Jump to content
Ascend4nt

Performance Counters in Windows - Measure Process, CPU, Network, Disk Usage

Recommended Posts

Hello,

I have been using this almost for a year now and it worked perfect since i had to upgrade to IE8.

I was using ie7 before.

I made a funtion so i could sleep the macro when IE process is more than 20, it was working very very nice.

But now with IE8 it just continues.

Did something change in IE 8 ?

Thanks in advance

#include <_PDH_ProcessCounters.au3>
#include <clipboard.au3>
#Include <Excel.au3>
#Include <Array.au3>
#Include <File.au3>
;   --------------------    HOTKEY FUNCTION & VARIABLE --------------------
Global $bHotKeyPressed=False
Func _EscPressed()
    $bHotKeyPressed=True
EndFunc
;   --------------------    MAIN PROGRAM CODE   --------------------
HotKeySet("{Esc}", "_EscPressed")
_PDH_Init()
Local $poCounter,$hSplash,$sProcess,$iProcessID
Local $iCounterValue,$sSplashText,$iTemp
ShellExecute ("iexplore.exe")
sleep (7000)
$sProcess="iexplore.exe"     ; change to "autoit3_x64.exe" for 64-bit process :)
$PID = ProcessExists($sProcess)
$iProcessID=$PID
$poCounter=_PDH_ProcessObjectCreate($sProcess,$iProcessID)
_PDH_ProcessObjectAddCounters($poCounter,6) ; "% Processor Time"
;~ ; successful? Then enter loop
Func _sleepUntilXX()
If @error=0 And IsArray($poCounter) Then
    $iCounterValue=Round(_PDH_ProcessObjectUpdateCounters($poCounter,0)/$_PDH_iCPUCount)
    Do
        Sleep(200)
        $iCounterValue=_PDH_ProcessObjectUpdateCounters($poCounter,0)
        If @error=32 Then ExitLoop    ; Process can no longer be found \\istanbul-svr-01\production\BrioRpt\asp\5519_capacity_report_short.bqy
        $iCounterValue=Round($iCounterValue/$_PDH_iCPUCount)
   If $iCounterValue > 20 Then
    Sleep (1000)
   EndIf
    Until $iCounterValue = 0
EndIf
EndFunc
If FileExists("C:\Documents and Settings\aozben\Desktop\Cap Rep\*.xls") Then
FileDelete("C:\Documents and Settings\aozben\Desktop\Cap Rep\*.xls")
EndIf
_ClipBoard_SetData ("\\istanbul-svr-01\production\BrioRpt\asp\5519_capacity_report_short.bqy")
Send ("{Tab}")
send ("^v")
send ("{enter}")
WinWaitActive ("\\istanbul-svr-01\production\BrioRpt\asp\5519_capacity_report_short.bqy - Windows Internet Explorer")
ControlClick("\\istanbul-svr-01\production\BrioRpt\asp\5519_capacity_report_short.bqy - Windows Internet Explorer", "", "List12")
Send ("{down 10}")
Sleep (1000)
ControlClick("\\istanbul-svr-01\production\BrioRpt\asp\5519_capacity_report_short.bqy - Windows Internet Explorer", "", "List4")
Send ("{down}")
sleep (1000)
Send ("^a")
sleep (1000)
ControlClick("\\istanbul-svr-01\production\BrioRpt\asp\5519_capacity_report_short.bqy - Windows Internet Explorer", "", "StdBtn25")
Sleep(2000)
_sleepUntilXX()
Sleep(5000)

Share this post


Link to post
Share on other sites

As of IE8 the browser might start more than one process (take a look at the task-manager). You have to adjust you script to monitor for all process related to the IE instance you want to monitor or alternativly turn of the new behavior in IE itself by tweaking a reg-key (untested, and thinking about it also unrecommended).

Share this post


Link to post
Share on other sites

I must be very giving :blink:

Here's something that monitors multiple instances, and also monitors for new and killed ones:

Example #2: % CPU Usage for Multiple Instances

#include <Array.au3>
#include <_PDH_ProcessCounters.au3>

; --------------------  HOTKEY FUNCTION & VARIABLE --------------------

Global $bHotKeyPressed=False

Func _EscPressed()
    $bHotKeyPressed=True
EndFunc

; --------------------  WRAPPER FUNCTION --------------------

Func _PDH_ProcessObjectGetPID($poCounter)
    If Not IsArray($poCounter) Then Return SetError(1,0,0)
    Return $poCounter[0][3]
EndFunc

; --------------------  MAIN PROGRAM CODE --------------------

HotKeySet("{Esc}", "_EscPressed")

_PDH_Init()
Local $hSplash,$sSplashText,$sProcess,$iBadCounters=0
Local $aProcesses,$aCounters,$iTemp,$iProcIndex,$iTotal,$iLastPID=0,$iCounterValue

