Jump to content

Obtain list of Processes/Applications from "Task Manager"


Sara
 Share

Recommended Posts

Speaking of _ArrayUnique() I thought that had made it into the UDFs but I guess I thunk wrong. I still have it in Arrayx.au3 so not to worry.

George

Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.

Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.***

The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.

Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else.

"Old age and treachery will always overcome youth and skill!"

Link to comment
Share on other sites

  • Replies 59
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

  • Moderators

Speaking of _ArrayUnique() I thought that had made it into the UDFs but I guess I thunk wrong. I still have it in Arrayx.au3 so not to worry.

Don't think I've ever submitted it, or I was probably going to write it to handle 1 and 2 dim arrays if I was going to submit it at all.

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Link to comment
Share on other sites

Don't think I've ever submitted it, or I was probably going to write it to handle 1 and 2 dim arrays if I was going to submit it at all.

If I remember I'll look in my UDFs when I get a chance. I may have re-written that to handle multi-Dim arrays. I remeber that was an project at one time but I'm not sure how far I got with it.

George

Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.

Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.***

The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.

Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else.

"Old age and treachery will always overcome youth and skill!"

Link to comment
Share on other sites

  • 4 weeks later...

Well, when I actually needed this script, it let me down <g>. Process List doesn't list everything in the Task Manager, it seems. What I learned last week is that any items that show up in the Task Manager that are indented, don't appear when one uses this script.

Does anyone know why, by any chance? It was a freeware that I needed the name of the exe so I could "close" it via an AI script. But it wasn't listed along with another couple of apps. That's how I know that it might somehow be tied into being "indented".

Thanks. :)

Link to comment
Share on other sites

Nope. Something else is wrong as I'm still getting an error despite all your great efforts. So problem might might very well lie elsewhere.

This actually raises a question I've been meaning to ask for a couple of years but keep forgetting about -- how can we tell what version of AutoIt we actually have, pls? Once it's installed, when one clicks on the executable, all we get is a "Run Script" dialogue box that requests the filepath of an AU3 file. I don't know where to actually go for info on the version as no ABOUT reference seems to be accessible from that exe.

I install any new version of AutoIt at home and then replace all the contents on the USB flash drive (Ufd) with the new install. This works extremely well for me. But I must admit that somewhere in the hectic, frenetic last couple of months, I might not have done the job properly, or as carefully as I normally do so I can't say for certain if I actually _have_ the latest version on the Ufd. In fact, don't even know anymore which version is on here. I gave up putting version numbers on the new "install" folder and just started deleting the old folder and dumping new version into place of old one, renaming to same old name so that it's just a generic "AutoIt" name with no version #. Within last several months I seemed to be upgrading all the time and it became a pain to have to keep making the changes to the path everywhere so that AI would still run (esp. with XPs' extreme unreliability with regards to file associations).

If there is a way to know the actual version, then I can determine what's going on and perhaps from there can figure out where problem lies with this script.

Thx. :)

In thinking about that, you could have a script that borrows from the AutoUpdateIt.au3 script. When launching SciTe, this exe would do the following:

  • Check to see if you are running the standard release or beta as default.
  • Checks to see if a newer version is available
  • If available, msgbox opens asking you if you wish to update.
  • if yes, then downloads and installs.
  • If no, then opens Scite.
  • If no update, opens Scite.
You would simply change the shortcut for Scite to the EXE.

It would be a good project for one to do. I don't have time at the moment to make it, but it would be a fun project for someone to do.

The path to AutoUpdateIt.au3: C:\Program Files\AutoIt3\Extras\AutoUpdateIt

Sorry for the hijacked thread...

Edited by Volly
Link to comment
Share on other sites

Well, when I actually needed this script, it let me down <g>. Process List doesn't list everything in the Task Manager, it seems. What I learned last week is that any items that show up in the Task Manager that are indented, don't appear when one uses this script.

Does anyone know why, by any chance? It was a freeware that I needed the name of the exe so I could "close" it via an AI script. But it wasn't listed along with another couple of apps. That's how I know that it might somehow be tied into being "indented".

Thanks. :party:

Wha...? :)

Can you post a screen shot of the Task Manager Processes tab with an "indented" process showing? I don't think I've ever seen that.

