Jump to content
Sign in to follow this  
taylansan

Finding process name or pid shown in windows

Recommended Posts

Hello All, 

If you're interested in the story, read below. Otherwise, just jump to the end of the post. 

Story: 

Sometimes my computer goes crazy with Windows update. I tried to turn it off with "services.msc", but couldn't close the it. So, I did some research online that it's triggered by Update Orchestration and Task Scheduler and Windows Update. I also checked that all three processes are triggered by svchost.exe.

2042019124_ProcessList.thumb.png.b28273c537295a4af117a03a13fe28f7.png

So, I tried to make a script to close this process. I found some useful functions ProcessList and _ProcessGetName using the help documents and coded something as below: 

#include <MsgBoxConstants.au3>
#include <Process.au3>

Local $aProcessList = ProcessList()
For $i = 1 To $aProcessList[0][0]
    $iPid = $aProcessList[$i][1]
    $sName = _ProcessGetName($iPid)
    MsgBox($MB_SYSTEMMODAL, "The process", "PID: " & $iPid & @CRLF & "NAME: " & $sName)
    If $sName = "svchost.exe" Then
        ;ProcessClose($iPid) ;I don't know if this is the process I want to close
    EndIf
Next

But the problem is; there are so many svchost.exe exists in the process list. I can't close all of them, some of them are essential to run Windows (well, accidentally I terminated some of them and ended up with a blue screen :( 

---------------

Well, how can I know the process name like "Service Host: Update Orchestration" (not the scvhost)?

It's not only with the .exe file, just to the name shown in Windows. 


TY.

Share this post


Link to post
Share on other sites

Use WMI approach with Win32_Service.  There is a method to stop or even delete the service.  Search the AutoIt site, there is multiple examples of using WMI programmatically.

 

Share this post


Link to post
Share on other sites

I modified as below: 

#include <WinAPIProc.au3>
$iPid = 9584
$sName = _WinAPI_GetProcessName($iPid)
ConsoleWrite($sName & @CRLF)

;But this returns me only --> svchost.exe

I also used "sc query" in cmd to find the list of processes. 

How can I obtain PID from Service Name or Display Name? 

Or How can I obtain Service Name or Display Name from PID? 

image.png.ae1ac65d0257edcf55806758e639a0ec.png


TY.

Share this post


Link to post
Share on other sites

I did not test it, but running WMI on caption of "Windows Update" service, got the following description :

Quote

Active la détection, le téléchargement et l’installation des mises à jour de Windows et d’autres programmes. Si ce service est désactivé, les utilisateurs de cet ordinateur ne pourront pas utiliser Windows Update ou sa fonctionnalité de mise à jour automatique, et les programmes ne pourront pas utiliser l’API de l’Agent de mise à jour automatique Windows Update (WUA).

Seems to me that it is possible to deactivate that service.

Share this post


Link to post
Share on other sites

Only on Enterprise version of windows. You try till your hearts content to disable that service and let me know how that works out for you

Edited by Earthshine

My resources are limited. You must ask the right questions

 

Share this post


Link to post
Share on other sites

Share this post


Link to post
Share on other sites

Because so many disable it in Win7 (which is a horrible idea) is why MS decided enough is enough. EVERYONE must receive regular updates to stay as secure as possible

Windows Enterprise and Windows server always allow you to manually turn off and completely disable auto updating. Windows 10 education might also let you? Not sure. But we don't own the software, it's provided as a SERVICE by MS to us thru licensing. We must live with their final decisions in the end and adapt.

I do not condone the practice, even with Win7 of disabling the updates. It's a horrible idea considering all the dangers you face online out there. Even Linux distros are always updated and now have auto update available (though I think they should enforce it as well)

 

Windows 10 installs so fast off a USB anyway, even on my Craptop computer (A6 powered AMD, lol) it takes only about 8 minutes to install! So if an update hoses you (you should always have your data backed up) you can format and reinstall in under 10 minutes. All my data is in MS cloud so i never lose anything. I just had to install latest windows after Malwarebytes screwed me (my A6 just can't handle that program, too cpu intensive and this a 200 notebook, lol)

Edited by Earthshine

My resources are limited. You must ask the right questions

 

Share this post


Link to post
Share on other sites

to the Original Poster (OP) of this thread

1. how old is the install of windows?