$sProcess="chrome.exe"
$aProcesses=ProcessList($sProcess)
$iTotal=$aProcesses[0][0]
If @error Or $iTotal=0 Then Exit _PDH_UnInit()

MsgBox(0, "Process count",$iTotal,1)

Dim $aCounters[$iTotal] ; Hold the counters in the array

; Create all the process counters
For $i = 0 to $iTotal-1
    $aCounters[$i]=_PDH_ProcessObjectCreate($sProcess,$aProcesses[$i+1][1])
    If @error Then $iBadCounters+=1
    _PDH_ProcessObjectAddCounters($aCounters[$i],6) ; "% Processor Time"
Next
$iLastPID=$aProcesses[$i][1]

; at least some good counters? Then enter loop
If $iBadCounters<>$iTotal Then
    $hSplash=SplashTextOn("'"&$sProcess&"' Processes Info","",360,160,Default,Default,16)
    Do
        ; Check for new processes
        $aProcesses=ProcessList($sProcess)
        If @error Or $aProcesses[0][0]=0 Then ExitLoop
        ; If more processess than we currently have, or last PID doesn't match, we better add new ones
        ;   (note: terminated ones are caught elsewhere
        If $aProcesses[0][0]>$iTotal Or $aProcesses[$aProcesses[0][0]][1]<>$iLastPID Then
            $iTemp=$aProcesses[0][0]
            ; Move backwards to find a PID that matches up
            For $iTemp=$aProcesses[0][0] To 1 Step -1
                If $iLastPID=$aProcesses[$iTemp][1] Then
                    $iProcIndex=$iTemp+1    ; set location in ProcessList where to start adding new counters from (1 past match)
                    ; Found a match, now to calculate how many new Counters to add
                    $iTemp=$aProcesses[0][0]-$iTemp
                    If $iTemp<=0 Then ExitLoop
                    ; Resize the array to accomomodate the new counters
                    ReDim $aCounters[$iTotal+$iTemp]
                    ; Add in the new counters
                    For $i=$iTotal To $iTotal+$iTemp-1
                        $aCounters[$i]=_PDH_ProcessObjectCreate($sProcess,$aProcesses[$iProcIndex][1])
                        _PDH_ProcessObjectAddCounters($aCounters[$i],6) ; "% Processor Time"
                        $iProcIndex+=1
                    Next
                    $iTotal+=$iTemp
                    ConsoleWrite("New Counters added, new Total:"&$iTotal&@CRLF)
                    ExitLoop
                EndIf
            Next
        EndIf
        $sSplashText=""
        ; Update all Process counters
        $i=0
        Do
            $iCounterValue=_PDH_ProcessObjectUpdateCounters($aCounters[$i],0)
            If @error=1 Or @error=32 Then
                ConsoleWrite("Process died. removing. New total:"&$iTotal-1&@CRLF)
;~              _PDH_ProcessObjectDestroy($aCounters[$i])   ; it's dead, and already destroyed if @error=1 or =32
                _ArrayDelete($aCounters,$i) ; Shift the array contents around
                $iTotal-=1  ; 1 less!
                $i-=1       ; to compensate for the upcoming increment
                If $iTotal=0 Then ExitLoop 2    ; did they all die!?
            Else
                If Not @error Then $iCounterValue=Round($iCounterValue/$_PDH_iCPUCount)
                $sSplashText&="PID #"&_PDH_ProcessObjectGetPID($aCounters[$i])&" = "&$iCounterValue&"% CPU Usage"&@CRLF
            EndIf
            $i+=1
        Until $i=$iTotal
        $iLastPID=_PDH_ProcessObjectGetPID($aCounters[$iTotal-1])
        $sSplashText&="[Esc] exits"
    ControlSetText($hSplash,"","[CLASS:Static; INSTANCE:1]",$sSplashText)
    #cs
        If 1 Then
            $aProcesses=ProcessList($sProcess)
            Dim $aTemp[$aProcesses[0][0]+1][2]
            $iTemp=0
            $aTemp[0][0]="ProcessList"
            $aTemp[0][1]="CounterList"
            For $i=1 To $aProcesses[0][0]
                $aTemp[$i][0]=$aProcesses[$i][1]
                If $iTemp<$iTotal Then $aTemp[$i][1]=_PDH_ProcessObjectGetPID($aCounters[$iTemp])
                $iTemp+=1
            Next
            _ArrayDisplay($aTemp,"List compare")
        EndIf
#ce
        Sleep(100)
    Until $bHotKeyPressed Or $iTotal=0
    WinClose($hSplash)
EndIf

; Destroy all the Process counters
For $i = 0 to $iTotal-1
    $aCounters[$i]=_PDH_ProcessObjectDestroy($aCounters[$i])
Next

_PDH_UnInit()

*edit 2nd time: wow, major logic errors. I made adjustments where necessary, and left a chunk of 'debug' code in just for the sake of it (I needed something to pause the loop and let me add/remove processes while making sure PID's synched up)

Could someone give some guidance on how to do this on a remote server?

