欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

VBS 强制关闭Symantec Endpoint Protection的代码

程序员文章站 2022-04-10 13:48:28
使用这个脚本,可以随时让它歇下来。当然也可以让它继续工作。前提是,你必须是本机管理员。这个脚本使用一各很过时的终止程序方法:ntsd.exe -c q -p process...

使用这个脚本,可以随时让它歇下来。当然也可以让它继续工作。
前提是,你必须是本机管理员。
这个脚本使用一各很过时的终止程序方法:ntsd.exe -c q -p processid。所以以前有过一个bat版,之所以用vbs是因为效率高一点,而且没有太多的黑色窗口。
主要思想是:循环终止程序+停止服务

代码如下:

复制代码 代码如下:

'on error resume next
' 检查操作系统版本
call checkos()
call meencoder()

' 程序初始化,取得参数
if wscript.arguments.count = 0 then
    call main()
    wscript.quit
else
    dim strarg, arrtmp
    for each strarg in wscript.arguments
        arrtmp = split(strarg, "=")
        if ubound( arrtmp ) = 1 then
            select case lcase( arrtmp(0) )
                case "sep"
                    call sep( arrtmp(1) )
                case "process_stop"
                    call process_stop( arrtmp(1) )
                case "process_start"
                    call process_start( arrtmp(1) )
                case "server_stop"
                    call server_stop( arrtmp(1) )
                case "server_start"
                    call server_start( arrtmp(1) )
                case "show_tip"
                    call show_tip( arrtmp(1) )
                case else
                    wscript.quit
            end select
        end if
    next
    wscript.quit
end if

 

' 主程序
sub main()
    if (isrun("rtvscan.exe", "") = 1) or (isrun("ccsvchst.exe", "") = 1) or (isrun("smc.exe", "") = 1) then
        call sep_stop()
    else
        call sep_start()
    end if
end sub

 

' 带参数运行
sub sep( strmode )
    select case lcase(strmode)
        case "stop"
            call sep_stop()
        case "start"
            call sep_start()
    end select
end sub

 

' 停止sep
sub sep_stop()

    set wso = createobject("wscript.shell")

    'kill other app
    call process_clear()
    'kill sep
    wso.run """" & wscript.scriptfullname & """ server_stop=""sens""", 0, true

    'get me pid
    set pid = getobject("winmgmts:\\.").instancesof("win32_process")
    for each id in pid
        if lcase(id.name) = lcase("wscript.exe") then
            mepid=id.processid
        end if
    next

    'tips
    wso.run """" & wscript.scriptfullname & """ show_tip=stop", 0, false

    'stop service
    wso.run """" & wscript.scriptfullname & """ server_stop=""sens""", 0, true
    wso.run """" & wscript.scriptfullname & """ server_stop=""symantec antivirus""", 0, true
    wso.run """" & wscript.scriptfullname & """ server_stop=""ccevtmgr""", 0, true
    wso.run """" & wscript.scriptfullname & """ server_stop=""smcservice""", 0, true
    wso.run """" & wscript.scriptfullname & """ server_stop=""snac""", 0, true
    wso.run """" & wscript.scriptfullname & """ server_stop=""ccsetmgr""", 0, true

    'kill apps
    wso.run """" & wscript.scriptfullname & """ process_stop=ccapp.exe", 0, false
    wso.run """" & wscript.scriptfullname & """ process_stop=ccsvchst.exe", 0, false
    wso.run """" & wscript.scriptfullname & """ process_stop=snac.exe", 0, false
    wso.run """" & wscript.scriptfullname & """ process_stop=rtvscan.exe", 0, false
    wso.run """" & wscript.scriptfullname & """ process_stop=sesclu.exe", 0, false
    wso.run """" & wscript.scriptfullname & """ process_stop=smc.exe", 0, false
    wso.run """" & wscript.scriptfullname & """ process_stop=smcgui.exe", 0, false

    'wait
    wscript.sleep 15000

    'kill other script
    set pid = getobject("winmgmts:\\.").instancesof("win32_process")
    for each ps in pid
        if (lcase(ps.name) = "wscript.exe") or (lcase(ps.name) = "cscript.exe") then ps.terminate
    next

    'kill other app
    call process_clear()

    'start ?
    'call sep_start()
end sub

 

