AHK Process Explorer
AHK implementation for Process Explorer / Taskmanager
EXPERIMENTAL - USE AT YOUR OWN RISK
Source (2017-10-20)
Class_ProcessExplorer.ahk (GitHub)
Examples
todo
Features (Function Lists)
- AdjustTokenPrivileges
- CloseHandle
- CreateToolhelp32Snapshot
- EnumProcessModulesEx
- GetModuleBaseAddr
- GetModuleFileNameEx
- GetPerformanceInfo
- GetPriorityClass
- GetProcessImageFileName
- GetProcessMemoryInfo
- GetProcessModules
- GetProcessName
- GetProcessThreads
- GetTickCount64
- GetTokenInformation
- GlobalMemoryStatusEx
- IsProcessCritical
- IsProcessElevated
- LookupAccountSid
- LookupPrivilegeValue
- Module32First
- Module32Next
- OpenProcess
- OpenProcessToken
- OpenThread
- Process32First
- Process32Next
- QueryFullProcessImageName
- SetDebugPrivilege
- Thread32First
- Thread32Next
- WTSEnumerateProcessesEx
- WTSFreeMemoryEx
Todo
- CPU usage
- CPU usage / process
- some other useful infos
Questions / Bugs / Issues
If you notice any kind of bugs or issues, report them here. Same for any kind of questions.
Copyright and License
MIT License
Process Explorer
Process Explorer
[AHK] v2.0.5 | [WIN] 11 Pro (Version 22H2) | [GitHub] Profile
Re: Process Explorer
Nice one!!!
maybe add command Line column to show what command line the process is using i normally like to see that too
maybe add command Line column to show what command line the process is using i normally like to see that too
-
- Posts: 463
- Joined: 24 Jan 2014, 22:28
Re: Process Explorer
It would also be cool to see disk and network usage. And a column that shows which process is running elevated.
-
- Posts: 184
- Joined: 01 Dec 2015, 05:13
- Location: Germany
Looks good, but the same Name as the Microsoft Product, is that a good Idea?
https://technet.microsoft.com/en-us/sys ... 96653.aspx
https://technet.microsoft.com/en-us/sys ... 96653.aspx
Greetings Best-Code-in-Use
Re: Process Explorer
Are you going to add more tools to it such as process suspension, reducing process priority etc. like the real Process Explorer (or Process Hacker, which is even better)?
Here's some code example for suspending calc.exe, maybe it'll help:
Here's some code example for suspending calc.exe, maybe it'll help:
Spoiler
YOU'RE NOT ALEXANDER
Re: Process Explorer
Since I got no time atm to work on it, I post the link to the beta source in top post.
Todo:
- WTSEnumerateProcessesEx 32-Bit (atm just 64-Bit works)
- GetProcessTimes
Feel free to work on / improve this project and / or add new features.
Post here what you got and maybe, if I got the time, I will add them into the main project.
Todo:
- WTSEnumerateProcessesEx 32-Bit (atm just 64-Bit works)
- GetProcessTimes
Feel free to work on / improve this project and / or add new features.
Post here what you got and maybe, if I got the time, I will add them into the main project.
[AHK] v2.0.5 | [WIN] 11 Pro (Version 22H2) | [GitHub] Profile
Re: Process Explorer
Hi, How to obtain the "CommandLine"?
AND, Now it seems to be unable to work. WIN8-64 L1-32
AND, Now it seems to be unable to work. WIN8-64 L1-32
Re: Process Explorer
lol good job:D
Re: Process Explorer
Source completely rewritten!
[AHK] v2.0.5 | [WIN] 11 Pro (Version 22H2) | [GitHub] Profile
Re: Process Explorer
Hello, do you know a "faster" alternative to get a process command line than below?
Code: Select all
For process in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_Process where ProcessId=" pid)
Return, process["CommandLine"]
Re: Process Explorer
[AHK] v2.0.5 | [WIN] 11 Pro (Version 22H2) | [GitHub] Profile
Re: Process Explorer
If you want only a specific field, then dont use "SELECT * FROM". Better use "SELECT ProcessId, CommandLine FROM"c7aesa7r wrote: ↑17 May 2022, 15:20Hello, do you know a "faster" alternative to get a process command line than below?