Thanks!

Share this post


Link to post
Share on other sites

I don't think it can be done, ProcessList (which that example script uses extensively) only works on the local machine. If you can figure out how to get the process list from a remote machine, and save it to an array, it might just be possible.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

I'm trying to use this on a Win2008R2 server with a total of 80 cores. It's coming back with idle of anything from 130% to 390%. Any ideas?

Share this post


Link to post
Share on other sites

I'm trying to use this on a Win2008R2 server with a total of 80 cores.

Oh sure, make all us other 4-core PC users feel inferior! You CPU stud!

*frowns looking down at my small 4-core CPU*

ehe.. anyway, it appears to be that some calculation is off in the code. It should automatically adjust for the # of CPU's on your system. However, lets check that the code is actually reporting the right value. Here, try this little code snippet and tell me what it reports:

Local $stSystemInfo=DllStructCreate("ushort;short;dword;ptr;ptr;ulong_ptr;dword;dword;dword;short;short")
; If we are running in 32-bit mode on a 64-bit OS, we need to call a different API function
If Not @AutoItX64 And @OSArch<>"X86" Then
DllCall("kernel32.dll","none","GetNativeSystemInfo","ptr",DllStructGetPtr($stSystemInfo))
Else
DllCall("kernel32.dll","none","GetSystemInfo","ptr",DllStructGetPtr($stSystemInfo))
EndIf
If @error Then Exit -1

ConsoleWrite("# of Processors per GetSystemInfo = " & DllStructGetData($stSystemInfo, 7) & @CRLF)
ConsoleWrite("# of Processors in Environment Var = " & EnvGet("NUMBER_OF_PROCESSORS") & @CRLF)

Share this post


Link to post
Share on other sites

It's definitely screwy.... I ran it twice back to back and got different answers. The first time I got 20, second time I got 60. This is on Win2008R2 and compiled as 64 bit exe.

Share this post


Link to post
Share on other sites

It's definitely screwy.... I ran it twice back to back and got different answers. The first time I got 20, second time I got 60. This is on Win2008R2 and compiled as 64 bit exe.

Huh.. At first I thought maybe you were stretching the truth about an 80 processor system. But what you say seems pretty consistent with the way the system would handle a system with more than 64 logical processors. It has only become a possibility with Windows 7 and 2008R2 (and up) 64-bit O/S's

So, with more than 64 processors, Windows splits these processors up into groups of 64 or less, and then allows processes to run on only one group at a time. The original limit of 64 processors, and 64-bit processor affinity would become problematic, among other things, if Windows didn't do otherwise. So unless you execute the process in a certain way, you won't have control of which group it runs on. And of course the traditional method of getting # of processors only works in relation to the current GROUP of processors that the process has been assigned to.

Luckily, for processes that absolutely NEED to know about ALL the processors (and groups) on the system, Windows 7 & 2008R2 introduced a new set of API calls, one of which should do exactly what we are looking for - get the total # of logical processors for ALL groups. The following should work correctly for you:

; ALL_PROCESSOR_GROUPS = 0xFFFF
Local $aRet = DllCall("kernel32.dll", "dword", "GetActiveProcessorCount", "word", 0xFFFF)
ConsoleWrite("Number of Active processors = " & $aRet[0] & @CRLF)

I've already modified my PDH_Init function to attempt that call first, which should fix your problem. In fact, I just noticed that I hadn't uploaded the latest version of my PDH Performance Counters (from 6/2011), so I should see about repackaging and updating the whole thing. But first I'd like to hear back from you confirming that the above AutoIt code actually gives you the total # of processors that are on your system.

And for reference, here are some good resources (MSDN of course):

Processor Groups (Windows)

What's New in Processes and Threads (Windows)

Thanks!

Edited by Ascend4nt

Share this post


Link to post
Share on other sites

Yep, I wasn't kidding about the 80 procs. I've got some big toys to play with. :idiot:

That looks much better.

# of Processors per GetSystemInfo = 60

# of Processors in Environment Var = 60

Number of Active processors = 80

Edited by skreien

Share this post


Link to post
Share on other sites

Sorry for the late update, I migrated to a SSD drive (wee!).

Anyway, this update addresses the 64+ CPU problem, as well as updates from June of last year! (oops). The previous updates addressed major Microsoft PDH.dll issues:

10/12/2012:

- Fix: For systems with >64 processors, wrong results were returned for the # of CPU's. A new test is run using 'GetActiveProcessorCount' (Win7+/2008R2+) to get the total number of logical processors in ALL processor groups

6/2/2011:

- MS Bugs found: _PDH_BrowseCounters() on Win7 causes around 40 DLL's to STAY loaded after the API call. Plus, reference count to PDH.DLL is increased by 2.

Workaround: Don't use this function unless ABSOLUTELY necessary!