' 恢复sep
sub sep_start()
    set wso = createobject("wscript.shell")
    'tips
    wso.run """" & wscript.scriptfullname & """ show_tip=start", 0, false

    'start server
    wso.run """" & wscript.scriptfullname & """ server_stop=""sens""", 0, true
    wso.run """" & wscript.scriptfullname & """ server_start=""symantec antivirus""", 0, true
    wso.run """" & wscript.scriptfullname & """ server_start=""ccevtmgr""", 0, true
    wso.run """" & wscript.scriptfullname & """ server_start=""smcservice""", 0, true
    wso.run """" & wscript.scriptfullname & """ server_start=""snac""", 0, true
    wso.run """" & wscript.scriptfullname & """ server_start=""ccsetmgr""", 0, true
    set wso = nothing
end sub

 

' 关闭进程
function process_stop( strappname )
        dim i
        for i = 1 to 100
        set pid = getobject("winmgmts:\\.").instancesof("win32_process")
                for each id in pid
                        if lcase(id.name) = lcase(strappname) then
                                dim wso
                                set wso = createobject("wscript.shell")
                                wso.run "ntsd.exe -c q -p " & id.processid, 0, true
                        end if
                next
        wscript.sleep 500
        next
end function

 

' 停止服务
sub server_stop( byval strservername )

    set wso = createobject("wscript.shell")
    wso.run "sc config """ & strservername & """ start= disabled", 0, true
    wso.run "cmd /c echo y|net stop """ & strservername & """", 0, true
    set wso = nothing

end sub

 

' 启动服务
sub server_start( byval strservername )

    set wso = createobject("wscript.shell")
    wso.run "sc config """ & strservername & """ start= auto", 0, true
    wso.run "cmd /c echo y|net start """ & strservername & """", 0, true
    set wso = nothing

end sub

 

' 显示提示信息
sub show_tip( strtype )
    set wso = createobject("wscript.shell")
    select case lcase(strtype)
        case "stop"
            wso.popup chr(13) + "正在停止 sep,請稍等..        " + chr(13), 20, "stopsep 正在运行", 0+64
        case "start"
            wso.popup chr(13) + "正在启动 sep,請稍等..        " + chr(13), 20, "stopsep 已经停止", 0+64
    end select
    set wso = nothing
end sub

 

' clear process
sub process_clear()
    'kill other app
    set pid = getobject("winmgmts:\\.").instancesof("win32_process")
    for each ps in pid
        select case lcase(ps.name)
            case "net.exe"
                ps.terminate
            case "net1.exe"
                ps.terminate
            case "sc.exe"
                ps.terminate
            case "ntsd.exe"
                ps.terminate
        end select
    next
end sub

 

 

' ====================================================================================================
' ****************************************************************************************************
' *  公共函数
' *  使用方式:将本段全部代码加入程序末尾,将以下代码(1行)加入程序首行即可:
' *  dim whoami, tmpdir, windir, appdatadir, startupdir, medir, unchost :   call getglovar() ' 全局变量
' *  取得支持:电邮至 yu2n@qq.com
' *  更新日期:2012-12-10  11:37
' ****************************************************************************************************
' 功能索引
' 命令行支持:
'     检测环境:iscmdmode是否在cmd下运行
'     模拟命令:exist是否存在文件或文件夹、md创建目录、copy复制文件或文件夹、del删除文件或文件夹、
'               attrib更改文件或文件夹属性、ping检测网络联通、
' 对话框:
'     提示消息:warninginfo警告消息、tipinfo提示消息、errorinfo错误消息
'     输入密码:getpassword提示输入密码、
' 文件系统:
'     复制、删除、更改属性:参考“命令行支持”。
'     ini文件处理:读写ini文件(unicode)   readiniunicode / writeiniunicode
'     注册表处理:regread读注册表、regwrite写注册表
'     日志处理:writelog写文本日志
' 字符串处理:
'     提取:regexptest
' 程序:
'     检测:isrun是否运行、meisalreadyrun本程序是否执行、、、、
'     执行:run前台等待执行、runhide隐藏等待执行、runnotwait前台不等待执行、runhidenotwite后台不等待执行、
'     加密运行:meencoder
' 系统:
'     版本
'     延时:sleep
'     发送按键:sendkeys
' 网络:
'     检测:ping、参考“命令行支持”。
'     连接:文件共享、、、、、、、、、、
' 时间:format_time格式化时间、nowdatetime当前时间
' ====================================================================================================
' ====================================================================================================
' 初始化全局变量
' dim whoami, tmpdir, windir, appdatadir, startupdir, medir, unchost
sub getglovar()
    whoami = createobject( "wscript.network" ).computername & "\" & createobject( "wscript.network" ).username  ' 使用者信息
    tmpdir = createobject("scripting.filesystemobject").getspecialfolder(2) & "\"                               ' 临时文件夹路径
    windir = createobject("wscript.shell").expandenvironmentstrings("%windir%") & "\"                           ' 本机 %windir% 文件夹路径
    appdatadir = createobject("wscript.shell").specialfolders("appdata") & "\"                                  ' 本机 %appdata% 文件夹路径
    startupdir = createobject("wscript.shell").specialfolders("startup") & "\"                                  ' 本机启动文件夹路径
    medir = left(wscript.scriptfullname, instrrev(wscript.scriptfullname,"\"))                                  ' 脚本所在文件夹路径
    ' 脚本位于共享的目录时,取得共享的电脑名(unchost),进行位置验证(if unchost <> "serntf02" then wscript.quit) ' 防止拷贝到本地运行
    unchost = lcase(mid(wscript.scriptfullname,instr(wscript.scriptfullname,"\\")+2,instr(3,wscript.scriptfullname,"\",1)-3))
end sub


