How to get a specific program from the task manager

Question

i want to get the process that is running with the GDI Object 157 using batch script command but not able to do so my script is tasklist /fi "gdiobject eq 157"

Answer 1

Read whole tasklist /?: there are listed all allowed filters (only 11 filter names currently).

Moreover, you can't retrieve value of Windows Task Manager GDI Objects column using either command line utility tasklist.exe nor powershell cmdlet Get-Process. You need to compute it using GetGuiResources function:

Retrieves the count of handles to graphical user interface (GUI) objects in use by the specified process.

Fortunately, there is a way to call native Windows APIs in Windows PowerShell: Add-Type cmdlet can use the Platform Invoke (P/Invoke) mechanism to call a function in a .dll library from Windows PowerShell.

For instance, Example 5: Call native Windows APIs demonstrates it sufficiently to write the following simple script:

# GDI objects: get number of GDI handles per process

Add-Type -Name NativeMethods -Namespace Win32 -MemberDefinition @'
[DllImport("User32.dll")]
public static extern int GetGuiResources(IntPtr hProcess, int uiFlags);
'@

$allProcesses = [System.Diagnostics.Process]::GetProcesses() #or# Get-Process
$auxCountHandles = [int]0
$auxCountProcess = [int]0
$GuiResources = @()
ForEach ($p in $allProcesses) {
        if ( [string]::IsNullOrEmpty( $p.Handle)) { continue }
        $auxCountProcess += 1
        $auxGdiHandles = [Win32.NativeMethods]::GetGuiResources($p.Handle, 0)
        If ($auxGdiHandles -eq 0)                    { continue }
        $auxCountHandles += $auxGdiHandles
        $auxDict = [ordered]@{
            PID         = $p.Id
            Handles     = $auxGdiHandles
            ProcessName = $p.Name
        }
        $GuiResources += [PSCustomObject]$auxDict
}

$GuiResources  #| Sort-Object "ProcessName" #| Format-Table -AutoSize

<##> 
    ### summary debugging output ###
Write-Host $('{0} processes; {1}/{2} with/without GDI objects' -f $allProcesses.Count,
    $GuiResources.Count,
    ($allProcesses.Count - $GuiResources.Count))
Write-Host "Total number of GDI handles: $auxCountHandles`n"
<##>

Sample output (truncated):

PS C:\WINDOWS\system32> D:\PShell\tests\GdiObjectCounter.ps1

161 processes; 27/134 with/without GDI objects
Total number of GDI handles: 2642

  PID Handles ProcessName         
  --- ------- -----------         
  712      16 SettingSyncHost     
  744       6 winlogon            
 7524       7 ShellExperienceHost 
 3852      36 RuntimeBroker       
 3696      74 chrome              
…