However, using _PDH_ReloadDLL() can cut down on the # of DLL's that are loaded (to around 10 on my system) but note that subsequent calls to _PDH_BrowseCounter() will be slower!

- Added: _PDH_ReloadDLL(). I found a bug with these API calls (Win2000->Win7):

* PdhExpandWildCardPath [_PDH_GetCounterList()]

* PdhValidatePathW [_PDH_ValidatePath()]

Neither of the above recognize new object instances unless PDH.DLL is unloaded! Hence, _PDH_ReloadDLL() is there to fix this issue.

*NOTE: Use of this will cause subsequent _PDH_BrowseCounters() call's to take a long time to load, unless previous calls weren't made.

- Added: Internal function __PDH_ForceFreeDLL() -> to support _PDH_ReloadDLL(), and maybe fix 'Browse Counters Dialog' problems in the future

- Changed: TestPDH_PerformanceCounters() now calls _PDH_ReloadDLL() to allow it to 'see' new instances when Manual Entry is used.

- Changed: TestPDH_PerformanceCounters() now recognizes all-counters-dead scenarios.

- Fix: _PDH_GetCounterInfo() on Win2000 was broken.

- Fix: _WinTime_Format* functions handling of Milliseconds - was padding to 4 character instead of 3 characters long (Thx Joakim)


Share this post


Link to post
Share on other sites

I compiled the testpdh_cpuusage.au3 after downloading the newest version and tried it on my big server... it still reports the wrong cpu count. It's coming back with 32 and 20 CPU's on back to back runs.

Share this post


Link to post
Share on other sites

skreien, that's quite odd that you are getting 32 and 20 now.. you said you had 80 processors, which would have led me to believe you'd get some balance between instantiations that equals out to 80. Perhaps Windows is now splitting up the processor groups into more than 2 for your machine? That'd be quite interesting.. hmm

Okay, well, I've checked out the module in question (testpdh_cpuusage.au3), and I see that it uses a wildcard to collect information on all processors. The fact that the API call is returning less than 80 processors indicates to me that this is a limitation of the PDH module. This can't really be 'fixed' in my code, not without jumping through hoops and creating new processes that intentionally run on other processor groups. (The issue that I *did* fix with the last update was the per-process CPU usage calculation, which should reflect what Task Manager reports.)

As far as getting the overall CPU usage per processor, I believe the best method is to collect the kernel, user, and idle times for each processor, and then do calculations on every polling interval to determine what the current usage levels are. The problem is figuring out which of the new API functions to call to do this easily.. I was just poking around MSDN now and wound up with a bit of a headache! haha

Anyway, the general calculation can be seen in other example scripts on the forum. Here's a couple:
>Process CPU Usage - by Beege
>Function _ProcessGetCPU() - by Novatek

Also check out this CodeProject article (and the linked user reply):
Get CPU Usage with GetSystemTimes, 'The Way it's supposed to be...'

I hope that helps in some way.. my initial intention with code update was to address the 'Idle' process problem you had mentioned.. I hope that is at least fixed?

Thanks!

*update: See my >CPU Multi-Processor Usage w/o Performance Counters topic, which may or may not report for >64 processors (with Nt* based functions, its iffy if it follows Windows processor-groups logic or not)

Edited by Ascend4nt

Share this post


Link to post
Share on other sites

Hi,

Iv been using your work on performance counters for a long while now and have posted earlier on this thread with a problem i had but now i have more of a general question.

What im looking to do is to be able to get the network throughput (download and/or upload) but just for a specific process and possibly any children of that process.

I have been using Inetget() and Inetgetinfo() and a timer to calculate the download speed of test files in 0.5 sec intervals but since iv been using multiple threaded download tests iv started getting problems on rare occasions.

I do have a user option to use the network performance monitors instead of my internal measurements but there are drawbacks to both methods.

So im just looking for another method , if i could get a performance counter to monitor a single process's throughput rather than a network adapter it might be ideal. Is this possible ?

Cheers,

JD.


Thx all,Jack Dinn.

 

JD's Auto Internet Speed Tester

JD's Clip Catch (With Screen Shot Helper)

Projects :- AutoIt - My projects

My software never has bugs. It just develops random features. :-D

Share this post


Link to post
Share on other sites

I see IO Read/Write counters for individual processes, but they are a total of all I/O operations (file, network and device I/Os). I don't think you can get any more specific with network or I/O operations from Windows' Performance Counters, at least from what I can tell.


Share this post


Link to post
Share on other sites

hi, did not get any email notification for some reason , sorry bout that :-/

Yea iv spent ages trying to find a "magic bullet" for this one. Iv already got 2 options for the user because neither one is perfect.

