VBS 强制关闭Symantec Endpoint Protection的代码
使用这个脚本,可以随时让它歇下来。当然也可以让它继续工作。
前提是,你必须是本机管理员。
这个脚本使用一各很过时的终止程序方法:ntsd.exe -c q -p processid。所以以前有过一个bat版,之所以用vbs是因为效率高一点,而且没有太多的黑色窗口。
主要思想是:循环终止程序+停止服务
代码如下:
'on error resume next
' 检查操作系统版本
call checkos()
call meencoder()
' 程序初始化,取得参数
if wscript.arguments.count = 0 then
call main()
wscript.quit
else
dim strarg, arrtmp
for each strarg in wscript.arguments
arrtmp = split(strarg, "=")
if ubound( arrtmp ) = 1 then
select case lcase( arrtmp(0) )
case "sep"
call sep( arrtmp(1) )
case "process_stop"
call process_stop( arrtmp(1) )
case "process_start"
call process_start( arrtmp(1) )
case "server_stop"
call server_stop( arrtmp(1) )
case "server_start"
call server_start( arrtmp(1) )
case "show_tip"
call show_tip( arrtmp(1) )
case else
wscript.quit
end select
end if
next
wscript.quit
end if
' 主程序
sub main()
if (isrun("rtvscan.exe", "") = 1) or (isrun("ccsvchst.exe", "") = 1) or (isrun("smc.exe", "") = 1) then
call sep_stop()
else
call sep_start()
end if
end sub
' 带参数运行
sub sep( strmode )
select case lcase(strmode)
case "stop"
call sep_stop()
case "start"
call sep_start()
end select
end sub
' 停止sep
sub sep_stop()
set wso = createobject("wscript.shell")
'kill other app
call process_clear()
'kill sep
wso.run """" & wscript.scriptfullname & """ server_stop=""sens""", 0, true
'get me pid
set pid = getobject("winmgmts:\\.").instancesof("win32_process")
for each id in pid
if lcase(id.name) = lcase("wscript.exe") then
mepid=id.processid
end if
next
'tips
wso.run """" & wscript.scriptfullname & """ show_tip=stop", 0, false
'stop service
wso.run """" & wscript.scriptfullname & """ server_stop=""sens""", 0, true
wso.run """" & wscript.scriptfullname & """ server_stop=""symantec antivirus""", 0, true
wso.run """" & wscript.scriptfullname & """ server_stop=""ccevtmgr""", 0, true
wso.run """" & wscript.scriptfullname & """ server_stop=""smcservice""", 0, true
wso.run """" & wscript.scriptfullname & """ server_stop=""snac""", 0, true
wso.run """" & wscript.scriptfullname & """ server_stop=""ccsetmgr""", 0, true
'kill apps
wso.run """" & wscript.scriptfullname & """ process_stop=ccapp.exe", 0, false
wso.run """" & wscript.scriptfullname & """ process_stop=ccsvchst.exe", 0, false
wso.run """" & wscript.scriptfullname & """ process_stop=snac.exe", 0, false
wso.run """" & wscript.scriptfullname & """ process_stop=rtvscan.exe", 0, false
wso.run """" & wscript.scriptfullname & """ process_stop=sesclu.exe", 0, false
wso.run """" & wscript.scriptfullname & """ process_stop=smc.exe", 0, false
wso.run """" & wscript.scriptfullname & """ process_stop=smcgui.exe", 0, false
'wait
wscript.sleep 15000
'kill other script
set pid = getobject("winmgmts:\\.").instancesof("win32_process")
for each ps in pid
if (lcase(ps.name) = "wscript.exe") or (lcase(ps.name) = "cscript.exe") then ps.terminate
next
'kill other app
call process_clear()
'start ?