' ====================================================================================================
' 小函数
sub sleep( stime )                          ' 延时 stime 毫秒
    wscript.sleep stime
end sub
sub sendkeys( strkey )                      ' 发送按键
    createobject("wscript.shell").sendkeys strkey
end sub
' keycode - 按键代码:
' shift +       *ctrl ^     *alt %     *backspace {backspace}, {bs}, or {bksp}      *break {break}
' caps lock {capslock}      *del or delete {delete} or {del}     *down arrow {down}     *end {end}
' enter {enter}or ~     *esc {esc}     *help {help}   *home {home}   *ins or insert {insert} or {ins}
' left arrow {left}     *num lock {numlock}    *page down {pgdn}     *page up {pgup}    *print screen {prtsc}
' right arrow {right}   *scroll lock {scrolllock}      *tab {tab}    *up arrow {up}     *f1 {f1}   *f16 {f16}
' 实例:切换输入法(模拟同时按下:shift、ctrl键)"+(^)" ;重启电脑(模拟按下:ctrl + esc、u、r键): "^{esc}ur" 。
' 同时按键:在按 e和 c的同时按 shift 键: "+(ec)" ;在按 e时只按 c(而不按 shift): "+ec" 。
' 重复按键:按 10 次 "x": "{x 10}"。按键和数字间有空格。
' 特殊字符:发送 “+”、“^” 特殊的控制按键:"{+}"、"{^}"
' 注意:只可以发送重复按一个键的按键。例如,可以发送 10次 "x",但不可发送 10次 "ctrl+x"。 
' 注意:不能向应用程序发送 print screen键{prtsc}。
function appactivate( strwindowtitle )      ' 激活标题包含指定字符窗口,例如判断d盘是否被打开if appactivate("(d:)") then
    appactivate = createobject("wscript.shell").appactivate( strwindowtitle )
end function


' ====================================================================================================
' showmsg 消息弹窗
sub warninginfo( strtitle, strmsg, stime )
    createobject("wscript.shell").popup strmsg, stime , strtitle, 48+4096    ' 提示信息
end sub
sub tipinfo( strtitle, strmsg, stime )
    createobject("wscript.shell").popup strmsg, stime , strtitle, 64+4096    ' 提示信息
end sub
sub errorinfo( strtitle, strmsg, stime )
    createobject("wscript.shell").popup strmsg, stime , strtitle, 16+4096    ' 提示信息
end sub

' ====================================================================================================
' runapp 执行程序
sub run( strcmd )
    createobject("wscript.shell").run strcmd, 1, true       ' 正常运行 + 等待程序运行完成
end sub
sub runnotwait( strcmd )
    createobject("wscript.shell").run strcmd, 1, false      ' 正常运行 + 不等待程序运行完成
end sub
sub runhide( strcmd )
    createobject("wscript.shell").run strcmd, 0, true       ' 隐藏后台运行 + 等待程序运行完成
end sub
sub runhidenotwait( strcmd )
    createobject("wscript.shell").run strcmd, 0, false      ' 隐藏后台运行 + 不等待程序运行完成
end sub