:)

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

@herewasplato: How did you get it to do that? Plus, I notice there is no PID listed for those two processes in the screen shot. Can you run my _ProcessListProperties() against that and see if the array shows those processes, and if so, is there whitespace in front of the name listed in the returned array?

:)

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

@herewasplato: How did you get it to do that?...

Run a 16bit app on a 32bit XP OS.

...Can you run my _ProcessListProperties() against that and see if the array shows those processes, and if so, is there whitespace in front of the name listed in the returned array?...

The "Windows on Windows" (wowexec.exe) does not show.

The app blacked out in the first screen shot does not show.

The "Virtual DOS machine" (ntvdm.exe) does show.

I ran this code:

#include <array.au3>

$avRET = _ProcessListProperties()
If @error Then Exit
_ArrayDisplay($avRET, "Before filtering")

$sProcesses = Chr(1)
For $n = 1 To $avRET[0][0]
    If Not StringInStr($sProcesses, Chr(1) & $avRET[$n][0] & Chr(1)) Then $sProcesses &= $avRET[$n][0] & Chr(1)
Next
$avFiltered = StringSplit(StringTrimRight(StringTrimLeft($sProcesses, 1), 1), Chr(1))
_ArrayDisplay($avFiltered, "After filtering")

_ArraySort($avFiltered, 0, 1)
_ArrayDisplay($avFiltered, "After sorting")

;===============================================================================
; Function Name:    _ProcessListProperties()
; Description:   Get various properties of a process, or all processes
; Call With:       _ProcessListProperties( [$Process [, $sComputer]] )
; Parameter(s):     (optional) $Process - PID or name of a process, default is all
;           (optional) $sComputer - remote computer to get list from, default is local
; Requirement(s):   AutoIt v3.2.4.9+
; Return Value(s):  On Success - Returns a 2D array of processes, as in ProcessList()
;             with additional columns added:
;             [0][0] - Number of processes listed (can be 0 if no matches found)
;             [1][0] - 1st process name
;             [1][1] - 1st process PID
;             [1][2] - 1st process Parent PID
;             [1][3] - 1st process owner
;             [1][4] - 1st process priority (0 = low, 31 = high)
;             [1][5] - 1st process executable path
;             [1][6] - 1st process CPU usage
;             [1][7] - 1st process memory usage
;             ...
;             [n][0] thru [n][7] - last process properties
; On Failure:       Returns array with [0][0] = 0 and sets @Error to non-zero (see code below)
; Author(s):        PsaltyDS athttp://www.autoitscript.com/forum
; Notes:            If a numeric PID or string process name is provided and no match is found,
;             then [0][0] = 0 and @error = 0 (not treated as an error, same as ProcessList)
;           This function requires admin permissions to the target computer.
;           All properties come from the Win32_Process class in WMI.
;===============================================================================
Func _ProcessListProperties($Process = "", $sComputer = ".")
    Local $sUserName, $sMsg, $sUserDomain, $avProcs
    If $Process = "" Then
        $avProcs = ProcessList()
    Else
        $avProcs = ProcessList($Process)
    EndIf

    ; Return for no matches
    If $avProcs[0][0] = 0 Then Return $avProcs

    ; ReDim array for additional property columns
    ReDim $avProcs[$avProcs[0][0] + 1][8]

    ; Connect to WMI and get process objects
    $oWMI = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $sComputer & "\root\cimv2")
    If IsObj($oWMI) Then
        ; Get collection of all processes from Win32_Process
        $colProcs = $oWMI.ExecQuery("select * from win32_process")
        If IsObj($colProcs) Then
            ; For each process...
            For $oProc In $colProcs
                ; Find it in the array
                For $n = 1 To $avProcs[0][0]
                    If $avProcs[$n][1] = $oProc.ProcessId Then

                        ; [n][2] = Parent PID
                        $avProcs[$n][2] = $oProc.ParentProcessId
                        ; [n][3] = Owner
                        If $oProc.GetOwner($sUserName, $sUserDomain) = 0 Then $avProcs[$n][3] = $sUserDomain & "\" & $sUserName
                        ; [n][4] = Priority
                        $avProcs[$n][4] = $oProc.Priority
                        ; [n][5] = Executable path
                        $avProcs[$n][5] = $oProc.ExecutablePath

