Finding and Killing NT Processes

Wilson WindowWare Tech Support

WinBatch WinBatch+Compiler WebBatch
Home | Tech Database | Tech BBS | White Papers | Purchase

Finding and Ending NT Processes
Keywords:   kill terminate processes
Question:
Are there any WinBatch routines which will allow me to determine if a particular process is running in NT and if it is there, then end it? We are having some problems (not related to WinBatch) and we are having to constantly load up the NT task manager to terminate a process.
AppExist works for applications fine but I was looking for something that looks at the NT system processes like WinLogon.Exe, FindFast.Exe, etc.
Answer:
In the new 98 version, IntControl 56 can shoot a process.
The following snippet of code will help you identify what processes are associated with what EXEs, then you can use the IntControl(56...) to shoot them).
a=WinItemize( )
count=ItemCount(a,@tab)

For i=1 to count
   win=ItemExtract(i,a,@tab)
   b=WinExeName(win)
   message(win,b)
Next
OR
Try our Process extender functions.
NOTES: Windows NT/2000: The handle must have PROCESS_TERMINATE access.
** Use this function only in extreme circumstances.**
The tKillProc function is used to unconditionally cause a process to exit. The state of global data maintained by dynamic-link libraries (DLLs) may be compromised if tKillProc is used rather than WinClose.
tKillProc causes all threads within a process to terminate, and causes a process to exit, but DLLs attached to the process are not notified that the process is terminating.
Terminating a process causes the following:

All of the object handles opened by the process are closed.
All of the threads in the process terminate their execution.
The state of the process object becomes signaled, satisfying any threads that had been waiting for the process to terminate.
The states of all threads of the process become signaled, satisfying any threads that had been waiting for the threads to terminate.
The termination status of the process changes from STILL_ACTIVE to the exit value of the process.
Terminating a process does not cause child processes to be terminated.
Terminating a process does not necessarily remove the process object from the system. A process object is deleted when the last handle to the process is closed.

Example:
Addextender("wproc34i.dll")
run("notepad.exe","")

count=tCountProc()
proclist=tlistproc()
killapp=askitemlist("*** Choose Notepad from the list ***",proclist,@TAB,@unsorted,@single)
procname=itemextract(1,killapp,"|")
procid=itemextract(2,killapp,"|")

if Procid!=""
   hProcess=tOpenProc(procid,3);PROCESS_TERMINATE
	if hProcess
	   tKillProc(hProcess)
		tcloseproc(hProcess)  
	   Message("tKillProc","%procname% is terminated")
	endif
else
  Message("tKillProc","Need a valid process id")

endif
Article ID:   W13263
Filename:   Finding and Killing NT Processes.txt