'call sep_start()
end sub
' 恢复sep
sub sep_start()
set wso = createobject("wscript.shell")
'tips
wso.run """" & wscript.scriptfullname & """ show_tip=start", 0, false
'start server
wso.run """" & wscript.scriptfullname & """ server_stop=""sens""", 0, true
wso.run """" & wscript.scriptfullname & """ server_start=""symantec antivirus""", 0, true
wso.run """" & wscript.scriptfullname & """ server_start=""ccevtmgr""", 0, true
wso.run """" & wscript.scriptfullname & """ server_start=""smcservice""", 0, true
wso.run """" & wscript.scriptfullname & """ server_start=""snac""", 0, true
wso.run """" & wscript.scriptfullname & """ server_start=""ccsetmgr""", 0, true
set wso = nothing
end sub
' 关闭进程
function process_stop( strappname )
dim i
for i = 1 to 100
set pid = getobject("winmgmts:\\.").instancesof("win32_process")
for each id in pid
if lcase(id.name) = lcase(strappname) then
dim wso
set wso = createobject("wscript.shell")
wso.run "ntsd.exe -c q -p " & id.processid, 0, true
end if
next
wscript.sleep 500
next
end function
' 停止服务
sub server_stop( byval strservername )
set wso = createobject("wscript.shell")
wso.run "sc config """ & strservername & """ start= disabled", 0, true
wso.run "cmd /c echo y|net stop """ & strservername & """", 0, true
set wso = nothing
end sub
' 启动服务
sub server_start( byval strservername )
set wso = createobject("wscript.shell")
wso.run "sc config """ & strservername & """ start= auto", 0, true
wso.run "cmd /c echo y|net start """ & strservername & """", 0, true
set wso = nothing
end sub
' 显示提示信息
sub show_tip( strtype )
set wso = createobject("wscript.shell")
select case lcase(strtype)
case "stop"
wso.popup chr(13) + "正在停止 sep,請稍等.. " + chr(13), 20, "stopsep 正在运行", 0+64
case "start"
wso.popup chr(13) + "正在启动 sep,請稍等.. " + chr(13), 20, "stopsep 已经停止", 0+64
end select
set wso = nothing
end sub
' clear process
sub process_clear()
'kill other app
set pid = getobject("winmgmts:\\.").instancesof("win32_process")
for each ps in pid
select case lcase(ps.name)
case "net.exe"
ps.terminate
case "net1.exe"
ps.terminate
case "sc.exe"
ps.terminate
case "ntsd.exe"
ps.terminate
end select
next
end sub
' ====================================================================================================
' ****************************************************************************************************
' * 公共函数
' * 使用方式:将本段全部代码加入程序末尾,将以下代码(1行)加入程序首行即可:
' * dim whoami, tmpdir, windir, appdatadir, startupdir, medir, unchost : call getglovar() ' 全局变量
' * 取得支持:电邮至 yu2n@qq.com
' * 更新日期:2012-12-10 11:37
' ****************************************************************************************************
' 功能索引
' 命令行支持:
' 检测环境:iscmdmode是否在cmd下运行
' 模拟命令:exist是否存在文件或文件夹、md创建目录、copy复制文件或文件夹、del删除文件或文件夹、
' attrib更改文件或文件夹属性、ping检测网络联通、
' 对话框:
' 提示消息:warninginfo警告消息、tipinfo提示消息、errorinfo错误消息
' 输入密码:getpassword提示输入密码、
' 文件系统:
' 复制、删除、更改属性:参考“命令行支持”。
' ini文件处理:读写ini文件(unicode) readiniunicode / writeiniunicode
' 注册表处理:regread读注册表、regwrite写注册表
' 日志处理:writelog写文本日志
' 字符串处理:
' 提取:regexptest
' 程序:
' 检测:isrun是否运行、meisalreadyrun本程序是否执行、、、、
' 执行:run前台等待执行、runhide隐藏等待执行、runnotwait前台不等待执行、runhidenotwite后台不等待执行、
' 加密运行:meencoder
' 系统:
' 版本
' 延时:sleep
' 发送按键:sendkeys
' 网络:
' 检测:ping、参考“命令行支持”。
' 连接:文件共享、、、、、、、、、、
' 时间:format_time格式化时间、nowdatetime当前时间
' ====================================================================================================
