2

I'm ultimately looking for a way to set up an automated alert that will warn me if a process's GDI Object count is approaching the default 10,000 limit. I have a known issue with some software our company uses that causes explorer.exe to have the count build up until it crashes without warning - there's apparently a fix for this in a later version of the software, but we cannot upgrade for reasons beyond my control. My idea is to create a background program/script that will pop up an alert when it sees a GDI count approaching the 10,000 limit. However, the only ways I can seem to view the GDI count is through a GUI either in task manager or Process Explorer - if I could somehow just dump that to a text file automatically I'd be set, but I don't know if that's possible.

I've tried the GDIView software, but our company Antivirus flags it and that is outside my control.

I've downloaded sysinterals, but I can't figure out any way to get one of the command line tools to echo the GDI count I can get in Process Explorer. I've also tried tasklist, but similarly can't find a way to get GDI count out of it.

For reference, I'm on a Windows 10 machine here. I also have the linux subsystem enabled and have the ability to run Ubuntu through that. I am open to doing something in batch or python if that's of any use - though it seems powershell is blocked from running scripts (I might be able to get around that though).

Ian McKenzie
  • 23

1 Answers1

1

I found a small section of Powershell code that will give you the per process count by Rudolf at Getting GDI object count per process in Powershell

"Number of GUI handles per process"
$sig = @'
[DllImport("User32.dll")]
public static extern int GetGuiResources(IntPtr hProcess, int uiFlags);
'@

Add-Type -MemberDefinition $sig -name NativeMethods -namespace Win32

$processes = [System.Diagnostics.Process]::GetProcesses()
[int]$gdiHandleCount = 0
ForEach ($p in $processes)
{
    try{
        $gdiHandles = [Win32.NativeMethods]::GetGuiResources($p.Handle, 0)
        $gdiHandleCount += $gdiHandles
        $p.Name + " : " + $gdiHandles.ToString()   
    }
    catch {
        #"Error accessing " + $p.Name
    }
}
"Total number of GDI handles " + $gdiHandleCount.ToString()

It should be possible to modify the commands within the try ... Catch statement to add an if statement that matches your explorer name and posts a message box.

Mokubai
  • 95,412