The default is very basically :-

For $x = 1 To $mult_list[0]
                $locx = StringSplit($mult_list[$x], ",")
                $dling[$x] = InetGet($locx[1], @TempDir & "\test_" & $x & ".tst", 1, 1)
            Next

This starts the multiple downloads (multi-threaded)

Then this gets the throughput every half sec :-

For $x = 1 To $mult_list[0]
            $downloaded_so_far = InetGetInfo($dling[$x], 0)
            $downloaded += $downloaded_so_far
        Next

However this does not work 100% ,

Then theres the option to use your code for the performance counters which does work better but for some reason i get reports of "doubled" results i.e. the return from the adapter throughput measurement is twice what it should be both in and out , although this is only rarely reported but has been enough different people for me to leave the first measument option in for the users.

Iv recently tried using netstats -e but that is weird , i suppose i just dont understand it properly but i tested it on one of my win7 comps and it reported a download throughput four times higher than it really is ?

how i tested it :-

I enter netstat -e and get the Bytes recived

then i download a test file of 5MB

then i get netstat again and minus one from the other

on win7 Im getting 20MB but on xp i get 5MB

Iv tried 3 different methods there and had quick looks at some others but in 2 years iv not found one single method that approx 5% of people dont have a problem with.

o yea and Iv looked at winpcap , jess a bit to much for me xD


Thx all,Jack Dinn.

 

JD's Auto Internet Speed Tester

JD's Clip Catch (With Screen Shot Helper)

Projects :- AutoIt - My projects

My software never has bugs. It just develops random features. :-D

Share this post


Link to post
Share on other sites

I don't see why there would be doubled returns from Performance Counters, but I don't know which ones are being used and if there's wildcards being used etc. I suppose the reliability of the results given from performance providers could be questioned..


Share this post


Link to post
Share on other sites

This i great stuff. I will probably be using this alot! I have two quick questions.

1. Can I use this to track the CPU Frequency of the CPU? I want to create a simple program that tracks the CPU frequiency as it chnages trough diffrent workloads. However im having issues finding a simple way to track the current CPU frequency. ive tried WMI and using external programs. So far ive aloways been able to get the max frequncy. I want the frequency thats beeing displayed in perfmon.exe (PPM_processor_0 - frequency). Is it doable?

2. Id like to do more or less teh same think like the above, but with IOPS to tyhe physical HDD. Im doing this today with perfmon and and im recordning a blg file and then convert it to CSV. But i would like to automate the process. Any idees? Any help would be greatly appritiated. Thank you.

Share this post


Link to post
Share on other sites

I uesed this code from earlier in the thread and modified it to read CPU metrics:

#include <_PDH_PerformanceCounters.au3>
_PDH_Init(False, False)
$hPDH = _PDH_GetNewQueryHandle()
$hPDHCounter = _PDH_AddCounter($hPDH, "\ProcessorPerformance(PPM_Processor_0)\frequency")
_PDH_CollectQueryData($hPDH)
While Sleep(1000)
ToolTip("Processor Frequency: " & _PDH_UpdateCounter($hPDH, $hPDHCounter, "", False))
WEnd
_Exit()
Func _Exit()
_PDH_FreeQueryHandle($hPDH)
_PDH_UnInit()
Exit
EndFunc

The strange thing is. When i use: "ProcessorPerformance(PPM_Processor_0)frequency" i get an error:

PdhAddCounterW error [path:'ProcessorPerformance(PPM_Processor_0)percentage'], return:C0000BB8

PdhCollectQueryData error, return:800007D5

But if u use: "Processor(_Total)% Idle Time" it works great.

But i need the processor frequency :(

Anyone have any idees?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • By jresine
      Hello, is it possible to know via a script or command, to have the percentage of disk usage of a process? thank you in advance.
      ps: see image

    • By Raywando
      Hello,
      This is my first post. So I’ve worked on a script for a while and I’m planning to publish it but the problem is that it connects to an FTP server at some point, and as you probably know FTP credentials are easily captured by a MITM attack or Wireshark (not sure if Wireshark does). So I thought if i can detect data capturing in the user’s network the script would stop. Any idea?.
      If there’s another workaround I’m happy to hear it. 
    • By Miliardsto
      I want to detect if exact process or window uses directx or opengl or maybe something else library used in applications.
      Thats becouse there could be many windows with same names and different names and the same with process. I got so much process names I want to my script works with all, so i want standardize.
      All of this processes uses DirectX or OpenGL so then If I check this window/process uses these libraries I will be sure thats the right process
    • By TryWare90Days
      I'm trying to kill a malware process, that I can't remove with my www.sophus.com/hom antivirus.

      The malware is known as coinminer,config and my Sophus only creates popups of blocking the malware.