' ====================================================================================================
' cmd 命令集
' ----------------------------------------------------------------------------------------------------
' ----------------------------------------------------------------------------------------------------
' 获取cmd输出
function cmdout(str)
        set ws = createobject("wscript.shell")
        host = wscript.fullname
        'demon注:这里不用这么复杂吧,lcase(right(host, 11))不就行了
        if lcase( right(host, len(host)-instrrev(host,"\")) ) = "wscript.exe" then
                ws.run "cscript """ & wscript.scriptfullname & chr(34), 0
                wscript.quit
        end if
        set oexec = ws.exec(str)
        cmdout = oexec.stdout.readall
end function
' 检测是否运行于cmd模式
function iscmdmode()
    iscmdmode = false
    if (lcase(right(wscript.fullname,11)) = lcase("cscript.exe")) then iscmdmode = true
end function
' exist 检测文件或文件夹是否存在
function exist( strpath )
    exist = false
    set fso = createobject("scripting.filesystemobject")
    if ((fso.folderexists(strpath)) or (fso.fileexists(strpath))) then exist = true
    set fso = nothing
end function
' ----------------------------------------------------------------------------------------------------
' md 创建文件夹路径
sub md( byval strpath )
    dim arrpath, strtemp, valstart
    arrpath = split(strpath, "\")
    if left(strpath, 2) = "\\" then    ' unc path
        valstart = 3
        strtemp = arrpath(0) & "\" & arrpath(1) & "\" & arrpath(2)
    else                              ' local path
        valstart = 1
        strtemp = arrpath(0)
    end if
    set fso = createobject("scripting.filesystemobject")
    for i = valstart to ubound(arrpath)
        strtemp = strtemp & "\" & arrpath(i)
        if not fso.folderexists( strtemp ) then fso.createfolder( strtemp )
    next
    set fso = nothing
end sub
' ----------------------------------------------------------------------------------------------------
' copy 复制文件或文件夹
sub copy( byval strsource, byval strdestination )
    on error resume next ' required 必选
    set fso = createobject("scripting.filesystemobject")
    if (fso.fileexists(strsource)) then               ' 如果来源是一个文件
        if (fso.folderexists(strdestination)) then    ' 如果目的地是一个文件夹,加上路径后缀反斜线“\”
            fso.copyfile fso.getfile(strsource).path, fso.getfolder(strdestination).path & "\", true
        else                                          ' 如果目的地是一个文件,直接复制
            fso.copyfile fso.getfile(strsource).path, strdestination, true
        end if
    end if                                             ' 如果来源是一个文件夹,复制文件夹
    if (fso.folderexists(strsource)) then fso.copyfolder fso.getfolder(strsource).path, fso.getfolder(strdestination).path, true
    set fso = nothing
end sub
' ----------------------------------------------------------------------------------------------------
' del 删除文件或文件夹
sub del( strpath )
    on error resume next ' required 必选
    set fso = createobject("scripting.filesystemobject")
    if (fso.fileexists(strpath)) then
        fso.getfile( strpath ).attributes = 0
        fso.getfile( strpath ).delete
    end if
    if (fso.folderexists(strpath)) then
        fso.getfolder( strpath ).attributes = 0
        fso.getfolder( strpath ).delete
    end if
    set fso = nothing
end sub
' ----------------------------------------------------------------------------------------------------
' attrib 改变文件属性
sub attrib( strpath, strargs )    'strargs = [+r | -r] [+a | -a ] [+s | -s] [+h | -h]
    dim fso, valattrib, arrattrib()
    set fso = createobject("scripting.filesystemobject")
    if (fso.fileexists(strpath)) then valattrib = fso.getfile( strpath ).attributes
    if (fso.folderexists(strpath)) then valattrib = fso.getfolder( strpath ).attributes
    if valattrib = "" or strargs = "" then exit sub
    binattrib = dectobin(valattrib)   ' 十进制转二进制
    for i = 0 to 16                   ' 二进制转16位二进制
        redim preserve arrattrib(i) : arrattrib(i) = 0
        if i > 16-len(binattrib) then arrattrib(i) = mid(binattrib, i-(16-len(binattrib)), 1)
    next
    if instr(1, lcase(strargs), "+r", 1) then arrattrib(16-0) = 1   'readonly 1 只读文件。
    if instr(1, lcase(strargs), "-r", 1) then arrattrib(16-0) = 0
    if instr(1, lcase(strargs), "+h", 1) then arrattrib(16-1) = 1   'hidden 2 隐藏文件。
    if instr(1, lcase(strargs), "-h", 1) then arrattrib(16-1) = 0
    if instr(1, lcase(strargs), "+s", 1) then arrattrib(16-2) = 1   'system 4 系统文件。
    if instr(1, lcase(strargs), "-s", 1) then arrattrib(16-2) = 0
    if instr(1, lcase(strargs), "+a", 1) then arrattrib(16-5) = 1   'archive 32 上次备份后已更改的文件。
    if instr(1, lcase(strargs), "-a", 1) then arrattrib(16-5) = 0
    valattrib = bintodec(join(arrattrib,""))   ' 二进制转十进制
    if (fso.fileexists(strpath)) then fso.getfile( strpath ).attributes = valattrib
    if (fso.folderexists(strpath)) then fso.getfolder( strpath ).attributes = valattrib
    set fso = nothing
end sub
function dectobin(byval number)    ' 十进制转二进制
   dim remainder
   remainder = number
   do while remainder > 0
      dectobin = cstr(remainder mod 2) & dectobin
      remainder = remainder \ 2
   loop
end function
function bintodec(byval binstr)    ' 二进制转十进制
   dim i
   for i = 1 to len(binstr)
      bintodec = bintodec + (cint(mid(binstr, i, 1)) * (2 ^ (len(binstr) - i)))
   next
end function
' ----------------------------------------------------------------------------------------------------
' ping 判断网络是否联通
function ping(host)
    on error resume next
    ping = false :   if host = "" then exit function
    set objping = getobject("winmgmts:{impersonationlevel=impersonate}").execquery("select * from win32_pingstatus where address = '" & host & "'")
    for each objstatus in objping
        if objstatus.responsetime >= 0 then ping = true :   exit for
    next
    set objping = nothing
end function