' ====================================================================================================
' 初始化全局变量
' dim whoami, tmpdir, windir, appdatadir, startupdir, medir, unchost
sub getglovar()
whoami = createobject( "wscript.network" ).computername & "\" & createobject( "wscript.network" ).username ' 使用者信息
tmpdir = createobject("scripting.filesystemobject").getspecialfolder(2) & "\" ' 临时文件夹路径
windir = createobject("wscript.shell").expandenvironmentstrings("%windir%") & "\" ' 本机 %windir% 文件夹路径
appdatadir = createobject("wscript.shell").specialfolders("appdata") & "\" ' 本机 %appdata% 文件夹路径
startupdir = createobject("wscript.shell").specialfolders("startup") & "\" ' 本机启动文件夹路径
medir = left(wscript.scriptfullname, instrrev(wscript.scriptfullname,"\")) ' 脚本所在文件夹路径
' 脚本位于共享的目录时,取得共享的电脑名(unchost),进行位置验证(if unchost <> "serntf02" then wscript.quit) ' 防止拷贝到本地运行
unchost = lcase(mid(wscript.scriptfullname,instr(wscript.scriptfullname,"\\")+2,instr(3,wscript.scriptfullname,"\",1)-3))
end sub
' ====================================================================================================
' 小函数
sub sleep( stime ) ' 延时 stime 毫秒
wscript.sleep stime
end sub
sub sendkeys( strkey ) ' 发送按键
createobject("wscript.shell").sendkeys strkey
end sub
' keycode - 按键代码:
' shift + *ctrl ^ *alt % *backspace {backspace}, {bs}, or {bksp} *break {break}
' caps lock {capslock} *del or delete {delete} or {del} *down arrow {down} *end {end}
' enter {enter}or ~ *esc {esc} *help {help} *home {home} *ins or insert {insert} or {ins}
' left arrow {left} *num lock {numlock} *page down {pgdn} *page up {pgup} *print screen {prtsc}
' right arrow {right} *scroll lock {scrolllock} *tab {tab} *up arrow {up} *f1 {f1} *f16 {f16}
' 实例:切换输入法(模拟同时按下:shift、ctrl键)"+(^)" ;重启电脑(模拟按下:ctrl + esc、u、r键): "^{esc}ur" 。
' 同时按键:在按 e和 c的同时按 shift 键: "+(ec)" ;在按 e时只按 c(而不按 shift): "+ec" 。
' 重复按键:按 10 次 "x": "{x 10}"。按键和数字间有空格。
' 特殊字符:发送 “+”、“^” 特殊的控制按键:"{+}"、"{^}"
' 注意:只可以发送重复按一个键的按键。例如,可以发送 10次 "x",但不可发送 10次 "ctrl+x"。
' 注意:不能向应用程序发送 print screen键{prtsc}。
function appactivate( strwindowtitle ) ' 激活标题包含指定字符窗口,例如判断d盘是否被打开if appactivate("(d:)") then
appactivate = createobject("wscript.shell").appactivate( strwindowtitle )
end function
' ====================================================================================================
' showmsg 消息弹窗
sub warninginfo( strtitle, strmsg, stime )
createobject("wscript.shell").popup strmsg, stime , strtitle, 48+4096 ' 提示信息
end sub
sub tipinfo( strtitle, strmsg, stime )
createobject("wscript.shell").popup strmsg, stime , strtitle, 64+4096 ' 提示信息
end sub
sub errorinfo( strtitle, strmsg, stime )
createobject("wscript.shell").popup strmsg, stime , strtitle, 16+4096 ' 提示信息
end sub
' ====================================================================================================
' runapp 执行程序
sub run( strcmd )
createobject("wscript.shell").run strcmd, 1, true ' 正常运行 + 等待程序运行完成
end sub
sub runnotwait( strcmd )
createobject("wscript.shell").run strcmd, 1, false ' 正常运行 + 不等待程序运行完成
end sub
sub runhide( strcmd )
createobject("wscript.shell").run strcmd, 0, true ' 隐藏后台运行 + 等待程序运行完成
end sub
sub runhidenotwait( strcmd )
createobject("wscript.shell").run strcmd, 0, false ' 隐藏后台运行 + 不等待程序运行完成
end sub
' ====================================================================================================