2. can you post a screenshot of your installed programs?

 

if all else fails to get your PC under control try the following:

  1. You should back up your data to a HDD and cloud, then create an Win10 boot USB from 
  2. MS Windows 10 Creation tool
  3. create a bootable USB or DVD and boot to it
  4. Choose Custom Install and delete all your partitions on the main drive
  5. install fresh and clean and then be careful not to install junkware or other things that can slow you down.
  6.  let it update normally
  7. don't tweak anything, Win10 knows all the proper drivers and everything you need (win10 knows the proper drivers for just about everything out there)
  8. you MAY have to install graphics drivers from your video card manufacturer depending on what card you have

BTW, i just installed latest Win10 yesterday and now my anemic notebook is a little screamer again. malwarebytes somehow corrupted my profile, lol

my last install lasted for years now, but i had to go install malwarebytes (only to find nothing, lol) and ruin my profile.

 

Edited by Earthshine

My resources are limited. You must ask the right questions

 

Share this post


Link to post
Share on other sites

Hi, this is the computer information: 

image.png.e469c5b0aa34d7f475ae521ee92c6be9.png

About the installed programs, there are many, can't screenshot all of them one by one. Also cannot make a fresh Windows install. 

------------------------

I think computer specs is not the problem here. If I run "sc query" as I wrote in the above post, I can get SERVICE_NAME and DISPLAY_NAME values. Using these, how can I know the PID for each of them? Look at my below (just copied from help files and modified a little bit).

#include <MsgBoxConstants.au3>
#include <Process.au3>

Local $aProcessList = ProcessList()
For $i = 1 To $aProcessList[0][0]
    $iPid = $aProcessList[$i][1]
    $sName = _ProcessGetName($iPid)
    MsgBox($MB_SYSTEMMODAL, "The process", "PID: " & $iPid & @CRLF & "NAME: " & $sName)
    If $sName = "svchost.exe" Then
        ;ProcessClose($iPid)
        ;I don't know if this is the process I want to close
        ;Because there are so many scvhost running
        ;How can I be sure that this PID for scvhost is related to Update Orchestration?
    EndIf
Next

Using this script, I can get the list of scvhosts. But there are so many running in the system, I can't terminate all of them. I just want to terminate specific one (that is update orchestration). 

Again: Please don't focus on the windows update case. The question is: I have list of services and display names. How can I know the PID for these? It's just like; okay there is an application running (which I can see in the task manager) then right click on it and "Go to details", then I can find the PID. How can I find the PID from service name (or finding service name from PID)? @Nine asked me to check some WMI, but I couldn't manage to get PID and service / display name mapping... 

 

image.png.ea24d5006a3c1bc4ba16530a136f3af5.png

 


TY.

Share this post


Link to post
Share on other sites

Here your Christmas gift early ;)

#include <Constants.au3>
#include <Array.au3>

Opt("MustDeclareVars", 1)

_CheckService()

Func _CheckService()
  Local $objWMIService = ObjGet("winmgmts:\\" & @ComputerName & "\root\CIMV2")
  Local $colItems = $objWMIService.ExecQuery('SELECT * FROM Win32_Service WHERE State = "Running"')
  If Not IsObj($colItems) Then Exit MsgBox(0, "", "Not an object")
  If Not $colItems.count Then Exit MsgBox(0, "", "Service not found")
  Local $aService[$colItems.count][4], $i = 0
  For $sItem In $colItems
    $aService[$i][0] = $sItem.Caption
    $aService[$i][1] = $sItem.PathName
    $aService[$i][2] = $sItem.ProcessId
    $aService[$i][3] = $sItem.Name
    $i += 1
  Next
  _ArrayDisplay ($aService)
EndFunc   ;==>_CheckService

HoHoHo !