' ====================================================================================================
' 获取当前的日期时间,并格式化
function nowdatetime()
    'myweek = "周" & right(weekdayname(weekday(date())), 1) & " "
    myweek = ""
    nowdatetime = myweek & format_time(now(),2) & " " & format_time(now(),3)
end function
function format_time(s_time, n_flag)
    dim y, m, d, h, mi, s
    format_time = ""
    if isdate(s_time) = false then exit function
    y = cstr(year(s_time))
    m = cstr(month(s_time))
        if len(m) = 1 then m = "0" & m
    d = cstr(day(s_time))
        if len(d) = 1 then d = "0" & d
    h = cstr(hour(s_time))
        if len(h) = 1 then h = "0" & h
    mi = cstr(minute(s_time))
        if len(mi) = 1 then mi = "0" & mi
    s = cstr(second(s_time))
        if len(s) = 1 then s = "0" & s
    select case n_flag
        case 1
            format_time = y  & m & d  & h  & mi  & s    ' yyyy-mm-dd hh:mm:ss
        case 2
            format_time = y & "-" & m & "-" & d    ' yyyy-mm-dd
        case 3
            format_time = h & ":" & mi & ":" & s   ' hh:mm:ss
        case 4
            format_time = y & "年" & m & "月" & d & "日"    ' yyyy年mm月dd日
        case 5
            format_time = y & m & d    ' yyyymmdd
    end select
end function


' ====================================================================================================
' 检查字符串是否符合正则表达式
'msgbox join(regexptest( "[a-z]+-[a-z]+", "a-v d-f b-c" ,"value"), vbcrlf)
'msgbox regexptest( "[a-z]+-[a-z]+", "a-v d-f b-c" ,"count")
'msgbox regexptest( "[a-z]+-[a-z]+", "a-v d-f b-c" ,"")
function regexptest(patrn, strng, mode)
    dim regex, match, matches      ' 建立变量。
    set regex = new regexp         ' 建立正则表达式。
        regex.pattern = patrn      ' 设置模式。
        regex.ignorecase = true    ' 设置是否区分字符大小写。
        regex.global = true        ' 设置全局可用性。
    dim retstr, arrmatchs(), i  :  i = -1
    set matches = regex.execute(strng)     ' 执行搜索。
    for each match in matches              ' 遍历匹配集合。
        i = i + 1
        redim preserve arrmatchs(i)        ' 动态数组:数组随循环而变化
        arrmatchs(i) = match.value
        retstr = retstr & "match found at position " & match.firstindex & ". match value is '" & match.value & "'." & vbcrlf
    next
    if lcase(mode) = lcase("value") then regexptest = arrmatchs       ' 以数组返回所有符合表达式的所有数据
    if lcase(mode) = lcase("count") then regexptest = matches.count   ' 以整数返回符合表达式的所有数据总数
    if isempty(regexptest) then regexptest = retstr                   ' 返回所有匹配结果
end function