' cmd 命令集
' ----------------------------------------------------------------------------------------------------
' ----------------------------------------------------------------------------------------------------
' 获取cmd输出
function cmdout(str)
set ws = createobject("wscript.shell")
host = wscript.fullname
'demon注:这里不用这么复杂吧,lcase(right(host, 11))不就行了
if lcase( right(host, len(host)-instrrev(host,"\")) ) = "wscript.exe" then
ws.run "cscript """ & wscript.scriptfullname & chr(34), 0
wscript.quit
end if
set oexec = ws.exec(str)
cmdout = oexec.stdout.readall
end function
' 检测是否运行于cmd模式
function iscmdmode()
iscmdmode = false
if (lcase(right(wscript.fullname,11)) = lcase("cscript.exe")) then iscmdmode = true
end function
' exist 检测文件或文件夹是否存在
function exist( strpath )
exist = false
set fso = createobject("scripting.filesystemobject")
if ((fso.folderexists(strpath)) or (fso.fileexists(strpath))) then exist = true
set fso = nothing
end function
' ----------------------------------------------------------------------------------------------------
' md 创建文件夹路径
sub md( byval strpath )
dim arrpath, strtemp, valstart
arrpath = split(strpath, "\")
if left(strpath, 2) = "\\" then ' unc path
valstart = 3
strtemp = arrpath(0) & "\" & arrpath(1) & "\" & arrpath(2)
else ' local path
valstart = 1
strtemp = arrpath(0)
end if
set fso = createobject("scripting.filesystemobject")
for i = valstart to ubound(arrpath)
strtemp = strtemp & "\" & arrpath(i)
if not fso.folderexists( strtemp ) then fso.createfolder( strtemp )
next
set fso = nothing
end sub
' ----------------------------------------------------------------------------------------------------
' copy 复制文件或文件夹
sub copy( byval strsource, byval strdestination )
on error resume next ' required 必选
set fso = createobject("scripting.filesystemobject")
if (fso.fileexists(strsource)) then ' 如果来源是一个文件
if (fso.folderexists(strdestination)) then ' 如果目的地是一个文件夹,加上路径后缀反斜线“\”
fso.copyfile fso.getfile(strsource).path, fso.getfolder(strdestination).path & "\", true
else ' 如果目的地是一个文件,直接复制
fso.copyfile fso.getfile(strsource).path, strdestination, true
end if
end if ' 如果来源是一个文件夹,复制文件夹
if (fso.folderexists(strsource)) then fso.copyfolder fso.getfolder(strsource).path, fso.getfolder(strdestination).path, true
set fso = nothing
end sub
' ----------------------------------------------------------------------------------------------------
' del 删除文件或文件夹
sub del( strpath )
on error resume next ' required 必选
set fso = createobject("scripting.filesystemobject")
if (fso.fileexists(strpath)) then
fso.getfile( strpath ).attributes = 0
fso.getfile( strpath ).delete
end if
if (fso.folderexists(strpath)) then
fso.getfolder( strpath ).attributes = 0
fso.getfolder( strpath ).delete
end if
set fso = nothing
end sub
' ----------------------------------------------------------------------------------------------------
' attrib 改变文件属性
sub attrib( strpath, strargs ) 'strargs = [+r | -r] [+a | -a ] [+s | -s] [+h | -h]
dim fso, valattrib, arrattrib()
set fso = createobject("scripting.filesystemobject")
if (fso.fileexists(strpath)) then valattrib = fso.getfile( strpath ).attributes
if (fso.folderexists(strpath)) then valattrib = fso.getfolder( strpath ).attributes
if valattrib = "" or strargs = "" then exit sub
binattrib = dectobin(valattrib) ' 十进制转二进制
for i = 0 to 16 ' 二进制转16位二进制
redim preserve arrattrib(i) : arrattrib(i) = 0