                        ExitLoop
                    EndIf
                Next
            Next
        Else
            SetError(2) ; Error getting process collection from WMI
        EndIf

        ; Get collection of all processes from Win32_PerfFormattedData_PerfProc_Process
        ; Have to use an SWbemRefresher to pull the collection, or all Perf data will be zeros
        Local $oRefresher = ObjCreate("WbemScripting.SWbemRefresher")
        $colProcs = $oRefresher.AddEnum($oWMI, "Win32_PerfFormattedData_PerfProc_Process" ).objectSet
        $oRefresher.Refresh

        ; Time delay before calling refresher
        Local $iTime = TimerInit()
        Do
            Sleep(10)
        Until TimerDiff($iTime) > 100
        $oRefresher.Refresh

        ; Get PerfProc data
        For $oProc In $colProcs
            ; Find it in the array
            For $n = 1 To $avProcs[0][0]
                If $avProcs[$n][1] = $oProc.IDProcess Then
                    $avProcs[$n][6] = $oProc.PercentProcessorTime
                    $avProcs[$n][7] = $oProc.WorkingSet
                    ExitLoop
                EndIf
            Next
        Next
    Else
        SetError(1) ; Error connecting to WMI
    EndIf

    ; Return array
    Return $avProcs
EndFunc   ;==>_ProcessListProperties

Edit1: None of the indented items showed no matter the sort.

Edited by herewasplato

[size="1"][font="Arial"].[u].[/u][/font][/size]

Link to comment
Share on other sites

I am trying to get the list of Applications/Processes currently running in

the system using Task Manager's Applications/Processes tab. Any ideas

as to how to do this using Autoit?

Hi !

You can you use the Windows command tasklist and store the result in a file

tasklist /NH > file.txt

There are more options with the Sysinternals command line pslist.exe

Link to comment
Share on other sites

Not that I understand this kind of stuff:

http://www.autoitscript.com/forum/index.ph...st&p=184579

Wow, 16bit apps... :party:

I tried running Command.com to get a 16bit console going, and that got me an instance of NTVDM.exe running. But running a 16bit app under that (EDIT.COM) did not get me an instance of WOWEXEC.exe or anything else indented.

Since the solution shown in that link requires loading .h header files and libraries, it won't work in AutoIt. Maybe Visual Basic, but not even VB Script, I don't think. There would have to be something like a WMI interface to the NTVDM to look at stuff inside the hosted 16bit processes.

:)

P.S. This link might be relevant: Get Sub Process Names From NTVDM. It, in turn references this old NT article: Under The Hood, by Matt Pietrek. From there, you get more detailed references to using the NTVDM debug API, VDMDBG.DLL:

Using VDMDBG.DLL, you could write a 32-bit debugger program that runs on Windows NT and debugs 16-bit programs. However, VDMDBG.DLL isn't solely for debugger writers. Programmers often wonder how the Windows NT Task Manager (TASKMGR.EXE) is able to display the running 16-bit Windows tasks in the Processes tab. The answer is VDMDBG.DLL, which TASKMGR.EXE links to implicitly. If you look closely, the 16-bit Windows tasks you see in the Task Manager are always subordinate to an NTVDM process instance.

The VDMDBG API

As an experienced debugger writer, I felt like a party to a mugging when I first read VDMDBG.HLP. The introductory text is not for the faint of heart. It took many rereadings before the document made sense. Having undergone the steep learning curve, I can save you some time.

The VDMDBG API can be broken up into two sections. The first part is the simple stuff. The much larger remaining set of APIs is for hardcore programmers. If you're just interested in enumerating through 16-bit Windows tasks, skip to sections 5.8 and 5.9 of VDMDBG.HLP. There, you'll find an understandable description of VDMEnumProcessWOW and VDMEnumTaskWOW.

This rabbit hole's gett'n deep...

:)

Edited by PsaltyDS
Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

For any one that is having indented processes (I don't) try running this VB Script and see what it reports. We can always convert it to AutoIt later. Just create a *.vbs file and paste this in and then run it.

