Ascend4nt Posted March 2, 2009 Share Posted March 2, 2009 (edited) .. Edited August 6, 2009 by Ascend4nt My contributions: Performance Counters in Windows - Measure CPU, Disk, Network etc Performance | Network Interface Info, Statistics, and Traffic | CPU Multi-Processor Usage w/o Performance Counters | Disk and Device Read/Write Statistics | Atom Table Functions | Process, Thread, & DLL Functions UDFs | Process CPU Usage Trackers | PE File Overlay Extraction | A3X Script Extract | File + Process Imports/Exports Information | Windows Desktop Dimmer Shade | Spotlight + Focus GUI - Highlight and Dim for Eyestrain Relief | CrossHairs (FullScreen) | Rubber-Band Boxes using GUI's (_GUIBox) | GUI Fun! | IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) | Magnifier (Vista+) Functions UDF | _DLLStructDisplay (Debug!) | _EnumChildWindows (controls etc) | _FileFindEx | _ClipGetHTML | _ClipPutHTML + ClipPutHyperlink | _FileGetShortcutEx | _FilePropertiesDialog | I/O Port Functions | File(s) Drag & Drop | _RunWithReducedPrivileges | _ShellExecuteWithReducedPrivileges | _WinAPI_GetSystemInfo | dotNETGetVersions | Drive(s) Power Status | _WinGetDesktopHandle | _StringParseParameters | Screensaver, Sleep, Desktop Lock Disable | Full-Screen Crash Recovery Wrappers/Modifications of others' contributions: _DOSWildcardsToPCRegEx (original code: RobSaunder's) | WinGetAltTabWinList (original: Authenticity) UDF's added support/programming to: _ExplorerWinGetSelectedItems | MIDIEx UDF (original code: eynstyne) (All personal code/wrappers centrally located at Ascend4nt's AutoIT Code) Link to comment Share on other sites More sharing options...
KaFu Posted March 2, 2009 Share Posted March 2, 2009 Awesome , was already trying to build a taskmanager replacement/supplement in the past, but never found good ways around the (slooooow) WMI calls. For sure will monitor your future posts regarding dllcalls ... Cheers OS: Win10-22H2 - 64bit - German, AutoIt Version: 3.3.16.1, AutoIt Editor: SciTE, Website: https://funk.eu AMT - Auto-Movie-Thumbnailer (2022-Nov-26) BIC - Batch-Image-Cropper (2023-Apr-01) COP - Color Picker (2009-May-21) DCS - Dynamic Cursor Selector (2024-Feb-16) HMW - Hide my Windows (2018-Sep-16) HRC - HotKey Resolution Changer (2012-May-16) ICU - Icon Configuration Utility (2018-Sep-16) SMF - Search my Files (2023-Jun-03) - THE file info and duplicates search tool SSD - Set Sound Device (2017-Sep-16) Link to comment Share on other sites More sharing options...
Manko Posted March 2, 2009 Share Posted March 2, 2009 Yet another call that defeats the need for WMI process info calls. Only 2 functions remain to be able to completely match PsaltyDS's _ProcessListProperties() collection function, 'CPU usage' and 'Process Owner' (which isn't the same as Parent Process, but rather 'user' owner? - actually I'm still not 100% sure what it means *shrug*)Great work!You already got CPU usage in that function. You just add kerneltime and usertime for process, and divide by SUM for ALL processes, times 100.About processOWNER: You get most, but not always all, with the 2 funcs I use in my ModuleHelper, in sig... I should continue looking...Besides... Take a look at my "ThreadsnProcesses" Func, it has much of what one needs. Don't get fooled by the example. Look at the structs! It can do much more than my little example shows... My misstake, not fully expanding. It's seems one can't expect people to read through source.../Manko Yes i rush things! (I sorta do small bursts inbetween doing nothing.) Things I have rushed and reRushed:* ProDLLer - Process manager - Unload viri modules (dll) and moore...* _WinAPI_ProcessListOWNER_WTS() - Get Processes owner list...* _WinAPI_GetCommandLineFromPID() - Get commandline of target process...* _WinAPI_ThreadsnProcesses() Much info if expanded - optional Indented "Parent/Child"-style Processlist. Moore to come... eventually... Link to comment Share on other sites More sharing options...