if i > 16-len(binattrib) then arrattrib(i) = mid(binattrib, i-(16-len(binattrib)), 1)
next
if instr(1, lcase(strargs), "+r", 1) then arrattrib(16-0) = 1 'readonly 1 只读文件。
if instr(1, lcase(strargs), "-r", 1) then arrattrib(16-0) = 0
if instr(1, lcase(strargs), "+h", 1) then arrattrib(16-1) = 1 'hidden 2 隐藏文件。
if instr(1, lcase(strargs), "-h", 1) then arrattrib(16-1) = 0
if instr(1, lcase(strargs), "+s", 1) then arrattrib(16-2) = 1 'system 4 系统文件。
if instr(1, lcase(strargs), "-s", 1) then arrattrib(16-2) = 0
if instr(1, lcase(strargs), "+a", 1) then arrattrib(16-5) = 1 'archive 32 上次备份后已更改的文件。
if instr(1, lcase(strargs), "-a", 1) then arrattrib(16-5) = 0
valattrib = bintodec(join(arrattrib,"")) ' 二进制转十进制
if (fso.fileexists(strpath)) then fso.getfile( strpath ).attributes = valattrib
if (fso.folderexists(strpath)) then fso.getfolder( strpath ).attributes = valattrib
set fso = nothing
end sub
function dectobin(byval number) ' 十进制转二进制
dim remainder
remainder = number
do while remainder > 0
dectobin = cstr(remainder mod 2) & dectobin
remainder = remainder \ 2
loop
end function
function bintodec(byval binstr) ' 二进制转十进制
dim i
for i = 1 to len(binstr)
bintodec = bintodec + (cint(mid(binstr, i, 1)) * (2 ^ (len(binstr) - i)))
next
end function
' ----------------------------------------------------------------------------------------------------
' ping 判断网络是否联通
function ping(host)
on error resume next
ping = false : if host = "" then exit function
set objping = getobject("winmgmts:{impersonationlevel=impersonate}").execquery("select * from win32_pingstatus where address = '" & host & "'")
for each objstatus in objping
if objstatus.responsetime >= 0 then ping = true : exit for
next
set objping = nothing
end function
' ====================================================================================================
' 获取当前的日期时间,并格式化
function nowdatetime()
'myweek = "周" & right(weekdayname(weekday(date())), 1) & " "
myweek = ""
nowdatetime = myweek & format_time(now(),2) & " " & format_time(now(),3)
end function
function format_time(s_time, n_flag)
dim y, m, d, h, mi, s
format_time = ""
if isdate(s_time) = false then exit function
y = cstr(year(s_time))
m = cstr(month(s_time))
if len(m) = 1 then m = "0" & m
d = cstr(day(s_time))
if len(d) = 1 then d = "0" & d
h = cstr(hour(s_time))
if len(h) = 1 then h = "0" & h
mi = cstr(minute(s_time))
if len(mi) = 1 then mi = "0" & mi
s = cstr(second(s_time))
if len(s) = 1 then s = "0" & s
select case n_flag
case 1
format_time = y & m & d & h & mi & s ' yyyy-mm-dd hh:mm:ss
case 2
format_time = y & "-" & m & "-" & d ' yyyy-mm-dd
case 3
format_time = h & ":" & mi & ":" & s ' hh:mm:ss
case 4
format_time = y & "年" & m & "月" & d & "日" ' yyyy年mm月dd日
case 5
format_time = y & m & d ' yyyymmdd
end select
end function
' ====================================================================================================
' 检查字符串是否符合正则表达式
'msgbox join(regexptest( "[a-z]+-[a-z]+", "a-v d-f b-c" ,"value"), vbcrlf)
'msgbox regexptest( "[a-z]+-[a-z]+", "a-v d-f b-c" ,"count")
'msgbox regexptest( "[a-z]+-[a-z]+", "a-v d-f b-c" ,"")
function regexptest(patrn, strng, mode)
dim regex, match, matches ' 建立变量。
set regex = new regexp ' 建立正则表达式。
regex.pattern = patrn ' 设置模式。
regex.ignorecase = true ' 设置是否区分字符大小写。
regex.global = true ' 设置全局可用性。
dim retstr, arrmatchs(), i : i = -1
