Sign in to follow this  
Followers 0
NickBtheITguy

Script to monitor processes has high CPU usage

7 posts in this topic

I am new to AutoIt. Let me give you a little bit of background on the purpose of the script I am putting together and then I will explain my problem.

Background:

I have a client that has recently been getting calls from their ISP that their IP address is being reported as a source of spam. I have gone in and reinstalled several of the machines. The biggest thing that I noticed is that programs like Limewire and Azureus are being used by some people and they are downloading tons of applications and other media. The business is a family owned business and they aren't going to hold anyone responsible for the problems. I have been given permission to "lock them down without actually locking them down." So basically I can't lock them down from Admin users to regular Users. I can however use a Hosts file and any other means of restricting certain applications. I searched for a while for a free application that I might be able to use to restrict certain executables from running, but really didn't find anything. Group Policy won't work because there are ways around using the Hash restrictions or the Path restrictions. I also can't lock them down with the Group Policy and create a white list of what should run because they themselves don't have a clue. This is where my script comes in.

Script Purpose:

The purpose of my script is to monitor the process list and if it finds Limewire.exe, azureus.exe, and utorrent.exe it will kill the processes. The script works as intended. I also have it monitoring if ZoneAlarm or Avast are running and if not then the script will start the applications. I did this because they have in the past stopped the AV services. I went one step further and created another script that monitors that the main script is running, if they terminate my script it restarts. The main script also monitors that the secondary one is running. I do compile these as .EXE and run them that way.

The Problem:

When the scripts are running the CPU is sitting at 100%. The script will use less CPU cycles if something else is running but the CPU stays at 100% the whole time. Is there something I can do to lower the CPU footprint? Maybe someone has a better idea all together to accomplish what I am trying to do.

procmon.exe (This is the main script.)

Opt("TrayIconHide", 1)

$on = 1

While $on = 1
    
; Check to see if the Procmonchk.exe file is running. If not then it starts it.
    If ProcessExists("procmonchk.exe") Then
        $procmon = 1
    Else
        run("procmonchk.exe")
    EndIf
    
; Check to see if the Zone Alarm executable is running. If not then restart it.
    If ProcessExists("zlclient.exe") Then
        $za = 1
    Else
        run("C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe")
    EndIf
    
; Check to see if Avast is running. If not then restart it.
    If ProcessExists("ashserv.exe") Then
        $avast = 1
    Else
        run("C:\Program Files\Alwil Software\Avast4\ashserv.exe")
    EndIf
    
    
; Kills limewire if it is found running.
    While ProcessExists("Limewire.exe")
        ProcessClose("Limewire.exe")
    WEnd
    
; Kills azureus if it is found running.
    While ProcessExists("azureus.exe")
        ProcessClose("azureus.exe")
    WEnd

; Kills uTorrent if it is found running.
    While ProcessExists("uTorrent.exe")
        ProcessClose("uTorrent.exe")
    WEnd
    
WEnd

procmonchk.exe (This is the secondary script that monitors if the first one is still running.)

Opt("TrayIconHide", 1)

$on = 1

While $on = 1
    
; Check to see if the Procmon.exe file is running. If not then it starts it.
    If ProcessExists("procmon.exe") Then
        $procmon = 1
    Else
        run("procmon.exe")
    EndIf
    
WEnd

Share this post


Link to post
Share on other sites



Add a sleep, say Sleep(300) in your while/wend loop. (I don't suppose that you need to check more than 3 times a second.)

1 person likes this

Serial port communications UDF Includes functions for binary transmission and reception.printing UDF Useful for graphs, forms, labels, reports etc.Add User Call Tips to SciTE for functions in UDFs not included with AutoIt and for your own scripts.Functions with parameters in OnEvent mode and for Hot Keys One function replaces GuiSetOnEvent, GuiCtrlSetOnEvent and HotKeySet.UDF IsConnected2 for notification of status of connected state of many urls or IPs, without slowing the script.

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

I'm looking at it now, see I have any ideas.

But in addition just off the top of my head.

Have you considered blocking port 25 going out except for your mail server.

That would most likely immediately kill the spam.

Assuming this client has an internal mail server of course.

-Kenny

Edited by ken82m

My Contributions _StringMultiReplace PC Builders Console - Secure PDF Creator - Cisco VPN Installer MS DNS Server Backup Script - MS DHCP Backup Script IT Admin Console - Toggle Admin Mode - MyMovies-Add Discs Script - IT Help Desk and System Information Tool - Set On Lid Close Power Option - Streaming Media Server & Website "I believe that when we leave a place, part of it goes with us and part of us remains... Go anywhere, when it is quiet, and just listen.. After a while, you will hear the echoes of all our conversations, every thought and word we've exchanged.... Long after we are gone our voices will linger in these walls for as long as this place remains."