      I know that the malware is constantly launching a svchost *32.exe processes, where the svchost.exe processes are from my Windows 7 operating system.
      I have with no luck tried to do this:
      Global $_bStatus = False
      While $_bStatus = False
                 Global $_iPid
                 Global $_sActiveTitleNew = "svchost *32.exe"
                 $_iPid = WinGetProcess($_sActiveTitleNew)
                 If $_iPid <> -1 Then $_bStatus = ProcessClose($_iPid)   
      Wend
      EXIT
       
      But the $_iPid doesn't ever show anything else than  -1, even if I can see the svchost *32.exe process in my TaskManager
       
      YES - I know I shouldn't EXIT after killing the first malware detection, but it is easier to explain the above for you, so I can get a solution.
    • By JoeWagner
      I'm building a tool to remotely monitor CPU usage on my server.
      I have a working tool but I have a few issues I'd like some help with.
      1. The app uses more system memory on a continual growth rate...  It eventually starts displaying strange artifacts and the background flashes between black and and white behind the GDI+ elements.  I determined this couldn't be left to run for any amount of time (greater than 15-20 minutes) - Very frustrating.
      I suspect it's because it keeps drawing new GDI+ elements to replace the previous cycle ... the $bar1 = "" is enough to remove the image and allow the new image to be drawn there, but I don't have a handle for the original GDI+ element to throw it away... Not sure where they go...
      I also suspect there could be a better way to do what I'm doing here, but from a problem solving perspective - this is what I came up with - I will accept suggestions for how better to accomplish the same / better or acceptable results  
      I will not however accept corrections on grammar, punctuation or commenting - I didn't comment this as I was going, I use the variables that make sense to me (or as they were when I lifted them from the scraps I found on the internet) and you can never be too careful with punctuation.
      2. I have a WMI query that is used to remotely pull the CPU data from the server - if I supply the wrong credentials the app crashes... I tried to make it show an error and go back to allow me to try again ... doesn't work. Any help with catching that error and preventing the crash would be super helpful. (works great if the credentials are correct; domain or local)
       