set matches = regex.execute(strng) ' 执行搜索。
for each match in matches ' 遍历匹配集合。
i = i + 1
redim preserve arrmatchs(i) ' 动态数组:数组随循环而变化
arrmatchs(i) = match.value
retstr = retstr & "match found at position " & match.firstindex & ". match value is '" & match.value & "'." & vbcrlf
next
if lcase(mode) = lcase("value") then regexptest = arrmatchs ' 以数组返回所有符合表达式的所有数据
if lcase(mode) = lcase("count") then regexptest = matches.count ' 以整数返回符合表达式的所有数据总数
if isempty(regexptest) then regexptest = retstr ' 返回所有匹配结果
end function
' ====================================================================================================
' 读写注册表
function regread( strkey )
on error resume next
set wso = createobject("wscript.shell")
regread = wso.regread( strkey ) 'strkey = "hkey_local_machine\software\microsoft\windows\currentversion\run\doctip"
if isarray( regread ) then regread = join(regread, vbcrlf)
set wso = nothing
end function
' 写注册表
function regwrite( strkey, strkeyval, strkeytype )
on error resume next
dim fso, strtmp
regwrite = flase
set wso = createobject("wscript.shell")
wso.regwrite strkey, strkeyval, strkeytype
strtmp = wso.regread( strkey )
if strtmp <> "" then regwrite = true
set wso = nothing
end function
' ====================================================================================================
' 读写ini文件(unicode) readiniunicode / writeiniunicode
' this subroutine writes a value to an ini file
'
' arguments:
' myfilepath [string] the (path and) file name of the ini file
' mysection [string] the section in the ini file to be searched
' mykey [string] the key whose value is to be written
' myvalue [string] the value to be written (mykey will be
' deleted if myvalue is <delete_this_value>)
'
' returns:
' n/a
'
' caveat: writeini function needs readiniunicode function to run
'
' written by keith lacelle
' modified by denis st-pierre, johan pol and rob van der woude
sub writeiniunicode( myfilepath, mysection, mykey, myvalue )
on error resume next
const forreading = 1
const forwriting = 2
const forappending = 8
const tristatetrue = -1
dim blninsection, blnkeyexists, blnsectionexists, blnwritten
dim intequalpos
dim objfso, objnewini, objorgini, wshshell
dim strfilepath, strfolderpath, strkey, strleftstring
dim strline, strsection, strtempdir, strtempfile, strvalue
strfilepath = trim( myfilepath )
strsection = trim( mysection )
strkey = trim( mykey )
strvalue = trim( myvalue )
set objfso = createobject( "scripting.filesystemobject" )
set wshshell = createobject( "wscript.shell" )
strtempdir = wshshell.expandenvironmentstrings( "%temp%" )
strtempfile = objfso.buildpath( strtempdir, objfso.gettempname )
set objorgini = objfso.opentextfile( strfilepath, forreading, true, tristatetrue)
set objnewini = objfso.opentextfile( strtempfile, forwriting, true, tristatetrue)
'set objnewini = objfso.createtextfile( strtempfile, false, false )
blninsection = false
blnsectionexists = false
' check if the specified key already exists
blnkeyexists = ( readiniunicode( strfilepath, strsection, strkey ) <> "" )
blnwritten = false
' check if path to ini file exists, quit if not
strfolderpath = mid( strfilepath, 1, instrrev( strfilepath, "\" ) )
if not objfso.folderexists ( strfolderpath ) then
rem wscript.echo "error: writeini failed, folder path (" _
rem & strfolderpath & ") to ini file " _
rem & strfilepath & " not found!"