Ascend4nt Posted March 2, 2009 Author Share Posted March 2, 2009 Manko, You know, I've just been reading some things related to 'GetProcessTimes' and 'GetSystemTimes', and I'm still in the process of figuring out how it all works - I know just by early quick experimentation that Kernel Time and UserTime were giving me 0 results for some processes, so I sorta ignored it at the time. But I guess I'll have to revisit that. And regarding your source - where's the comments! haha... actually, I've had your 'GetCommandLineFromPID()' in mind as one of the process information sources (good job btw).. and although you and others have some solutions to getting process paths, I found that my way (in sig.) was the only x64 compatible one.. It'd be really cool to complete a _ProcessListProperties() function. Right now, the basic sources I'd use for the same returns as PsaltyDS's function are: [0] ProcessList() for Process Name ; (alternatively: _WinAPI_ProcessGetFilename() - Ascend4nt) [1] ProcessList() also for Process ID ; (alternatively: ProcessExists()) [2] _ProcessGetParent() for Parent PID (by SmOke_N) [3] (?) Process Owner - I guess that's where your code might come in =) [4] _ProcessGetPriority() for Priority - standard UDF by Matthew Tucker [5] _WinAPI_ProcessGetPathname() - for Pathname to Process - Ascend4nt [6] (?) Process CPU Usage - I'll have to try and figure that one out (maybe it's easier than it looks from examples) [7] ProcessGetStats() for memory usage [8] _WinAPI_ProcessGetCreateTime() - me [9] _GetCommandLineFromPID() by Manko (& Wraithdu?) Okay, I'll have to sleep on this stuff.. take it easy Ascend4nt My contributions: Performance Counters in Windows - Measure CPU, Disk, Network etc Performance | Network Interface Info, Statistics, and Traffic | CPU Multi-Processor Usage w/o Performance Counters | Disk and Device Read/Write Statistics | Atom Table Functions | Process, Thread, & DLL Functions UDFs | Process CPU Usage Trackers | PE File Overlay Extraction | A3X Script Extract | File + Process Imports/Exports Information | Windows Desktop Dimmer Shade | Spotlight + Focus GUI - Highlight and Dim for Eyestrain Relief | CrossHairs (FullScreen) | Rubber-Band Boxes using GUI's (_GUIBox) | GUI Fun! | IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) | Magnifier (Vista+) Functions UDF | _DLLStructDisplay (Debug!) | _EnumChildWindows (controls etc) | _FileFindEx | _ClipGetHTML | _ClipPutHTML + ClipPutHyperlink | _FileGetShortcutEx | _FilePropertiesDialog | I/O Port Functions | File(s) Drag & Drop | _RunWithReducedPrivileges | _ShellExecuteWithReducedPrivileges | _WinAPI_GetSystemInfo | dotNETGetVersions | Drive(s) Power Status | _WinGetDesktopHandle | _StringParseParameters | Screensaver, Sleep, Desktop Lock Disable | Full-Screen Crash Recovery Wrappers/Modifications of others' contributions: _DOSWildcardsToPCRegEx (original code: RobSaunder's) | WinGetAltTabWinList (original: Authenticity) UDF's added support/programming to: _ExplorerWinGetSelectedItems | MIDIEx UDF (original code: eynstyne) (All personal code/wrappers centrally located at Ascend4nt's AutoIT Code) Link to comment Share on other sites More sharing options...
Manko Posted March 2, 2009 Share Posted March 2, 2009 One down... ProcessListOWNER_WTS() - No WMI. Get Process owner list...Your turn! (Maybe your 0 returns are because of privileges?)/Manko Yes i rush things! (I sorta do small bursts inbetween doing nothing.) Things I have rushed and reRushed:* ProDLLer - Process manager - Unload viri modules (dll) and moore...* _WinAPI_ProcessListOWNER_WTS() - Get Processes owner list...* _WinAPI_GetCommandLineFromPID() - Get commandline of target process...* _WinAPI_ThreadsnProcesses() Much info if expanded - optional Indented "Parent/Child"-style Processlist. Moore to come... eventually... Link to comment Share on other sites More sharing options...