Edited by Nine

Share this post


Link to post
Share on other sites

@Earthshine  Finally was able to stop Windows update service programmatically with WMI.  I needed to use #RequireAdmin. :brr:

 

Edited by Nine

Share this post


Link to post
Share on other sites
1 hour ago, Nine said:

@Earthshine  Finally was able to stop Windows update service programmatically with WMI.  I needed to use #RequireAdmin:brr:

 

That's awesome, really appreciate that and thank you. :)

Would you also post your other code using #RequireAdmin? Just for learning things


TY.

Share this post


Link to post
Share on other sites

I could but you already got your early gift.  How about you try to use my example, and provide some code from yourself. Maybe Santa will help you after ?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By IndianSage
      Hi,
      I have a specific situation:
      Is it possible to run autoit script/.exe as a task which in turn is automating a desktop user interactive application on windows 10 where user will not be logged in - at best I can get user locked? 
      If so how will this work or is there any tool available to do this?
      I am trying z-cron task scheduler but it runs only some part also I tried windows 10 task schedule with option to allow task to run which is user interactive type but that too does not work.
      Looking forward to hear from you to help me out of this situation.
      Thanks,
       
    • By therks
      So I have no example code currently because I'm not sure where to even start.
      We're using the parental controls on the computer and the kids each have their own user profiles with limited time. The problem we're encountering is when their time runs out, or if they just hit Win+L and leave the computer, their games are still running in the background. I was hoping to write up a quick AutoIt script and throw it in a recurring scheduled task to just sign off any of the kid's profiles that's not currently active. I found some suggestions to use "query session" and then "logoff [user]" in the command line (which it seems I could easily automate with AutoIt) but that's only available on Win Pro and this system is running Home (and I even tried copying the query.exe from a Pro system but it errors out). Is there some AutoIt equivalent to the query and logoff functions or am I stuck?
      Edit: I'm adding some clarification to exactly what I'm hoping to get out of this script.
      I'd like to setup a scheduled task that runs outside of the current user (perhaps under the SYSTEM account?) in case NO user is currently active, that will detect which users are currently signed in. If users from a predefined list are not currently active, sign them off entirely.
      So let me give two examples:
      Example #1:
      - I am logged in, but not active (I left my browser open and locked the computer) - Nephew A is logged in, but not active (his time ran out while his game was running and the computer auto-locked) - Nephew B is logged in, and currently playing a game When script runs, ignore my profile (leave it signed in), log out Nephew A (closing his game), and ignore Nephew B because he's actively using the computer. Example #2:
      - I am logged in - Nephew A is logged in - Nephew B is logged in - No users are currently active (Windows is sitting on the choose user / sign in screen) When script runs, ignore my profile, log out Nephew A and Nephew B.  
      I would perceive pseudo code, going as such:
      $aChildUsers = [ 'NephewA', 'NephewB' ] $aUserList = GetSignedInUsers() For $i = 0 to UBound($aUserList)-1 If Not UserIsActive($aUserList[$i]) Then For $j = 0 to UBound($aChildUsers)-1 If $aUserList[$i] = $aChildUsers[$j] Then LogOffUser($aUserList[$i]) Next EndIf Next Obviously, GetSignedInUsers(), UserIsActive(), LogOffUser() are not real functions. What I'm searching for is something of their equivalent.
      Thanks for your time!
    • By WilliamasKumeliukas
      Hi,
      I started this project alone in May 2020 as project in my spare time at work, I'm working for a IT company that started opening their services to residential customers few months ago and now my position in the company kinda drifted in the doom and gloom world of repetitive tasks like: Reinstallation of Windows 10.
      The procedure is very repetitive and I started feeling like being a robot which is the main reason I started this project.
       
