Biatu Posted September 10, 2016 Share Posted September 10, 2016 Hello, I am trying to capture the output of ProcMon in realtime, but it seems to keep crashing, and I can't figure out why. Can anyone help? My guess is an conflict between ProcMon conflicting with my script's read request possibly producing an access violation. :/ Thank you! Script: expandcollapse popup#RequireAdmin #Include <WinAPIProc.au3> #Include <Array.au3> #include <GuiListView.au3> Global $sExec If @OSArch="X64" Then $sExec="ProcMon64.exe" Else $sExec="ProcMon.exe" EndIf $iPID=Run($sExec&" /acceptEula /Quiet",@ScriptDir,@SW_SHOW) Global $aWnd=_WinAPI_EnumProcessWindows($iPID,False) If Not IsArray($aWnd) Then _Exit() Global $hWnd For $i=1 to $aWnd[0][0] If $aWnd[$i][1]="PROCMON_WINDOW_CLASS" Then $hWnd=$aWnd[$i][0] EndIf Next Global $hListView=ControlGetHandle($hWnd,"","SysListView321") $iCols=_GUICtrlListView_GetColumnCount($hListView) Local $iMax=0 Local $iLast=0 While Sleep(1000) $iMax=_GUICtrlListView_GetItemCount($hListView) If $iMax>0 Then For $i=$iLast to $iMax ConsoleWrite(_GUICtrlListView_GetItem($hListView,0,1)&@CRLF) Next EndIf WEnd _Exit() Func _Exit() ProcessClose($iPID) EndFunc What is what? What is what. Link to comment Share on other sites More sharing options...
LarsJ Posted September 19, 2016 Share Posted September 19, 2016 The problem is that this is a virtual listview. This can be verified by examining the listview style with the AutoIt Window Info tool. You'll see that the LVS_OWNERDATA (0x1000) flag is set which means that it's a virtual listview. In a virtual listview data isn't stored directly in the listview but in an underlying data source which is normally an array, a data structure, a file or a database. Because data isn't stored in the listview many of the _GUICtrlListView_Get/Set functions are not working. You have to manipulate the data source directly. But this requires that you have access to the data source. The selected state of an item is one of the few informations which is stored directly in the listview. This is necessary to be able to draw the dark blue background color for selected items. Code like this should be working (start Process Monitor in advance): #include <GuiListView.au3> $hListView=ControlGetHandle( WinGetHandle( "[CLASS:PROCMON_WINDOW_CLASS]" ), "", "SysListView321" ) For $i = 0 To _GUICtrlListView_GetItemCount( $hListView ) - 1 ConsoleWrite( $i & ": " & _GUICtrlListView_GetItemState( $hListView, $i, $LVIS_SELECTED ) & @CRLF ) Next It should print 2 for a selected item and 0 for a non-selected item. The UI Automation framework has some support for virtual listviews. But only for visible items. To get information for an item you have to scroll it into position so that it's visible. This will be time consuming for many items. Controls, File Explorer, ROT objects, UI Automation, Windows Message MonitorCompiled code: Accessing AutoIt variables, DotNet.au3 UDF, Using C# and VB codeShell menus: The Context menu, The Favorites menu. Shell related: Control Panel, System Image ListsGraphics related: Rubik's Cube, OpenGL without external libraries, Navigating in an image, Non-rectangular selectionsListView controls: Colors and fonts, Multi-line header, Multi-line items, Checkboxes and icons, Incremental searchListView controls: Virtual ListViews, Editing cells, Data display functions Link to comment Share on other sites More sharing options...
Biatu Posted September 19, 2016 Author Share Posted September 19, 2016 Thanks for your feedback LarsJ, I have been successfully able to parse the list on a 32 bit OS using the script I posted. I will take your input for consideration on other project i run into troubles with, thank you. What is what? What is what. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now