ProgAndy Posted March 2, 2009 Share Posted March 2, 2009 You know, I've just been reading some things related to 'GetProcessTimes' and 'GetSystemTimes', and I'm still in the process of figuring out how it all works - I know just by early quick experimentation that Kernel Time and UserTime were giving me 0 results for some processes, so I sorta ignored it at the time. But I guess I'll have to revisit that.Try to use just 0x400 instead of BitOR(0x400,0x10) in _WinAPI_ProcessGetCreateTime There is no need for the rights to use ReadProcessMemory in this funcion. *GERMAN* [note: you are not allowed to remove author / modified info from my UDFs]My UDFs:[_SetImageBinaryToCtrl] [_TaskDialog] [AutoItObject] [Animated GIF (GDI+)] [ClipPut for Image] [FreeImage] [GDI32 UDFs] [GDIPlus Progressbar] [Hotkey-Selector] [Multiline Inputbox] [MySQL without ODBC] [RichEdit UDFs] [SpeechAPI Example] [WinHTTP]UDFs included in AutoIt: FTP_Ex (as FTPEx), _WinAPI_SetLayeredWindowAttributes Link to comment Share on other sites More sharing options...
UEZ Posted March 2, 2009 Share Posted March 2, 2009 I get some start times with value "16010101010000" although Process Explorer shows me a date/time! E.g.: process WmiPrvSE.exe Tested on Vista x32 using AutoIt v3.3.0.0 UEZ Please don't send me any personal message and ask for support! I will not reply! Selection of finest graphical examples at Codepen.io The own fart smells best! ✌Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!¯\_(ツ)_/¯ ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ Link to comment Share on other sites More sharing options...
UEZ Posted March 2, 2009 Share Posted March 2, 2009 I forgot to mention that I merged both scripts (_WinAPI_ProcessGetCreateTime and _ProcessListOWNER_WTS()) to one and formatted the time format output: expandcollapse popup;http://www.autoitscript.com/forum/index.php?showtopic=90572 #include <array.au3> ; Needed to display array in example. #include <security.au3> ; Get OWNER from SID. $tag_WTS_PROCESS_INFO = _ "DWORD SessionId;" & _ "DWORD ProcessId;" & _ "PTR pProcessName;" & _ "PTR pUserSid" ; ############ Example code ####################### $temp = _ProcessListOWNER_WTS() $temp[0][0] = "Process" $temp[0][1] = "ProcessId" $temp[0][2] = "SessionId" $temp[0][3] = "ProcessOWNER" $temp[0][4] = "ProcessCreateTime" _ArrayDisplay($temp, "Process list with OWNER...") ; ############################################### ; ############ Here be func! #################### Func _ProcessListOWNER_WTS() $t = TimerInit() $ret = DllCall("WTSApi32.dll", "int", "WTSEnumerateProcesses", "int", 0, "int", 0, "int", 1, "ptr*", 0, "int*", 0) Local $array[$ret[5]][5] $mem = DllStructCreate($tag_WTS_PROCESS_INFO, $ret[4]) For $i = 0 To $ret[5] - 1 $mem = DllStructCreate($tag_WTS_PROCESS_INFO, $ret[4] + ($i * 16)) ;if DllStructGetData($mem, "pProcessName") Then $string = DllStructCreate("char[256]", DllStructGetData($mem, "pProcessName")) $array[$i][0] = DllStructGetData($string, 1) ;EndIf $array[$i][1] = DllStructGetData($mem, "ProcessId") $array[$i][2] = DllStructGetData($mem, "SessionId") ;if DllStructGetData($mem, "pUserSid") Then $ret1 = _Security__LookupAccountSid(DllStructGetData($mem, "pUserSid")) If IsArray($ret1) Then $array[$i][3] = $ret1[0] ;EndIf $array[$i][4] = _WinAPI_ProcessGetCreateTime($array[$i][1]) Next DllCall("WTSApi32.dll", "int", "WTSFreeMemory", "int", $ret[4]) Return $array EndFunc ;==>_ProcessListOWNER_WTS ;################################ END FUNC ########################################## ;http://www.autoitscript.com/forum/index.php?showtopic=90552 ; =============================================================================================== ; Func _WinAPI_ProcessGetCreateTime($vProcess) ; ; Function to get the Process Creation Time ; ; $vProcess = Process ID or Process Name ; ; Returns: ; Success: Creation Time in the form YYYYMMDDHHSS ; Failure: Empty string, and @error set to 2 if DLLCall failure ; ; Author: Ascend4nt ; =============================================================================================== Func _WinAPI_ProcessGetCreateTime($vProcess) Local $time If Not IsNumber($vProcess) Then $vProcess = ProcessExists($vProcess) If Not $vProcess Then Return SetError(1, 0, "") EndIf Local $stCreateTime, $stExitTime, $stKernelTime, $stUserTime ; Open Process handle ( BitOr(PROCESS_QUERY_INFORMATION 0x400,PROCESS_VM_READ 0x10)) @http://msdn.microsoft.com/en-us/library/ms684880(VS.85).aspx ;~ Local $hProcess = DllCall('kernel32.dll','ptr', 'OpenProcess','int', BitOR(0x400,0x10),'int', 0,'int', $vProcess) Local $hProcess = DllCall('kernel32.dll', 'ptr', 'OpenProcess', 'int', 0x400, 'int', 0, 'int', $vProcess) If @error Or Not IsArray($hProcess) Then Return SetError(2, 0, "") $stCreateTime = DllStructCreate("dword[2]") $stExitTime = DllStructCreate("dword[2]") $stKernelTime = DllStructCreate("dword[2]") $stUserTime = DllStructCreate("dword[2]") Local $aRet = DllCall("kernel32.dll", "int", "GetProcessTimes", "ptr", $hProcess[0], "ptr", DllStructGetPtr($stCreateTime), _ "ptr", DllStructGetPtr($stExitTime), "ptr", DllStructGetPtr($stKernelTime), "ptr", DllStructGetPtr($stUserTime)) ; Close the process handle DllCall('kernel32.dll', 'ptr', 'CloseHandle', 'ptr', $hProcess[0]) If Not IsArray($aRet) Then Return SetError(2, 0, "") $time = _WinAPI_FileTimeConvert(DllStructGetData($stCreateTime, 1, 1), DllStructGetData($stCreateTime, 1, 2)) ;~ ConsoleWrite($time & @CRLF) $time = StringLeft($time, 4) & "/" & StringMid($time, 5, 2) & "/" & StringMid($time, 7, 2) & " " & StringMid($time, 9, 2) & ":" & StringMid($time, 11, 2) & ":" & StringMid($time, 13, 2) Return $time EndFunc ;==>_WinAPI_ProcessGetCreateTime ; =============================================================================================== ; Func _WinAPI_FileTimeConvert($iFileDateTimeLo,$iFileDateTimeHi,$DLL=-1) ; ; Function to Convert Date-Time double-dword values stored in Windows FILETIME structures ; NOTE: It *has* to be passed as two dwords, otherwise there are issues with 64-bit parameters. ; ; NOTE: When used with _WinAPI_FileFind.. functions, the *PREFERRED* METHOD of calling this is: ; _WinAPI_FileFindTimeConvert() ; ; $iFileDateTimeLo = Lo word of date/time info returned in a the FILETIME structure ; $iFileDateTimeHi = Hi word of date/time info returned in a FILETIME structure. ; $DLL = DLL handle or -1 ; ; Return: ; Success: formatted string : YYYYMMDDHHMMSS (24-hour clock) ; Failure: empty string, with @error=2 (DLL call fail) ; ; Author: Ascend4nt ; =============================================================================================== Func _WinAPI_FileTimeConvert($iFileDateTimeLo, $iFileDateTimeHi, $DLL = -1) Local $sDateTimeStr, $stLocalFileTime, $stFileTime, $stSystemTime, $aRet ; FILETIME structures [DateTimeLo,DateTimeHi] $stLocalFileTime = DllStructCreate("dword[2]") $stFileTime = DllStructCreate("dword[2]") ; SYSTEMTIME structure [Year,Month,DayOfWeek,Day,Hour,Min,Sec,Milliseconds] $stSystemTime = DllStructCreate("ushort;ushort;ushort;ushort;ushort;ushort;ushort;ushort") If $DLL == -1 Then $DLL = "Kernel32.dll" ; Set the appropriate data members of the FileTime structure DllStructSetData($stFileTime, 1, $iFileDateTimeLo, 1) DllStructSetData($stFileTime, 1, $iFileDateTimeHi, 2) ; First convert file time (UTC-based file time) to 'local file time' $aRet = DllCall($DLL, "int", "FileTimeToLocalFileTime", "ptr", DllStructGetPtr($stFileTime), "ptr", DllStructGetPtr($stLocalFileTime)) If @error Or Not IsArray($aRet) Or Not $aRet[0] Then Return SetError(2, 0, "") ; Then convert file time to a system time structure $aRet = DllCall($DLL, "int", "FileTimeToSystemTime", "ptr", DllStructGetPtr($stLocalFileTime), "ptr", DllStructGetPtr($stSystemTime)) If @error Or Not IsArray($aRet) Or Not $aRet[0] Then Return SetError(2, 0, "") ; Now format it and return it in a string. Format: YYYYMMDDHHSSMM $sDateTimeStr = DllStructGetData($stSystemTime, 1) & StringRight('0' & DllStructGetData($stSystemTime, 2), 2) & _ StringRight('0' & DllStructGetData($stSystemTime, 4), 2) & _ StringRight('0' & DllStructGetData($stSystemTime, 5), 2) & StringRight('0' & DllStructGetData($stSystemTime, 6), 2) & _ StringRight('0' & DllStructGetData($stSystemTime, 7), 2) ; DLLStructDelete()'s $stSystemTime = 0 $stFileTime = 0 $stLocalFileTime = 0 Return $sDateTimeStr EndFunc ;==>_WinAPI_FileTimeConvert Here I can see "16010101010000" values! UEZ Please don't send me any personal message and ask for support! I will not reply! Selection of finest graphical examples at Codepen.io The own fart smells best! ✌Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!¯\_(ツ)_/¯ ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ Link to comment Share on other sites More sharing options...
Manko Posted March 2, 2009 Share Posted March 2, 2009 Here I can see "16010101010000" values! UEZ Yes i rush things! (I sorta do small bursts inbetween doing nothing.) Things I have rushed and reRushed:* ProDLLer - Process manager - Unload viri modules (dll) and moore...* _WinAPI_ProcessListOWNER_WTS() - Get Processes owner list...* _WinAPI_GetCommandLineFromPID() - Get commandline of target process...* _WinAPI_ThreadsnProcesses() Much info if expanded - optional Indented "Parent/Child"-style Processlist. Moore to come... eventually... Link to comment Share on other sites More sharing options...
UEZ Posted March 2, 2009 Share Posted March 2, 2009 Confirmed UEZ Please don't send me any personal message and ask for support! I will not reply! Selection of finest graphical examples at Codepen.io The own fart smells best! ✌Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!¯\_(ツ)_/¯ ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ Link to comment Share on other sites More sharing options...