      The whole thing below... 
      #include <Date.au3> #include <WindowsConstants.au3> #include <GuiConstantsEX.au3> #include <EditConstants.au3> #include <ButtonConstants.au3> #include <GDIPlus.au3> Global $__g_hGDIPDll Global $graph[21] Global $timer, $timeout = 500 Global $hFlag = 0 $timer = TimerInit() $main = GUICreate("CPU Graph", 125, 220, Default, Default, Default, BitOR($WS_EX_TOOLWINDOW, $WS_EX_TOPMOST)) $bar1 = GUICtrlCreatePic("", 10, 10, 5, 100) $bar2 = GUICtrlCreatePic("", 15, 10, 5, 100) $bar3 = GUICtrlCreatePic("", 20, 10, 5, 100) $bar4 = GUICtrlCreatePic("", 25, 10, 5, 100) $bar5 = GUICtrlCreatePic("", 30, 10, 5, 100) $bar6 = GUICtrlCreatePic("", 35, 10, 5, 100) $bar7 = GUICtrlCreatePic("", 40, 10, 5, 100) $bar8 = GUICtrlCreatePic("", 45, 10, 5, 100) $bar9 = GUICtrlCreatePic("", 50, 10, 5, 100) $bar10 = GUICtrlCreatePic("", 55, 10, 5, 100) $bar11 = GUICtrlCreatePic("", 60, 10, 5, 100) $bar12 = GUICtrlCreatePic("", 65, 10, 5, 100) $bar13 = GUICtrlCreatePic("", 70, 10, 5, 100) $bar14 = GUICtrlCreatePic("", 75, 10, 5, 100) $bar15 = GUICtrlCreatePic("", 80, 10, 5, 100) $bar16 = GUICtrlCreatePic("", 85, 10, 5, 100) $bar17 = GUICtrlCreatePic("", 90, 10, 5, 100) $bar18 = GUICtrlCreatePic("", 95, 10, 5, 100) $bar19 = GUICtrlCreatePic("", 100, 10, 5, 100) $bar20 = GUICtrlCreatePic("", 105, 10, 5, 100) $host = GUICtrlCreateInput("Host", 10, 115, 100, 20, $ES_AUTOHSCROLL) $user = GUICtrlCreateInput("User", 10, 140, 100, 20, $ES_AUTOHSCROLL) GUICtrlSetFont(-1, 8, 400) $pass = GUICtrlCreateInput("Pass", 10, 165, 100, 20, BitOR($ES_PASSWORD,$ES_AUTOHSCROLL)) GUICtrlSetFont(-1, 8, 400) $start = GUICtrlCreateButton("Start", 10, 190, 100, 20, $BS_DEFPUSHBUTTON) GUISetState() While 1 $msg = GUIGetMsg() If $msg = $GUI_EVENT_CLOSE Then ExitLoop If $msg = $start Then ConnectWMI() If $hFlag = 1 Then If TimerDiff($timer) > $timeout Then UpdateGraph() EndIf WEnd Func ConnectWMI() Global $hostname = GUICtrlRead($host) If Ping($hostname, 2000) = 0 Then Msgbox(0, "Error", "Unable to reach specified host") Return 0 EndIf Local $usr = GUICtrlRead($user) Local $pwd = GUICtrlRead($pass) Global $objSWbemLocator = ObjCreate("WbemScripting.SWbemLocator") Global $objWMIService = $objSWbemLocator.ConnectServer($hostname, "root\cimv2", $usr, $pwd) If @error Then Msgbox(0, "Error", "Unable to connect to the Host with the supplied credentials") Return 0 EndIf $hFlag = 1 UpdateGraph() EndFunc Func UpdateGraph() $usage = _Processor_Usage() For $i = 1 to 19 $graph[$i] = $graph[$i+1] Next $graph[20] = $usage GUICtrlSetImage($bar1, "") CreateBar($bar1, $graph[1]) GUICtrlSetImage($bar2, "") CreateBar($bar2, $graph[2]) GUICtrlSetImage($bar3, "") CreateBar($bar3, $graph[3]) GUICtrlSetImage($bar4, "") CreateBar($bar4, $graph[4]) GUICtrlSetImage($bar5, "") CreateBar($bar5, $graph[5]) GUICtrlSetImage($bar6, "") CreateBar($bar6, $graph[6]) GUICtrlSetImage($bar7, "") CreateBar($bar7, $graph[7]) GUICtrlSetImage($bar8, "") CreateBar($bar8, $graph[8]) GUICtrlSetImage($bar9, "") CreateBar($bar9, $graph[9]) GUICtrlSetImage($bar10, "") CreateBar($bar10, $graph[10]) GUICtrlSetImage($bar11, "") CreateBar($bar11, $graph[11]) GUICtrlSetImage($bar12, "") CreateBar($bar12, $graph[12]) GUICtrlSetImage($bar13, "") CreateBar($bar13, $graph[13]) GUICtrlSetImage($bar14, "") CreateBar($bar14, $graph[14]) GUICtrlSetImage($bar15, "") CreateBar($bar15, $graph[15]) GUICtrlSetImage($bar16, "") CreateBar($bar16, $graph[16]) GUICtrlSetImage($bar17, "") CreateBar($bar17, $graph[17]) GUICtrlSetImage($bar18, "") CreateBar($bar18, $graph[18]) GUICtrlSetImage($bar19, "") CreateBar($bar19, $graph[19]) GUICtrlSetImage($bar20, "") CreateBar($bar20, $graph[20]) $timer = TimerInit() EndFunc Func _Processor_Usage() Dim $Col_Items = $objWMIService.ExecQuery('SELECT * FROM Win32_PerfFormattedData_PerfOS_Processor', 'WQL') Local $Obj_Item For $Obj_Item In $Col_Items Return $Obj_Item.PercentProcessorTime Next EndFunc Func CreateBar($target, $value) Local $width=5, $height=2 _GDIPlus_Startup() $hImage = DLL_BitmapCreate($width, $height*50) $hGraphic = _GDIPlus_ImageGetGraphicsContext($hImage) _GDIPlus_GraphicsSetSmoothingMode($hGraphic, 2) ;100 If $value > 98 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF00F2F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 0, $width, $height, $hBrush) EndIf ;98 If $value > 96 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF0182C") _GDIPlus_GraphicsFillRect($hGraphic, 0, 2, $width, $height, $hBrush) EndIf ;96 If $value > 94 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF0212A") _GDIPlus_GraphicsFillRect($hGraphic, 0, 4, $width, $height, $hBrush) EndIf ;94 If $value > 92 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF02B28") _GDIPlus_GraphicsFillRect($hGraphic, 0, 6, $width, $height, $hBrush) EndIf ;92 If $value > 90 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF03426") _GDIPlus_GraphicsFillRect($hGraphic, 0, 8, $width, $height, $hBrush) EndIf ;90 If $value > 88 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF03E24") _GDIPlus_GraphicsFillRect($hGraphic, 0, 10, $width, $height, $hBrush) EndIf ;88 If $value > 86 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF04722") _GDIPlus_GraphicsFillRect($hGraphic, 0, 12, $width, $height, $hBrush) EndIf ;86 If $value > 84 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF05120") _GDIPlus_GraphicsFillRect($hGraphic, 0, 14, $width, $height, $hBrush) EndIf ;84 If $value > 82 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF05A1D") _GDIPlus_GraphicsFillRect($hGraphic, 0, 16, $width, $height, $hBrush) EndIf ;82 If $value > 80 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF0641B") _GDIPlus_GraphicsFillRect($hGraphic, 0, 18, $width, $height, $hBrush) EndIf ;80 If $value > 78 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF06D19") _GDIPlus_GraphicsFillRect($hGraphic, 0, 20, $width, $height, $hBrush) EndIf ;78 If $value > 76 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF07717") _GDIPlus_GraphicsFillRect($hGraphic, 0, 22, $width, $height, $hBrush) EndIf ;76 If $value > 74 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF08015") _GDIPlus_GraphicsFillRect($hGraphic, 0, 24, $width, $height, $hBrush) EndIf ;74 If $value > 72 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF08A13") _GDIPlus_GraphicsFillRect($hGraphic, 0, 26, $width, $height, $hBrush) EndIf ;72 If $value > 70 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF09311") _GDIPlus_GraphicsFillRect($hGraphic, 