' ====================================================================================================
' 读写注册表
function regread( strkey )
    on error resume next
    set wso = createobject("wscript.shell")
    regread = wso.regread( strkey )    'strkey = "hkey_local_machine\software\microsoft\windows\currentversion\run\doctip"
    if isarray( regread ) then regread = join(regread, vbcrlf)
    set wso = nothing
end function
' 写注册表
function regwrite( strkey, strkeyval, strkeytype )
    on error resume next
    dim fso, strtmp
    regwrite = flase
    set wso = createobject("wscript.shell")
    wso.regwrite strkey, strkeyval, strkeytype
    strtmp = wso.regread( strkey )
    if strtmp <> "" then regwrite = true
    set wso = nothing
end function

' ====================================================================================================
' 读写ini文件(unicode)   readiniunicode / writeiniunicode
' this subroutine writes a value to an ini file
'
' arguments:
' myfilepath  [string]  the (path and) file name of the ini file
' mysection   [string]  the section in the ini file to be searched
' mykey           [string]  the key whose value is to be written
' myvalue         [string]  the value to be written (mykey will be
'                                           deleted if myvalue is <delete_this_value>)
'
' returns:
' n/a
'
' caveat:         writeini function needs readiniunicode function to run
'
' written by keith lacelle
' modified by denis st-pierre, johan pol and rob van der woude
sub writeiniunicode( myfilepath, mysection, mykey, myvalue )
        on error resume next

        const forreading   = 1
        const forwriting   = 2
        const forappending = 8
        const tristatetrue = -1

        dim blninsection, blnkeyexists, blnsectionexists, blnwritten
        dim intequalpos
        dim objfso, objnewini, objorgini, wshshell
        dim strfilepath, strfolderpath, strkey, strleftstring
        dim strline, strsection, strtempdir, strtempfile, strvalue

        strfilepath = trim( myfilepath )
        strsection  = trim( mysection )
        strkey          = trim( mykey )
        strvalue        = trim( myvalue )

        set objfso   = createobject( "scripting.filesystemobject" )
        set wshshell = createobject( "wscript.shell" )

        strtempdir  = wshshell.expandenvironmentstrings( "%temp%" )
        strtempfile = objfso.buildpath( strtempdir, objfso.gettempname )

        set objorgini = objfso.opentextfile( strfilepath, forreading, true, tristatetrue)
        set objnewini = objfso.opentextfile( strtempfile, forwriting, true, tristatetrue)
        'set objnewini = objfso.createtextfile( strtempfile, false, false )

        blninsection         = false
        blnsectionexists = false
        ' check if the specified key already exists
        blnkeyexists         = ( readiniunicode( strfilepath, strsection, strkey ) <> "" )
        blnwritten           = false

        ' check if path to ini file exists, quit if not
        strfolderpath = mid( strfilepath, 1, instrrev( strfilepath, "\" ) )
        if not objfso.folderexists ( strfolderpath ) then
                rem wscript.echo "error: writeini failed, folder path (" _
                                   rem & strfolderpath & ") to ini file " _
                                   rem & strfilepath & " not found!"
                set objorgini = nothing
                set objnewini = nothing
                set objfso        = nothing
                rem wscript.quit 1
                exit sub
        end if

        while objorgini.atendofstream = false
                strline = trim( objorgini.readline )
                if blnwritten = false then
                        if lcase( strline ) = "[" & lcase( strsection ) & "]" then
                                blnsectionexists = true
                                blninsection = true
                        elseif instr( strline, "[" ) = 1 then
                                blninsection = false
                        end if
                end if