Ascend4nt Posted March 2, 2009 Author Share Posted March 2, 2009 (edited) Try to use just 0x400 instead of BitOR(0x400,0x10) in _WinAPI_ProcessGetCreateTime There is no need for the rights to use ReadProcessMemory in this funcion.Prog@ndy, thx for the tip. I'm not always sure what rights to use all the time.I get some start times with value "16010101010000" although Process Explorer shows me a date/time!E.g.: process WmiPrvSE.exeTested on Vista x32 using AutoIt v3.3.0.0UEZUEZ, that's odd - I've just tried it with and without Admin+elevated privileges on Vista Ultimate x32 and it gave me the proper time for WmiPrvSE. Hmm.. I haven't tried it specifically with v. 3.3 though.. I'll have to give that a go.One down... ProcessListOWNER_WTS() - No WMI. Get Process owner list...Your turn! tongue.gif (Maybe your 0 returns are because of privileges?)/MankoManko, nice job! Kudos =)But don't expect this CPU usage measurer to come out too soon hehe.. I'd rather not have to get *all* processes to find out the usage for 1 process.. there must be a simpler way no? I'll need to mess around with things to see what I can come up withOh, and interesting idea in this thread using a 'double' value to save/pass the time information - I wouldn't have thought of that. Didn't even know it was 64-bits.http://www.autoitscript.com/forum/index.ph...st&p=651357Thx all!*edit - oops referenced wrong thread at first Edited March 2, 2009 by ascendant My contributions: Performance Counters in Windows - Measure CPU, Disk, Network etc Performance | Network Interface Info, Statistics, and Traffic | CPU Multi-Processor Usage w/o Performance Counters | Disk and Device Read/Write Statistics | Atom Table Functions | Process, Thread, & DLL Functions UDFs | Process CPU Usage Trackers | PE File Overlay Extraction | A3X Script Extract | File + Process Imports/Exports Information | Windows Desktop Dimmer Shade | Spotlight + Focus GUI - Highlight and Dim for Eyestrain Relief | CrossHairs (FullScreen) | Rubber-Band Boxes using GUI's (_GUIBox) | GUI Fun! | IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) | Magnifier (Vista+) Functions UDF | _DLLStructDisplay (Debug!) | _EnumChildWindows (controls etc) | _FileFindEx | _ClipGetHTML | _ClipPutHTML + ClipPutHyperlink | _FileGetShortcutEx | _FilePropertiesDialog | I/O Port Functions | File(s) Drag & Drop | _RunWithReducedPrivileges | _ShellExecuteWithReducedPrivileges | _WinAPI_GetSystemInfo | dotNETGetVersions | Drive(s) Power Status | _WinGetDesktopHandle | _StringParseParameters | Screensaver, Sleep, Desktop Lock Disable | Full-Screen Crash Recovery Wrappers/Modifications of others' contributions: _DOSWildcardsToPCRegEx (original code: RobSaunder's) | WinGetAltTabWinList (original: Authenticity) UDF's added support/programming to: _ExplorerWinGetSelectedItems | MIDIEx UDF (original code: eynstyne) (All personal code/wrappers centrally located at Ascend4nt's AutoIT Code) Link to comment Share on other sites More sharing options...
Manko Posted March 2, 2009 Share Posted March 2, 2009 Manko, nice job! Kudos =)But don't expect this CPU usage measurer to come out too soon hehe.. I'd rather not have to get *all* processes to find out the usage for 1 process.. there must be a simpler way no? I'll need to mess around with things to see what I can come up withThanks!Well, internally, windows works with linked lists of all kinds, and exports functions that goes through lists and delivers wanted instances...When that doesn't work, (functions don't exist or there are limitations) we have to go through lists ourselves, but that would be MUCH faster in C++ or straight assembler... Either we make dlls or authors of Autoit could code them... OR, we live with speedissues...But when functions already exists and can be made to deliver, that is certainly a relief.Hope you make it!! /Manko Yes i rush things! (I sorta do small bursts inbetween doing nothing.) Things I have rushed and reRushed:* ProDLLer - Process manager - Unload viri modules (dll) and moore...* _WinAPI_ProcessListOWNER_WTS() - Get Processes owner list...* _WinAPI_GetCommandLineFromPID() - Get commandline of target process...* _WinAPI_ThreadsnProcesses() Much info if expanded - optional Indented "Parent/Child"-style Processlist. Moore to come... eventually... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now