Share this post


Link to post
Share on other sites

Yeah Martin's right, you defeinitely need a sleep in there somewhere, either at the beginning or end of your loop.

Continously looping around short taskts like that without stopping will eat up any cpu quick.

Kenny


My Contributions _StringMultiReplace PC Builders Console - Secure PDF Creator - Cisco VPN Installer MS DNS Server Backup Script - MS DHCP Backup Script IT Admin Console - Toggle Admin Mode - MyMovies-Add Discs Script - IT Help Desk and System Information Tool - Set On Lid Close Power Option - Streaming Media Server & Website "I believe that when we leave a place, part of it goes with us and part of us remains... Go anywhere, when it is quiet, and just listen.. After a while, you will hear the echoes of all our conversations, every thought and word we've exchanged.... Long after we are gone our voices will linger in these walls for as long as this place remains."

Share this post


Link to post
Share on other sites

Add a sleep, say Sleep(300) in your while/wend loop. (I don't suppose that you need to check more than 3 times a second.)

Wow, adding that wait made a huge difference. Now it isn't using much CPU cycle at all. Thanks!

I'm looking at it now, see I have any ideas.

But in addition just off the top of my head.

Have you considered blocking port 25 going out except for your mail server.

That would most likely immediately kill the spam.

Assuming this client has an internal mail server of course.

-Kenny

They don't have an internal mail server. They have about 7 machines set up on a peer to peer. Their wireless was also wide open. I locked down their wireless. Many of their machines were infected with Viruses so I have been reinstalling them. I would love to have a firewall or something to block certain ports and set up some filters for web content but they won't buy one. So I am trying to work with what I have.

Yeah Martin's right, you defeinitely need a sleep in there somewhere, either at the beginning or end of your loop.

Continously looping around short taskts like that without stopping will eat up any cpu quick.

Kenny

Kenny, that did seem to be what was going on. I set it to Sleep(1000) and it seems to have dropped the CPU usage to near nothing.

Share this post


Link to post
Share on other sites

Yeah I learned that one the same as you, hard to forget lol :P

Wow, adding that wait made a huge difference. Now it isn't using much CPU cycle at all. Thanks!

They don't have an internal mail server. They have about 7 machines set up on a peer to peer. Their wireless was also wide open. I locked down their wireless. Many of their machines were infected with Viruses so I have been reinstalling them. I would love to have a firewall or something to block certain ports and set up some filters for web content but they won't buy one. So I am trying to work with what I have.

Kenny, that did seem to be what was going on. I set it to Sleep(1000) and it seems to have dropped the CPU usage to near nothing.


My Contributions _StringMultiReplace PC Builders Console - Secure PDF Creator - Cisco VPN Installer MS DNS Server Backup Script - MS DHCP Backup Script IT Admin Console - Toggle Admin Mode - MyMovies-Add Discs Script - IT Help Desk and System Information Tool - Set On Lid Close Power Option - Streaming Media Server & Website "I believe that when we leave a place, part of it goes with us and part of us remains... Go anywhere, when it is quiet, and just listen.. After a while, you will hear the echoes of all our conversations, every thought and word we've exchanged.... Long after we are gone our voices will linger in these walls for as long as this place remains."

Share this post


Link to post
Share on other sites

Add a sleep, say Sleep(300) in your while/wend loop. (I don't suppose that you need to check more than 3 times a second.)

Adding sleep(300) dropped my CPU from 25% to almost nothing for my rename script and now everything still work just fine.  :-)

Thank you so much Martin.

HotKeySet("{F7}", "F7save")
Func F7save()

   _WinWaitActivate("SecuGen Device Diagnostic Utility 4.64 Beta")
   ;MouseClickDrag("left",20,34,46,35,2)
   MouseClick("left",20,34,1)
   MouseClick("left",28,81,1)
  

    HotKeySet("{F7}")
    Send("{F7}")
    HotKeySet("{F7}", "F7save")
EndFunc

; Sends ALT+Y to close the rename warning box when changing the file extension
;_WinWaitActivate("Rename","") 
;   Sleep(100)
;   Send("!y")

While 1
    if WinActive("Rename","") Then
        Send("!y")
     EndIf
     Sleep(300)
    WEnd

#region --- Internal functions Au3Recorder Start ---
Func _WinWaitActivate($title,$timeout=0)
    WinWait($title,$timeout)
    If Not WinActive($title) Then WinActivate($title)
    WinWaitActive($title,$timeout)
EndFunc

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0