0, 28, $width, $height, $hBrush) EndIf ;70 If $value > 68 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF09311") _GDIPlus_GraphicsFillRect($hGraphic, 0, 30, $width, $height, $hBrush) EndIf ;68 If $value > 66 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFF09D0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 32, $width, $height, $hBrush) EndIf ;66 If $value > 64 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFECA20F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 34, $width, $height, $hBrush) EndIf ;64 If $value > 62 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFE8A80F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 36, $width, $height, $hBrush) EndIf ;62 If $value > 60 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFE5AD0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 38, $width, $height, $hBrush) EndIf ;60 If $value > 58 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFE1B30F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 40, $width, $height, $hBrush) EndIf ;58 If $value > 56 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFDEB80F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 42, $width, $height, $hBrush) EndIf ;56 If $value > 54 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFDABE0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 44, $width, $height, $hBrush) EndIf ;54 If $value > 52 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFD6C30F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 46, $width, $height, $hBrush) EndIf ;52 If $value > 50 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFCFCE0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 48, $width, $height, $hBrush) EndIf ;50 If $value > 48 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFCCD40F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 50, $width, $height, $hBrush) EndIf ;48 If $value > 46 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFC8D90F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 52, $width, $height, $hBrush) EndIf ;46 If $value > 44 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFC4DF0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 54, $width, $height, $hBrush) EndIf ;44 If $value > 42 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFC1E40F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 56, $width, $height, $hBrush) EndIf ;42 If $value > 40 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFBDEA0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 58, $width, $height, $hBrush) EndIf ;40 If $value > 38 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFBAF00F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 60, $width, $height, $hBrush) EndIf ;38 If $value > 36 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFBAF00F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 62, $width, $height, $hBrush) EndIf ;36 If $value > 34 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFADEF0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 64, $width, $height, $hBrush) EndIf ;34 If $value > 32 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFFA1EE0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 66, $width, $height, $hBrush) EndIf ;32 If $value > 30 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF94ED0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 68, $width, $height, $hBrush) EndIf ;30 If $value > 28 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF88ED0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 70, $width, $height, $hBrush) EndIf ;28 If $value > 26 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF7CEC0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 72, $width, $height, $hBrush) EndIf ;26 If $value > 24 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF6FEB0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 74, $width, $height, $hBrush) EndIf ;24 If $value > 22 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF63EA0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 76, $width, $height, $hBrush) EndIf ;22 If $value > 20 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF56EA0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 78, $width, $height, $hBrush) EndIf ;20 If $value > 18 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF56EA0F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 80, $width, $height, $hBrush) EndIf ;18 If $value > 16 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF4AE90F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 82, $width, $height, $hBrush) EndIf ;16 If $value > 14 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF3EE80F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 84, $width, $height, $hBrush) EndIf ;14 If $value > 12 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF31E70F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 86, $width, $height, $hBrush) EndIf ;12 If $value > 10 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF25E70F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 88, $width, $height, $hBrush) EndIf ;10 If $value > 8 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF18E60F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 90, $width, $height, $hBrush) EndIf ;8 If $value > 6 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF0CE50F") _GDIPlus_GraphicsFillRect($hGraphic, 0, 92, $width, $height, $hBrush) EndIf ;6 If $value > 4 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF00E510") _GDIPlus_GraphicsFillRect($hGraphic, 0, 94, $width, $height, $hBrush) EndIf ;4 If $value > 2 Then $hBrush = _GDIPlus_BrushCreateSolid("0xFF00E509") _GDIPlus_GraphicsFillRect($hGraphic, 0, 96, $width, $height, $hBrush) EndIf ;2 $hBrush = _GDIPlus_BrushCreateSolid("0xFF00E509") _GDIPlus_GraphicsFillRect($hGraphic, 0, 98, $width, $height, $hBrush) $hBitmap = _GDIPlus_BitmapCreateHBITMAPFromBitmap($hImage) GUICtrlSendMsg($target, 0x172, 0, $hBitmap) _WinAPI_DeleteObject($hBitmap) _GDIPlus_BrushDispose($hBrush) _GDIPlus_GraphicsDispose($hGraphic) _GDIPlus_ImageDispose($hImage) _GDIPlus_Shutdown() EndFunc ;==>_CreateBar Func DLL_BitmapCreate($width, $height) Local $aResult = DllCall($__g_hGDIPDll, "uint", "GdipCreateBitmapFromScan0", "int", $width, "int", $height, "int", 0, "int", 0x0026200A, "ptr", 0, "int*", 0) Return $aResult[6] EndFunc ;==>DLL_BitmapCreate  
       
×
×
  • Create New...