167 & ' - MsgBox(4096, "", "You did not complete Lesson1")•' MsgBox(4096, "", "You did not complete Lesson1") EndIf ;MsgBox($MB_SYSTEMMODAL, "Bug Report Environment", _DebugBugReportEnv()) $__iLineNumber=173 & ' - IniWrite(@ScriptDir & "\runer.ini", "Levels", "LComplete2", ...•' IniWrite(@ScriptDir & "\runer.ini", "Levels", "LComplete2", "2") EndFunc ;==>Button2Click unfortunately I was not smart enough to get it to work for me. What I wanted was a Debugger that explains what each line does and why. Then I figured out that isn't happening.

Task : If Java.exe opens and it's parent process is a browser, get the URL of the web page it has open (hopefully the URL that started java). I would love a way to do it remotely, but can live with having to run a monitor on the local machine. What I have now is a function that uses WMI to query win32_process and get the processes and parent process id, searches that for Java and puts that info into a report. I want to include the URL of the webpage that launched java. What I have so far is below, but it doesn't let me tie the Process ID to the window I get the URL from. It also will not get Firefox windows. The Shell method only gets Shell windows. I have nine windows open, but it only picks up two - internet explorer and file system explorer - missing both Firefox windows and all their tabs. So, the question is - how to get a browser object when I start with only a Process ID and get the URL from that object? On a remote computer? $oShell = ObjCreate("shell.application") ; Get the windows shell object $oShellWindows = $oshell.windows ; Get open windows If IsObj($oShellWindows) Then $string = "" For $Window in $oShellWindows ; count all windows $Wpid = ObjName($Window,3) $string = $string & $Window.LocationName & " ; " & $Window.FullName & " ; " & $Wpid & @CRLF If StringInStr($Window.FullName, "iexplore") Then MsgBox(0,"Internet Explorer", "You browsing the URL " & $Window.Document.Location.href) EndIf Next MsgBox(0,"Shell Windows", "You have the following " & $oShellWindows.Count & " windows open:" & @CRLF & $string); EndIf Fantasy code I would like to work: $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & $strPCName & "\root\cimv2") If IsObj($objWMIService) Then $colProcesses = $objWMIService.ExecQuery( _ "select * from win32_process") For $objProcess In $colProcesses If $objProcess.ProcessId = $javaparentPID Then $Name = $objProcess.LocationName $URL = $objProcess.Document.Location.href Endif Code that gets the process IDs : Func _ProcessInfo($strPCName) Dim $i = 0 Dim $User, $Domain, $objWMIService, $colProcesses, $procnum Dim $Aprocesses[1][9] Dim $pi, $ppi, $parent, $parentfound $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & $strPCName & "\root\cimv2") ; Gather process information into an array If IsObj($objWMIService) Then $colProcesses = $objWMIService.ExecQuery( _ "select * from win32_process") For $objProcess In $colProcesses $i = $i + 1 ReDim $Aprocesses[$i + 1][9] $Aprocesses[$i][1] = $objProcess.ProcessId $Aprocesses[$i][2] = $objProcess.Caption $Aprocesses[$i][3] = $objProcess.HandleCount $Aprocesses[$i][4] = $objProcess.ExecutablePath $Aprocesses[$i][5] = $objProcess.ParentProcessId $Aprocesses[$i][6] = $objProcess.CreationDate If $objProcess.GetOwner($User, $Domain) = 0 Then $Aprocesses[$i][7] = $Domain & _ "\" & $User Else $Aprocesses[$i][7] = "" EndIf Next $Aprocesses[0][0] = $i $procnum = $i ;_ArrayDisplay($Aprocesses) ; Process the information about the Processes - LOL! $parentfound = 0 For $pi = 1 To $procnum ; only looking for Java, so : If StringInStr($Aprocesses[$pi][2], "java") Then $parent = $Aprocesses[$pi][5] For $ppi = 1 To $procnum If $Aprocesses[$ppi][1] = $parent Then $parentfound = 1 ExitLoop EndIf Next If $parentfound = 1 Then ; It has a parent process still running! $line = $strPCName & "," & $Aprocesses[$pi][1] & "," & $Aprocesses[$pi][2] & "," & $Aprocesses[$pi][3] & "," & _ $Aprocesses[$pi][4] & "," & $Aprocesses[$pi][5] & "," & $Aprocesses[$pi][6] & "," & _ $Aprocesses[$ppi][6] & "," & $Aprocesses[$ppi][2] & "," & $Aprocesses[$ppi][4] & "," & _ $Aprocesses[$ppi][7] FileWriteLine($LogFile, $line) Else ; parent process left. No, little java, its not your fault... :) $line = $strPCName & "," & $Aprocesses[$pi][1] & "," & $Aprocesses[$pi][2] & "," & $Aprocesses[$pi][3] & "," & $Aprocesses[$pi][4] & "," & _ $Aprocesses[$pi][5] & "," & $Aprocesses[$pi][6] & ",Parent already closed or not found" & ",Owner = ," & $Aprocesses[$pi][7] FileWriteLine($LogFile, $line) EndIf EndIf $parentfound = 0 $ppi = 0 Next Else FileWriteLine($LogFile, $strPCName & ",Unable to query WMI on endpoint") EndIf EndFunc ;==>_ProcessInfo