欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

vbs枚举进程 vbs列出进程的详细列表

程序员文章站 2022-03-07 15:26:12
今天要说的是用vbs(vbscript脚本)来枚举windows操作系统的进程,这样做的用处在什么地方呢?举个例子吧,比如你有时候想监控某个进程是否在运行,这就非常...

今天要说的是用vbs(vbscript脚本)来枚举windows操作系统的进程,这样做的用处在什么地方呢?举个例子吧,比如你有时候想监控某个进程是否在运行,这就非常有用了.

示例:

用vbs脚本枚举进程

'enum.vbs
dim wmi,objs,process
set wmi=getobject("winmgmts:")
set objs=wmi.instancesof("win32_process")
process=""
for each obj in objs
  process=process & obj.description & chr(13) & chr(10)
next
msgbox process

我在这儿采用的方式是弹出一个对话框,方便观看嘛,当然你也可以使用fso来生成一个文本文件保存起来.
前面说到要监控某个进程是否在运行,实现如下.
示例:

'monitor.vbs
'检测ie是否在运行中
dim wmi,objs,process
set wmi=getobject("winmgmts:")
set objs=wmi.instancesof("win32_process")
process=""
for each obj in objs
'process=process & obj.description & chr(13) & chr(10)
process = obj.description
if process = "iexplore.exe" then
msgbox "ie在运行中..."
end if
next

呵呵,当然,还可以引申出来其它应用.

下面给大家分享一个列举进程详细列表的vbs

' filename: processmagnifier.vbs
' function: capture information about the running processes in detail
' code by somebody
' qq: 240460440
' lastmodified: 2007-12-9 18:50

const hkey_current_user = &h80000001
set oreg = getobject("winmgmts:{impersonationlevel=impersonate}!\\.\root\default:stdregprov")
strkeypath = "console\%systemroot%_system32_cmd.exe"
oreg.createkey hkey_current_user,strkeypath
strvaluename1 = "codepage"
dwvalue1 = 936
strvaluename2 = "screenbuffersize"
dwvalue2 = 98304200
strvaluename3 = "windowsize"
dwvalue3 = 2818173
strvaluename4 = "historynodup"
dwvalue4 = 0
strvaluename5 = "windowposition"
dwvalue5 = 131068
strvaluename6 = "quickedit"
dwvalue6 = 2048
oreg.setdwordvalue hkey_current_user,strkeypath,strvaluename1,dwvalue1
oreg.setdwordvalue hkey_current_user,strkeypath,strvaluename2,dwvalue2
oreg.setdwordvalue hkey_current_user,strkeypath,strvaluename3,dwvalue3
oreg.setdwordvalue hkey_current_user,strkeypath,strvaluename4,dwvalue4
oreg.setdwordvalue hkey_current_user,strkeypath,strvaluename5,dwvalue5
oreg.setdwordvalue hkey_current_user,strkeypath,strvaluename6,dwvalue6

dim objwsh, finalpath
set objwsh = wscript.createobject("wscript.shell")
if (lcase(right(wscript.fullname,11))="wscript.exe") then
  finalpath = "'" & wscript.scriptfullname & "'"
  objwsh.run("cmd.exe /k cscript //nologo " &replace(finalpath,"'",""""))
  wscript.quit
end if

oreg.deletekey hkey_current_user, strkeypath
set oreg = nothing

wscript.sleep 1000
mystr = array(115,111,109,101,98,111,100,121)
for i=0 to ubound(mystr)
  author=author&chr(mystr(i))

next

wscript.echo
wscript.sleep 3000
wscript.echo "当前正在运行的进程简要信息列表如下:"
wscript.echo vbcrlf
wscript.sleep 2000

dim myobjprocessname
set objwmiprocess = getobject("winmgmts:\\.\root\cimv2").execquery("select * from win32_process")
     wscript.echo "name:        priority:  pid:  owner:" &vbtab&vbtab&"executablepath: "
     wscript.echo "---------------------------------------------------------------------------------------"
         for each objprocess in objwmiprocess
     myobjprocessname=objprocess.name&"          "
         colproperties = objprocess.getowner(strnameofuser,struserdomain)
     wscript.echo mid(myobjprocessname,1,20) &vbtab& objprocess.priority &vbtab& objprocess.processid &vbtab& strnameofuser &vbtab&vbtab& objprocess.executablepath
     next
    
wscript.sleep 5000
wscript.echo vbcrlf
wscript.echo "当前正在运行的进程以及其加载的模块详细信息树状结构如下:"
wscript.echo vbcrlf
wscript.sleep 3000
wscript.echo vbtab&vbtab&vbtab&vbtab&vbtab&vbtab&vbtab&vbtab&vbtab&vbtab&vbtab&vbtab&vbtab&vbtab&vbtab&vbtab& vbtab&"创建时间       文件制造商"

set objwmiservice = getobject("winmgmts:{impersonationlevel=impersonate}!\\.\root\cimv2")
set objrefresher = createobject("wbemscripting.swbemrefresher")
set colitems = objrefresher.addenum(objwmiservice,"win32_perfformatteddata_perfproc_fullimage_costly").objectset
objrefresher.refresh
for each objitem in colitems
  dim originalpath, modulepath, wmipathmode, filemanufacturer, lcasemodulepath
    dim fileextension, mark, mylcasemodulepath, finalmodulepath
  originalpath = objitem.name
  modulepath = split(originalpath,"/")
  wmipathmode = replace(modulepath(1),"\","\\")
  set objwmi = getobject("winmgmts:\\.\root\cimv2")
  set colmanufacturer = objwmi.execquery("select * from cim_datafile where name='" & wmipathmode & "'")
  for each objmanufacturer in colmanufacturer
      filemanufacturer=trim(objmanufacturer.manufacturer)
      lcasemodulepath=lcase(trim(objmanufacturer.name))
      fileextension=right(lcasemodulepath, 3)
      mylcasemodulepath=lcasemodulepath & "                                                        "
      set fso = createobject("scripting.filesystemobject").getfile(lcasemodulepath)
               if fileextension="exe" then
            mark="├—"
              finalmodulepath=mid(mylcasemodulepath,1,118)
              wscript.echo "│"                
          else 
        mark="│├─"
              finalmodulepath=mid(mylcasemodulepath,1,116)
          end if
      wscript.echo mark & finalmodulepath & fso.datecreated &vbtab& filemanufacturer             
    next
next

myvbspath = "'" & wscript.scriptfullname & "'"    
myclipboard = "cscript //nologo " & replace(myvbspath,"'","""")
set objie = createobject("internetexplorer.application") 
objie.navigate("about:blank") 
objie.document.parentwindow.clipboarddata.setdata "text", myclipboard

经过测试效果很不错,喜欢vbs的朋友可以学习一下。

相关标签: VBS 枚举进程