Sign in to follow this  
Followers 0
emendelson

Check If Specific Dos App Is Running In Ntvdm.exe?

7 posts in this topic

I know that I can test whether the NTVDM is running with ProcessExists(ntvdm.exe) - but is it possible to tell if a specific DOS application is running in the NTVDM?

I suspect the answer is "Forget it - can't be done" but I thought it might be worth asking, just in case.

Thanks for any help.

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

This may only add to your frustration since I know of no way to find such info within AutoIt, but a little util named "PrcView v 3.7.3.1" can "see" things under Ntvdm. It comes with a command line version.

Edited by herewasplato

[size="1"][font="Arial"].[u].[/u][/font][/size]

Share this post


Link to post
Share on other sites

This may only add to your frustration since I know of no way to find such info within AutoIt, but a little util named "PrcView v 3.7.3.1" can "see" things under Ntvdm. It comes with a command line version.

Actually, that sounds like EXACTLY what I'm looking for. I downloaded it, but I can't see how to get it to "see" what's running in the VDM. If you can give any clue, I'd be very grateful. I've tried various switches on the command-line version, with no success.

(The idea would be to send the output to a file, then read the file for the name of the DOS program that I want to test. PV sees itself running in the NTVDM, but it doesn't seem to see any other programs running in other ones. But I've probably missed something...

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

...PV sees itself running in the NTVDM, but it doesn't seem to see any other programs running in other ones...

Try the -t option; it listed:
ntvdm.exe      (2188)
     WOWEXEC.EXE   (2892)
and then the DOS app I tested with (also indented like WOW...)

I'm not sure if it works with all DOS apps.

edit: changed to code tags instead of quote tags to preserve the indent.

edit2: there might be a "pure AutoIt solution" if you understand DLLcalls to the PSAPI.DLL - I don't:

http://support.microsoft.com/default.aspx?...b;en-us;Q175030

16-Bit Processes

On Windows 95, Windows 98, and Windows Millennium Edition, 16-bit applications are equal citizens as far as ToolHelp32 is concerned. 16-Bit applications have process IDs and so forth, just like Win32 applications. However, this is not the case under Windows NT, Windows 2000, or Windows XP. On these operating systems, 16-bit applications run in what is called a Virtual Dos Machine (VDM).

To enumerate 16-bit applications under Windows NT, Windows 2000, and Windows XP, you must use a function called VDMEnumTaskWOWEx(). You must include VDMDBG.h in your source module, and the VDMDBG.lib file must be linked with your project. These two files are included in the Platform SDK.

The declaration of this function is as follows: INT WINAPI VDMEnumTaskWOWEx( DWORD dwProcessId, TASKENUMPROCEX fp, LPARAM lparam );

where dwProcessId is the identifier of the NTVDM process whose 16-bit tasks you want to enumerate. The fp parameter is a pointer to a callback enumeration function. And the lparam parameter is a user-defined value to be passed to your enumeration function.

Your enumeration function should be defined as follows: BOOL WINAPI Enum16( DWORD dwThreadId, WORD hMod16, WORD hTask16, PSZ pszModName, PSZ pszFileName, LPARAM lpUserDefined );

This function will be called once for each 16-bit task that is running under the NTVDM process that is passed into VDMEnumTaskWOWEx(). You should return FALSE if you want to continue enumerating and TRUE if you want to end enumeration. Note that this is the opposite of EnumWindows().

Edited by herewasplato

[size="1"][font="Arial"].[u].[/u][/font][/size]

Share this post


Link to post
Share on other sites

Try the -t option; it listed:

ntvdm.exe      (2188)
     WOWEXEC.EXE   (2892)
and then the DOS app I tested with (also indented like WOW...)

I'm not sure if it works with all DOS apps.

edit: changed to code tags instead of quote tags to preserve the indent.

edit2: there might be a "pure AutoIt solution" if you understand DLLcalls to the PSAPI.DLL - I don't:

http://support.microsoft.com/default.aspx?...b;en-us;Q175030

The -t option doesn't work reliably, it seems. It seems to see some programs, but not the one I'm looking for (wp.exe - WordPerfect for DOS). The DLL calls are probably beyond me, but it does look promising. Will bang my head on the table and see if something gets shaken loose.

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

The -t option doesn't work reliably, it seems...

There is a newer version of the util:

http://www.teamcti.com/pview/prcview.htm

I've just never needed more than the one one provided on a W98 system.

See if the new one comes with a command line version and if it "sees" what you want.

@Others,

I could not find a WMI solution to this - can you?

Edited by herewasplato

[size="1"][font="Arial"].[u].[/u][/font][/size]

Share this post


Link to post
Share on other sites

There is a newer version of the util:

http://www.teamcti.com/pview/prcview.htm

I've just never needed more than the one one provided on a W98 system.

See if the new one comes with a command line version and if it "sees" what you want.

@Others,

I could not find a WMI solution to this - can you?

Tried three different versions including the latest (I already had two on disk, it turned out); no luck with any.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0