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set colProcessList = objWMIService.ExecQuery("Select * from Win32_Process")

For Each objProcess in colProcessList
    colProperties = objProcess.GetOwner(strNameOfUser,strUserDomain)
    Wscript.Echo "Process " & objProcess.Name & " is owned by " _ 
        & strUserDomain & "\" & strNameOfUser & "."
Next

George

Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.

Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.***

The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.

Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else.

"Old age and treachery will always overcome youth and skill!"

Link to comment
Share on other sites

For any one that is having indented processes (I don't) try running this VB Script and see what it reports. We can always convert it to AutoIt later. Just create a *.vbs file and paste this in and then run it.

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set colProcessList = objWMIService.ExecQuery("Select * from Win32_Process")

For Each objProcess in colProcessList
    colProperties = objProcess.GetOwner(strNameOfUser,strUserDomain)
    Wscript.Echo "Process " & objProcess.Name & " is owned by " _ 
        & strUserDomain & "\" & strNameOfUser & "."
Next
If you compare that with the code in my _ProcessListProperties(), I think you see it will get the exact same results:

; Connect to WMI and get process objects
    $oWMI = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $sComputer & "\root\cimv2")
    If IsObj($oWMI) Then
        ; Get collection of all processes from Win32_Process
        $colProcs = $oWMI.ExecQuery("select * from win32_process")
        If IsObj($colProcs) Then
            ; For each process...
            For $oProc In $colProcs

                ; ...

            Next
        Else
            SetError(2) ; Error getting process collection from WMI
        EndIf

:)

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

If you compare that with the code in my _ProcessListProperties(), I think you see it will get the exact same results:

; Connect to WMI and get process objects
    $oWMI = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $sComputer & "\root\cimv2")
    If IsObj($oWMI) Then
        ; Get collection of all processes from Win32_Process
        $colProcs = $oWMI.ExecQuery("select * from win32_process")
        If IsObj($colProcs) Then
            ; For each process...
            For $oProc In $colProcs

                ; ...

            Next
        Else
            SetError(2) ; Error getting process collection from WMI
        EndIf

:)

Well how about that? Sorry, I didn't read your code. My thinking was that those are either being run as child processes or they are being run as (or by?) a service.

George

Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.

Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.***

The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.

Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else.

"Old age and treachery will always overcome youth and skill!"

Link to comment
Share on other sites

Very interesting. In the 16 months that I've been using WinXP, I have seen the "indented" processes occasionally. Enough for a pause in what I was doing initially when I saw that, but after a moment I shrugged it off and moved on. Nothing seemed to be affected so I though it was just another XP quirk. I don't remember if I had that happen before with Win98SE. Until this script, it was never an issue. The reason for the script in this forum thread was to have a simple way to get a process' name without hunting for it though the running tasks and then manually having to copy-type the exe. I seem to need an app's process name frequently enough for other AI uses, to finally chase down an AI solution to list everything running, but then it doesn't work the first time I need it! <lol> Too funny.

I'm not aware that the "indent" occurs because of the app being 16 bit but I'll definitely try this out. Makes sense. The only difficulty for me is remembering what 16 bit apps I have so I can test this. That wow....exe one is one I get frequently though I never tracked down what it is. I recognized it from the screenshots here, though. I don't actively use 16 bit apps because I really hate the 8.3 name issues but I'm sure that some running behind-the-scenes might be older apps. I don't care about having the latest and greatest. If a program does a good job, that's all I care about <lol>.

Anyway, glad someone stepped in to provide a screenshot because I haven't had one in a while that duplicates this problem.

With regards to this issue, though, does a solution possible?

Thanks! :)

Link to comment
Share on other sites

Hi !

You can you use the Windows command tasklist and store the result in a file

tasklist /NH > file.txt

There are more options with the Sysinternals command line pslist.exe

Greetings totos.

I had tried tasklist /MH but I had forgotten about pslist; sadly, neither displays 16 bit processes on a 32 bit OS.

[size="1"][font="Arial"].[u].[/u][/font][/size]

Link to comment
Share on other sites

With regards to this issue, though, does a solution possible?

Thanks! :)

Possible, but over my head... :)

I don't have the DLL-fu to write this, but it seems somebody who knew how to write a DllCall() including a callback function this should make it work:

How To Use VDMDBG Functions on Windows NT, Windows 2000, and Windows XP

Virtual DOS Machine Debug

:party:

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...