      ==============================FAQ==================================
      1. Q: Do you want this project to be accomplished with the usage of AutoIT ONLY or 3rd party tools / Scripts (BATCH / POWERSHELL / VB) ? A: No, if I cannot find a way using AutoIT to accomplish a task I will move to my Plan B which consist of automating an 3rd party tool to accomplish the affected task until a solution is found. 2. Q: What do I get from helping/collaborating in this project? A: I will personally take the responsability to mention you in the credits of this project. 3. Q: If I have more questions, can I ask? A: Certainly! feel free to ask any questions related to this project! 4. Q: What is the main goal of this project? A: Automating Windows 10 configuration without user interaction needed (as much as possible) ______________________________________________________________________________________________________________________________
      Current progression of the project (more will be added in future)
      « Blue = Info || Yellow = Unfinished/Untested || Purple = Could be better || Green = Done ||Red = Not Yet Started »
      ***Very early Stage ***
      Connect Network Attached Storage(NAS) (Tested & Working - AutoIT only)
      Download & Install up to 567 softwares with Auto prediction of text typed  (Tested & Working - using 3rd party tool)
      Change OEM Information (Tested & Working -  AutoIT)
      Disable ScreenSaver (Require testing AutoIT only)
      Change Computer Name (Require testing AutoIT only) 
      Show Computer Information and Smart status on GUI (Tested & Working - AutoIT Only)
      Change .pdf / .pdfxml from Edge to Adobe Reader DC (Tested &Working - using 3rd party tool)
      Change Edge to Google Chrome as Default Browser (Tested & Working - using 3rd party tool)
      Windows Updates (Working - AutoIT only)
      Install Office 365
      Activate Office 365
      Pin to taskbar Excel, Outlook, Word, Chrome (Tested & Working - using 3rd party tool)
             GUI currently featuring the following options :
      - Checkboxes for desired tasks
      Inputs for : SupportUrl, Manufacturer, Model, SupportPhone, SupportHour, OEM Logo path
      -  Redirect ConsoleWrite with timestamped messages in richedit (errors shown separately in red colored text)
                 *** To Do ***
       - Read informations needed for tasks like: OEM, ComputerName, NAS user/password etc... from a file
       - ListView for Windows Updates
       - Probably more
       
      ***  If this project interest you, Reply here This will greatly help me to see if you'd like this project to become real  ***
      ______________________________________________________________________________________________________________________________
      2020.09.21 Update: Since this topic reached over 200+ views without a single interest shown by community, pm me if you're willing to be part of the project and i'll share with you the GitHub project link  
      Best Regards,
      ~WilliamasKumeliukas
    • By paw
      I use SetSoundDevice to control my audio devices but the UI was either
       
      blurry like this:
      or unusable like this:

      so I made this horrible thing to add scaling to the GUI:
      #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Change2CUI=y #AutoIt3Wrapper_Res_HiDpi=y #AutoIt3Wrapper_AU3Check_Parameters=-w 3 -w 4 -w 5 #AutoIt3Wrapper_Run_Au3Stripper=y #Au3Stripper_Parameters=/sf /sv /rm #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #include <File.au3> ;~ _convertGUI("") If $CmdLine[0] <> 0 Then _convertGUI($CmdLine[1]) Func _convertGUI($sFilePath) If $sFilePath <> "" Then Local $aArray = FileReadToArray($sFilePath) Else ;TEST DATA Local $aArray[6] = ['$H_Res_Language = GUICtrlCreateProgress(5, 120, 210 + 25, 480, 20, BitOR($GUI_SS_DEFAULT_COMBO, $CBS_SIMPLE)) ; $CBS_DROPDOWNLIST)', _ 'Local $h_Ok = GUICtrlCreateButton("Ok", 72, 224, 81, 33, 0)', _ 'GUICreate($Warning_TiTle, 700, 310, -1, -1, $WS_SIZEBOX + $WS_SYSMENU + $WS_MINIMIZEBOX)', _ 'GUICtrlCreateLabel("Output type: ", 30, 130, 65, 20) ;, $SS_RIGHT)', _ '$H_FieldNameEdit = GUICtrlCreateEdit($INP_FieldNameEdit, 100,260+25, 500, 150 - 25) ;comment', 'Local $H_CANCEL = GUICtrlCreateGraphic("Cancel", 224, 224, 97, 33, 0)'] EndIf Local $hTimer = TimerInit(), $iGUIElementCount = 0, $sResult = "", $sFileName = "", $sDrive = "", $sDir = "", $sExtension = "" If @Compiled Then _PathSplit($sFilePath, $sDrive, $sDir, $sFileName, $sExtension) $sFileName = StringRegExpReplace($sFilePath, "^.*\\", "") EndIf For $i = 0 To (UBound($aArray) - 1) If StringRegExp($aArray[$i], "GUICtrlCreate|GUICreate") Then $sResult = _splitComma($aArray[$i]) If Not @error Then $aArray[$i] = $sResult $iGUIElementCount += 1 EndIf Next ConsoleWrite("t = " & TimerDiff($hTimer) & " GUI elements = " & $iGUIElementCount & " lines = " & (UBound($aArray) - 1) & @CRLF) If $sFileName <> "" Then Local $hFile = FileOpen("edited." & $sFileName, 2) _FileWriteFromArray("edited." & $sFileName, $aArray) FileClose($hFile) EndIf Exit EndFunc ;==>_convertGUI Func _splitComma($sString) Local $sSplitResult = "", $sTrimmedR = "", $sTrimmedL = "" Local $aSplit = StringSplit($sString, ',') If Not @error Then $sTrimmedR = "" $sTrimmedL = "" For $j = 1 To $aSplit[0] If StringRegExp($aSplit[1], "(?:.GUICtrlCreateGraphic|GUICtrlCreateProgress|GUICtrlCreateSlider|GUICtrlCreateTab|GUICtrlCreateTreeView)") Then If $j = 1 Then While StringLeft($aSplit[$j], 1) <> '(' $sTrimmedL &= StringLeft($aSplit[$j], 1) $aSplit[$j] = StringTrimLeft($aSplit[$j], 1) WEnd $aSplit[$j] = StringTrimLeft($aSplit[$j], 1) EndIf EndIf If $j = $aSplit[0] Then While StringRight($aSplit[$j], 1) <> ')' $sTrimmedR &= StringRight($aSplit[$j], 1) $aSplit[$j] = StringTrimRight($aSplit[$j], 1) WEnd $aSplit[$j] = StringTrimRight($aSplit[$j], 1) EndIf If StringRegExp($aSplit[$j], "[0-9]") And $aSplit[$j] <> -1 And $aSplit[$j] <> 0 And $aSplit[$j] <> 1 And Not StringInStr($aSplit[$j], ')') Then If StringRegExp($aSplit[$j], "\-|\+") Then ;put parenthesis around + or - $aSplit[$j] = '(' & $aSplit[$j] & ")*$g_DPI" Else $aSplit[$j] = $aSplit[$j] & "*$g_DPI" EndIf EndIf If $j < $aSplit[0] Then $sSplitResult &= $aSplit[$j] & ',' ElseIf $j = $aSplit[0] Then $sSplitResult &= $aSplit[$j] & ')' Else $sSplitResult &= $aSplit[$j] EndIf Next If $sTrimmedR <> "" Then $sSplitResult &= StringReverse($sTrimmedR) If $sTrimmedL <> "" Then $sSplitResult = $sTrimmedL & '(' & $sSplitResult Else SetError(1) Return EndIf ConsoleWrite($sSplitResult & @CRLF) Return $sSplitResult EndFunc ;==>_splitComma
      And now it looks good: 
      but it doesn't work on everything, for example the "GUICtrlCreateLabel("Output type: ", 30, 130, 65, 20) ;, $SS_RIGHT)" (from the autoit3wrapper gui)
      because the comment contains a parenthesis and it would break completely if there were variables as parameters..
      Is there some kind of parser around that I could use instead or maybe someone who has already done something like this?
    • By Danyfirex
      Hello!!!  
      In the past I had problems adding an application as a default for an extension in Windows 10. (It was easy in windows 7 using Registry) But since Windows 8 It requires to do some steps more. I wrote a tool (in other programming language) months ago for handling it. But now I just want to share an AutoIt version.
       
      Check on GitHub.
       
       
      Saludos
×
×
  • Create New...