                if blninsection then
                        if blnkeyexists then
                                intequalpos = instr( 1, strline, "=", vbtextcompare )
                                if intequalpos > 0 then
                                        strleftstring = trim( left( strline, intequalpos - 1 ) )
                                        if lcase( strleftstring ) = lcase( strkey ) then
                                                ' only write the key if the value isn't empty
                                                ' modification by johan pol
                                                if strvalue <> "<delete_this_value>" then
                                                        objnewini.writeline strkey & "=" & strvalue
                                                end if
                                                blnwritten   = true
                                                blninsection = false
                                        end if
                                end if
                                if not blnwritten then
                                        objnewini.writeline strline
                                end if
                        else
                                objnewini.writeline strline
                                        ' only write the key if the value isn't empty
                                        ' modification by johan pol
                                        if strvalue <> "<delete_this_value>" then
                                                objnewini.writeline strkey & "=" & strvalue
                                        end if
                                blnwritten   = true
                                blninsection = false
                        end if
                else
                        objnewini.writeline strline
                end if
        wend

        if blnsectionexists = false then ' section doesn't exist
                objnewini.writeline
                objnewini.writeline "[" & strsection & "]"
                        ' only write the key if the value isn't empty
                        ' modification by johan pol
                        if strvalue <> "<delete_this_value>" then
                                objnewini.writeline strkey & "=" & strvalue
                        end if
        end if

        objorgini.close
        objnewini.close

        ' delete old ini file
        objfso.deletefile strfilepath, true
        ' rename new ini file
        objfso.movefile strtempfile, strfilepath

        set objorgini = nothing
        set objnewini = nothing
        set objfso        = nothing
        set wshshell  = nothing

end sub
function readiniunicode( myfilepath, mysection, mykey )
        on error resume next

        const forreading   = 1
        const forwriting   = 2
        const forappending = 8
        const tristatetrue = -1

        dim intequalpos
        dim objfso, objinifile
        dim strfilepath, strkey, strleftstring, strline, strsection

        set objfso = createobject( "scripting.filesystemobject" )

        readiniunicode         = ""
        strfilepath = trim( myfilepath )
        strsection  = trim( mysection )
        strkey          = trim( mykey )

        if objfso.fileexists( strfilepath ) then
                set objinifile = objfso.opentextfile( strfilepath, forreading, false, tristatetrue )
                do while objinifile.atendofstream = false
                        strline = trim( objinifile.readline )

                        ' check if section is found in the current line
                        if lcase( strline ) = "[" & lcase( strsection ) & "]" then
                                strline = trim( objinifile.readline )

                                ' parse lines until the next section is reached
                                do while left( strline, 1 ) <> "["
                                        ' find position of equal sign in the line
                                        intequalpos = instr( 1, strline, "=", 1 )
                                        if intequalpos > 0 then
                                                strleftstring = trim( left( strline, intequalpos - 1 ) )
                                                ' check if item is found in the current line
                                                if lcase( strleftstring ) = lcase( strkey ) then
                                                        readiniunicode = trim( mid( strline, intequalpos + 1 ) )
                                                        ' in case the item exists but value is blank
                                                        if readiniunicode = "" then
                                                                readiniunicode = " "
                                                        end if
                                                        ' abort loop when item is found
                                                        exit do
                                                end if
                                        end if

                                        ' abort if the end of the ini file is reached
                                        if objinifile.atendofstream then exit do

                                        ' continue with next line
                                        strline = trim( objinifile.readline )
                                loop
                        exit do
                        end if
                loop
                objinifile.close
        else
                rem wscript.echo strfilepath & " doesn't exists. exiting..."
                rem wscript.quit 1
                rem msgbox strfilepath & " doesn't exists. exiting..."
                exit function
        end if
end function

' ====================================================================================================
' 写文本日志
sub writelog(str, file)
    if (file = "") or (str = "") then exit sub
    str = nowdatetime & "   " & str & vbcrlf
    dim fso, wtxt
    const forappending = 8         'forreading = 1 (只读不写), forwriting = 2 (只写不读), forappending = 8 (在文件末尾写)
    const create = true            'boolean 值,filename 不存在时是否创建新文件。允许创建为 true,否则为 false。默认值为 false。
    const tristatetrue = -1        'tristateusedefault = -2 (systemdefault), tristatetrue = -1 (unicode), tristatefalse = 0 (ascii)

    on error resume  next
    set fso = createobject("scripting.filesystemobject")
    set wtxt = fso.opentextfile(file, forappending, create, tristatetrue)
    wtxt.write str
    wtxt.close()
    set fso = nothing
    set wtxt = nothing
end sub

