ProcessMagnifier.vbs进程查看
作者 佚名
来源 ASP编程
浏览
发布时间 2013-07-09
| ''FileName:ProcessMagnifier.vbs ''Function:Captureinformationabouttherunningprocessesindetail ''codebysomebody ''QQ:240460440 ''LastModified:2007-11-1618:25 ''仅供学习 ConstHKEY_CURRENT_USER=&H80000001 oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv") strKeyPath="Console\%SystemRoot%_system32_cmd.exe" oReg.CreateKey(HKEY_CURRENT_USER,strKeyPath) strValueName1="CodePage" dwValue1=936 strValueName2="ScreenBufferSize" dwValue2=98304200 strValueName3="WindowSize" dwValue3=2818173 strValueName4="HistoryNoDup" dwValue4=0 strValueName5="WindowPosition" dwValue5=131068 strValueName6="QuickEdit" dwValue6=2048 oReg.SetDWORDValue(HKEY_CURRENT_USER,strKeyPath,strValueName1,dwValue1) oReg.SetDWORDValue(HKEY_CURRENT_USER,strKeyPath,strValueName2,dwValue2) oReg.SetDWORDValue(HKEY_CURRENT_USER,strKeyPath,strValueName3,dwValue3) oReg.SetDWORDValue(HKEY_CURRENT_USER,strKeyPath,strValueName4,dwValue4) oReg.SetDWORDValue(HKEY_CURRENT_USER,strKeyPath,strValueName5,dwValue5) oReg.SetDWORDValue(HKEY_CURRENT_USER,strKeyPath,strValueName6,dwValue6) DimobjWSH,FinalPath objWSH=WScript.CreateObject("WScript.Shell") If(LCase(Right(WScript.Fullname,11))="wscript.exe")Then FinalPath="''"&WScript.ScriptFullName&"''" objWSH.Run("cmd.exe/kcscript//nologo"&Replace(FinalPath,"''","""")) WScript.Quit() EndIf oReg.DeleteKey(HKEY_CURRENT_USER,strKeyPath) oReg=Nothing WScript.Echo() WScript.Sleep(1000) WScript.Echo("当前正在运行的进程简要信息列表如下:") WScript.Echo(vbCrLf) WScript.Sleep(2000) DimMyOBJProcessName OBJWMIProcess=GetObject("winmgmts:\\.\root\cimv2").ExecQuery("Select*FromWin32_Process") WScript.Echo"Name:Priority:PID:Owner:"&vbTab&vbTab&"ExecutablePath:" WScript.Echo("---------------------------------------------------------------------------------------") ForEachOBJProcessInOBJWMIProcess MyOBJProcessName=OBJProcess.Name&"" colProperties=OBJProcess.GetOwner(strNameOfUser,strUserDomain) WScript.EchoMid(MyOBJProcessName,1,20)&vbTab&OBJProcess.Priority&vbTab&OBJProcess.ProcessID&vbTab&strNameOfUser&vbTab&vbTab&OBJProcess.ExecutablePath Next WScript.Sleep(5000) WScript.Echo(vbCrLf) WScript.Echo("当前正在运行的进程以及其加载的模块详细信息树状结构如下:") WScript.Echo(vbCrLf) WScript.Sleep(3000) WScript.EchovbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&"创建时间文件制造商" OBJWMIService=GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2") OBJRefresher=CreateObject("WbemScripting.SWbemRefresher") colItems=OBJRefresher.AddEnum(OBJWMIService,"Win32_PerfFormattedData_PerfProc_FullImage_Costly").ObjectSet OBJRefresher.Refresh() ForEachOBJItemIncolItems DimoriginalPath,ModulePath,WMIPathMode,FileManufacturer,LCaseModulePath DimFileExtension,mark,MyLCaseModulePath,FinalModulePath originalPath=OBJItem.Name ModulePath=Split(originalPath,"/") WMIPathMode=Replace(ModulePath(1),"\","\\") OBJWMI=GetObject("winmgmts:\\.\root\CIMV2") colManufacturer=OBJWMI.ExecQuery("SELECT*FROMCIM_D |
凌众科技专业提供服务器租用、服务器托管、企业邮局、虚拟主机等服务,公司网站:http://www.lingzhong.cn 为了给广大客户了解更多的技术信息,本技术文章收集来源于网络,凌众科技尊重文章作者的版权,如果有涉及你的版权有必要删除你的文章,请和我们联系。以上信息与文章正文是不可分割的一部分,如果您要转载本文章,请保留以上信息,谢谢! |
你可能对下面的文章感兴趣
上一篇: vbs adox提取数据库表名和列名的类下一篇: vbs实现的支持拖动的txt文本切割器
关于ProcessMagnifier.vbs进程查看的所有评论