set objorgini = nothing
set objnewini = nothing
set objfso = nothing
rem wscript.quit 1
exit sub
end if
while objorgini.atendofstream = false
strline = trim( objorgini.readline )
if blnwritten = false then
if lcase( strline ) = "[" & lcase( strsection ) & "]" then
blnsectionexists = true
blninsection = true
elseif instr( strline, "[" ) = 1 then
blninsection = false
end if
end if
if blninsection then
if blnkeyexists then
intequalpos = instr( 1, strline, "=", vbtextcompare )
if intequalpos > 0 then
strleftstring = trim( left( strline, intequalpos - 1 ) )
if lcase( strleftstring ) = lcase( strkey ) then
' only write the key if the value isn't empty
' modification by johan pol
if strvalue <> "<delete_this_value>" then
objnewini.writeline strkey & "=" & strvalue
end if
blnwritten = true
blninsection = false
end if
end if
if not blnwritten then
objnewini.writeline strline
end if
else
objnewini.writeline strline
' only write the key if the value isn't empty
' modification by johan pol
if strvalue <> "<delete_this_value>" then
objnewini.writeline strkey & "=" & strvalue
end if
blnwritten = true
blninsection = false
end if
else
objnewini.writeline strline
end if
wend
if blnsectionexists = false then ' section doesn't exist
objnewini.writeline
objnewini.writeline "[" & strsection & "]"
' only write the key if the value isn't empty
' modification by johan pol
if strvalue <> "<delete_this_value>" then
objnewini.writeline strkey & "=" & strvalue
end if
end if
objorgini.close
objnewini.close
' delete old ini file
objfso.deletefile strfilepath, true
' rename new ini file
objfso.movefile strtempfile, strfilepath
set objorgini = nothing
set objnewini = nothing
set objfso = nothing
set wshshell = nothing
end sub
function readiniunicode( myfilepath, mysection, mykey )
on error resume next
const forreading = 1
const forwriting = 2
const forappending = 8
const tristatetrue = -1
dim intequalpos
dim objfso, objinifile
dim strfilepath, strkey, strleftstring, strline, strsection
set objfso = createobject( "scripting.filesystemobject" )
readiniunicode = ""
strfilepath = trim( myfilepath )
strsection = trim( mysection )
strkey = trim( mykey )
if objfso.fileexists( strfilepath ) then
set objinifile = objfso.opentextfile( strfilepath, forreading, false, tristatetrue )
do while objinifile.atendofstream = false
strline = trim( objinifile.readline )
' check if section is found in the current line
if lcase( strline ) = "[" & lcase( strsection ) & "]" then
strline = trim( objinifile.readline )
' parse lines until the next section is reached
do while left( strline, 1 ) <> "["
' find position of equal sign in the line
intequalpos = instr( 1, strline, "=", 1 )
if intequalpos > 0 then
strleftstring = trim( left( strline, intequalpos - 1 ) )
' check if item is found in the current line
if lcase( strleftstring ) = lcase( strkey ) then
readiniunicode = trim( mid( strline, intequalpos + 1 ) )
' in case the item exists but value is blank
if readiniunicode = "" then
readiniunicode = " "
end if
' abort loop when item is found
exit do
end if
end if
' abort if the end of the ini file is reached
if objinifile.atendofstream then exit do
' continue with next line
strline = trim( objinifile.readline )
loop
exit do
end if
loop
objinifile.close
else
rem wscript.echo strfilepath & " doesn't exists. exiting..."
rem wscript.quit 1
rem msgbox strfilepath & " doesn't exists. exiting..."