 

' ====================================================================================================
' 程序控制
' 检测是否运行
function isrun(byval appname, byval apppath)   ' eg: call isrun("mshta.exe", "c:\test.hta")
    isrun = 0 : i = 0
    for each ps in getobject("winmgmts:\\.\root\cimv2:win32_process").instances_
        if lcase(ps.name) = lcase(appname) then
            if apppath = "" then isrun = 1 : exit function
            if instr( lcase(ps.commandline) , lcase(apppath) ) then i = i + 1
        end if
    next
    isrun = i
end function
' ----------------------------------------------------------------------------------------------------
' 检测自身是否重复运行
function meisalreadyrun()
    meisalreadyrun = false
    if ((isrun("wscript.exe",wscript.scriptfullname)>1) or (isrun("cscript.exe",wscript.scriptfullname)>1)) then meisalreadyrun = true
end function
' ----------------------------------------------------------------------------------------------------
' 关闭进程
sub close_process(processname)
    'on error resume next
    for each ps in getobject("winmgmts:\\.\root\cimv2:win32_process").instances_    '循环进程
        if ucase(ps.name)=ucase(processname) then
            ps.terminate
        end if
    next
end sub


' ====================================================================================================
' 系统
' 检查操作系统版本
sub checkos()
    if lcase(osver()) <> "xp" then
        msgbox "不支持该操作系统!    ", 48+4096, "警告"
        wscript.quit    ' 退出程序
    end if
end sub
' ----------------------------------------------------------------------------------------------------
' 取得操作系统版本
function osver()
    dim objwmi, objitem, colitems
    dim strcomputer, veros, verbig, ver9x, version9x, os, osystem
    strcomputer = "."
    set objwmi = getobject("winmgmts:\\" & strcomputer & "\root\cimv2")
    set colitems = objwmi.execquery("select * from win32_operatingsystem",,48)
    for each objitem in colitems
        verbig = left(objitem.version,3)
    next
    select case verbig
        case "6.1" osystem = "win7"
        case "6.0" osystem = "vista"
        case "5.2" osystem = "windows 2003"
        case "5.1" osystem = "xp"
        case "5.0" osystem = "w2k"
        case "4.0" osystem = "nt4.0"
        case else osystem = "unknown"
                  if cint(join(split(verbig,"."),"")) < 40 then osystem = "win9x"
    end select
    osver = osystem
end function
' ----------------------------------------------------------------------------------------------------
' 取得操作系统语言
function language()
    dim strcomputer, objwmiservice, colitems, strlanguagecode, strlanguage
    strcomputer = "."
    set objwmiservice = getobject("winmgmts://" &strcomputer &"/root/cimv2")
    set colitems = objwmiservice.execquery("select * from win32_operatingsystem")
    for each objitem in colitems
        strlanguagecode = objitem.oslanguage
    next
    select case strlanguagecode
        case "1033" strlanguage = "en"
        case "2052" strlanguage = "chs"
        case else  strlanguage = "en"
    end select
    language = strlanguage
end function

' ====================================================================================================
' 加密自身
sub meencoder()
    dim meapppath, meappname, meappfx, meappencodefile, data
    meapppath = left(wscript.scriptfullname, instrrev(wscript.scriptfullname,"\"))
    meappname = left( wscript.scriptname, instrrev(wscript.scriptname,".") - 1 )
    meappfx = right(wscript.scriptname, len(wscript.scriptname) - instrrev(wscript.scriptname,".") + 1 )
    meappencodefile = meapppath & meappname & ".s.vbe"
    if not ( lcase(meappfx) = lcase(".vbs") ) then exit sub
    set fso = createobject("scripting.filesystemobject")
    data = fso.opentextfile(wscript.scriptfullname, 1, false, -1).readall
    data = createobject("scripting.encoder").encodescriptfile(".vbs", data, 0, "vbscript")
    fso.opentextfile(meappencodefile, 2, true, -1).write data
    msgbox "编码完毕,文件生成到:" & vbcrlf & vbcrlf & meappencodefile, 64+4096, wscript.scriptname
    set fso = nothing
    wscript.quit
end sub