Code: Select all
For process in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_Process where ProcessId=" pid) Return, process["CommandLine"]
Re: Process Explorer
@KruschenZ could you give a working example? i didnt understand how to correctly fill it like you mentioned
Re: Process Explorer
Sure
Code: Select all
For process in ComObjGet("winmgmts:").ExecQuery("Select ProcessId, CommandLine from Win32_Process where ProcessId=" pid)
Return, process["CommandLine"]
Re: Process Explorer
I'm using this function to constantly check for two specific processes, to detect when new ones are created or older ones are closed
with a delay of just 300ms its using 0,4% of CPU (i9990k) do you think there's another alternative that could use less resource?
with a delay of just 300ms its using 0,4% of CPU (i9990k) do you think there's another alternative that could use less resource?
Code: Select all
GetProc(proc, proc2:="") {
; WTSEnumerateProcessesEx()
; https://www.autohotkey.com/boards/viewtopic.php?t=19323
static hWTSAPI := DllCall("LoadLibrary", "str", "wtsapi32.dll", "ptr")
If !(DllCall("wtsapi32\WTSEnumerateProcessesEx", "ptr", 0, "uint*", 0, "uint", -2, "ptr*", buf, "uint*", TTL))
Throw Exception("WTSEnumerateProcessesEx failed", -1)
addr := buf
arr := {}
arr[proc] := []
arr[proc2] := []
Loop %TTL% {
ProcessName := StrGet(NumGet(addr+8, "ptr"))
If (ProcessName = proc) or (ProcessName = proc2) {
PID := NumGet(addr+4, "uint")
arr[ProcessName].Push(PID)
}
addr += 8 + (A_PtrSize * 2)
}
If !(DllCall("wtsapi32\WTSFreeMemoryEx", "int", 0, "ptr", buf, "uint", TTL))
Throw Exception("WTSFreeMemoryEx failed", -1)
Return arr
}
Re: Process Explorer
You could try (and / or modify) this: viewtopic.php?p=335596#p335596
[AHK] v2.0.5 | [WIN] 11 Pro (Version 22H2) | [GitHub] Profile
Re: Process Explorer
I couldn't find any mention in your Process Explorer lib about ParentProcessId, would like to ask if you or maybe @teadrinker (someone else also welcome ) know any faster method than:
Code: Select all
pid:=5984
for process in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_Process where ProcessId=" pid)
parent:=process["ParentProcessId"]
msgbox % parent
-
- Posts: 4365
- Joined: 29 Mar 2015, 09:41
- Contact:
Re: Process Explorer
Code: Select all
GetProcessParent(PID) {
static MAX_PATH := 260, TH32CS_SNAPPROCESS := 2
hSnap := DllCall("CreateToolhelp32Snapshot", "UInt", TH32CS_SNAPPROCESS, "UInt", 0, "Ptr")
VarSetCapacity(PROCESSENTRY32, sz := 4*7 + A_PtrSize*2 + MAX_PATH << !!A_IsUnicode, 0)
NumPut(sz, PROCESSENTRY32, "UInt")
DllCall("Process32First", "Ptr", hSnap, "Ptr", &PROCESSENTRY32)
Loop {
if NumGet(PROCESSENTRY32, 4*2, "UInt") = PID {
ParentPID := NumGet(PROCESSENTRY32, 4*4 + A_PtrSize*2, "UInt")
break
}
} until !DllCall("Process32Next", "Ptr", hSnap, "Ptr", &PROCESSENTRY32)
DllCall("CloseHandle", "Ptr", hSnap)
Return ParentPID
}
Re: Process Explorer
Thank you teadrinker and jNizM!!! always helping a lot.
What other information is available using this method?
The comobj method is very slow, and even more slow when you have a lot of process open.
What other information is available using this method?
Code: Select all
ParentPID := NumGet(PROCESSENTRY32, 4*4 + A_PtrSize*2, "UInt")
-
- Posts: 4365
- Joined: 29 Mar 2015, 09:41
- Contact:
Re: Process Explorer
You can see here: PROCESSENTRY32
Return to “Scripts and Functions (v1)”
Who is online
Users browsing this forum: kaka2 and 49 guests