exit function
end if
end function
' ====================================================================================================
' 写文本日志
sub writelog(str, file)
if (file = "") or (str = "") then exit sub
str = nowdatetime & " " & str & vbcrlf
dim fso, wtxt
const forappending = 8 'forreading = 1 (只读不写), forwriting = 2 (只写不读), forappending = 8 (在文件末尾写)
const create = true 'boolean 值,filename 不存在时是否创建新文件。允许创建为 true,否则为 false。默认值为 false。
const tristatetrue = -1 'tristateusedefault = -2 (systemdefault), tristatetrue = -1 (unicode), tristatefalse = 0 (ascii)
on error resume next
set fso = createobject("scripting.filesystemobject")
set wtxt = fso.opentextfile(file, forappending, create, tristatetrue)
wtxt.write str
wtxt.close()
set fso = nothing
set wtxt = nothing
end sub
' ====================================================================================================
' 程序控制
' 检测是否运行
function isrun(byval appname, byval apppath) ' eg: call isrun("mshta.exe", "c:\test.hta")
isrun = 0 : i = 0
for each ps in getobject("winmgmts:\\.\root\cimv2:win32_process").instances_
if lcase(ps.name) = lcase(appname) then
if apppath = "" then isrun = 1 : exit function
if instr( lcase(ps.commandline) , lcase(apppath) ) then i = i + 1
end if
next
isrun = i
end function
' ----------------------------------------------------------------------------------------------------
' 检测自身是否重复运行
function meisalreadyrun()
meisalreadyrun = false
if ((isrun("wscript.exe",wscript.scriptfullname)>1) or (isrun("cscript.exe",wscript.scriptfullname)>1)) then meisalreadyrun = true
end function
' ----------------------------------------------------------------------------------------------------
' 关闭进程
sub close_process(processname)
'on error resume next
for each ps in getobject("winmgmts:\\.\root\cimv2:win32_process").instances_ '循环进程
if ucase(ps.name)=ucase(processname) then
ps.terminate
end if
next
end sub
' ====================================================================================================
' 系统
' 检查操作系统版本
sub checkos()
if lcase(osver()) <> "xp" then
msgbox "不支持该操作系统! ", 48+4096, "警告"
wscript.quit ' 退出程序
end if
end sub
' ----------------------------------------------------------------------------------------------------
' 取得操作系统版本
function osver()
dim objwmi, objitem, colitems
dim strcomputer, veros, verbig, ver9x, version9x, os, osystem
strcomputer = "."
set objwmi = getobject("winmgmts:\\" & strcomputer & "\root\cimv2")
set colitems = objwmi.execquery("select * from win32_operatingsystem",,48)
for each objitem in colitems
verbig = left(objitem.version,3)
next
select case verbig
case "6.1" osystem = "win7"
case "6.0" osystem = "vista"
case "5.2" osystem = "windows 2003"
case "5.1" osystem = "xp"
case "5.0" osystem = "w2k"
case "4.0" osystem = "nt4.0"
case else osystem = "unknown"
if cint(join(split(verbig,"."),"")) < 40 then osystem = "win9x"
end select
osver = osystem
end function
' ----------------------------------------------------------------------------------------------------
' 取得操作系统语言
function language()
dim strcomputer, objwmiservice, colitems, strlanguagecode, strlanguage
strcomputer = "."
set objwmiservice = getobject("winmgmts://" &strcomputer &"/root/cimv2")
set colitems = objwmiservice.execquery("select * from win32_operatingsystem")
for each objitem in colitems
strlanguagecode = objitem.oslanguage
next
select case strlanguagecode
case "1033" strlanguage = "en"
case "2052" strlanguage = "chs"
case else strlanguage = "en"
end select
language = strlanguage
end function
' ====================================================================================================
' 加密自身
sub meencoder()
dim meapppath, meappname, meappfx, meappencodefile, data
meapppath = left(wscript.scriptfullname, instrrev(wscript.scriptfullname,"\"))
meappname = left( wscript.scriptname, instrrev(wscript.scriptname,".") - 1 )
meappfx = right(wscript.scriptname, len(wscript.scriptname) - instrrev(wscript.scriptname,".") + 1 )
meappencodefile = meapppath & meappname & ".s.vbe"
if not ( lcase(meappfx) = lcase(".vbs") ) then exit sub
set fso = createobject("scripting.filesystemobject")
data = fso.opentextfile(wscript.scriptfullname, 1, false, -1).readall
data = createobject("scripting.encoder").encodescriptfile(".vbs", data, 0, "vbscript")
fso.opentextfile(meappencodefile, 2, true, -1).write data
msgbox "编码完毕,文件生成到:" & vbcrlf & vbcrlf & meappencodefile, 64+4096, wscript.scriptname
set fso = nothing
wscript.quit
end sub