vbs枚举进程 vbs列出进程的详细列表

时间:2021-05-22

今天要说的是用VBS(VBScript脚本)来枚举Windows操作系统的进程,这样做的用处在什么地方呢?举个例子吧,比如你有时候想监控某个进程是否在运行,这就非常有用了.

示例:

用VBS脚本枚举进程

'enum.vbsDim WMI,Objs,ProcessSet WMI=GetObject("WinMgmts:")Set Objs=WMI.InstancesOf("Win32_Process")Process=""For Each Obj In Objs Process=Process & Obj.Description & Chr(13) & Chr(10)NextMsgBox Process

我在这儿采用的方式是弹出一个对话框,方便观看嘛,当然你也可以使用FSO来生成一个文本文件保存起来.
前面说到要监控某个进程是否在运行,实现如下.
示例:

'monitor.vbs'检测IE是否在运行中Dim WMI,Objs,ProcessSet WMI=GetObject("WinMgmts:")Set Objs=WMI.InstancesOf("Win32_Process")Process=""For Each Obj In Objs'Process=Process & Obj.Description & Chr(13) & Chr(10)Process = Obj.Descriptionif Process = "iexplore.exe" thenmsgbox "IE在运行中..."end ifNext

呵呵,当然,还可以引申出来其它应用.

下面给大家分享一个列举进程详细列表的vbs

' FileName: ProcessMagnifier.vbs' Function: Capture information about the running processes in detail' code by somebody' QQ: 240460440' LastModified: 2007-12-9 18:50const HKEY_CURRENT_USER = &H80000001Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")strKeyPath = "Console\%SystemRoot%_system32_cmd.exe"oReg.CreateKey HKEY_CURRENT_USER,strKeyPathstrValueName1 = "CodePage"dwValue1 = 936strValueName2 = "ScreenBufferSize"dwValue2 = 98304200strValueName3 = "WindowSize"dwValue3 = 2818173strValueName4 = "HistoryNoDup"dwValue4 = 0strValueName5 = "WindowPosition"dwValue5 = 131068strValueName6 = "QuickEdit"dwValue6 = 2048oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName1,dwValue1oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName2,dwValue2oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName3,dwValue3oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName4,dwValue4oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName5,dwValue5oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName6,dwValue6Dim objWSH, FinalPathSet objWSH = WScript.CreateObject("WScript.Shell")If (Lcase(Right(WScript.Fullname,11))="wscript.exe") Then FinalPath = "'" & WScript.ScriptFullName & "'" objWSH.Run("cmd.exe /k cscript //nologo " &Replace(FinalPath,"'","""")) WScript.QuitEnd IfoReg.DeleteKey HKEY_CURRENT_USER, strKeyPathSet oReg = nothingWscript.Sleep 1000Mystr = Array(115,111,109,101,98,111,100,121)for i=0 to Ubound(Mystr) author=author&chr(Mystr(i))NextWScript.EchoWScript.Sleep 3000WScript.Echo "当前正在运行的进程简要信息列表如下:"WScript.Echo vbCrLfWScript.Sleep 2000Dim MyOBJProcessNameSet OBJWMIProcess = GetObject("winmgmts:\\.\root\cimv2").ExecQuery("Select * From Win32_Process") WScript.Echo "Name: Priority: PID: Owner:" &vbTab&vbTab&"ExecutablePath: " WScript.Echo "---------------------------------------------------------------------------------------" For Each OBJProcess in OBJWMIProcess MyOBJProcessName=OBJProcess.Name&" " colProperties = OBJProcess.GetOwner(strNameOfUser,strUserDomain) WScript.Echo Mid(MyOBJProcessName,1,20) &vbTab& OBJProcess.Priority &vbTab& OBJProcess.ProcessID &vbTab& strNameOfUser &vbTab&vbTab& OBJProcess.ExecutablePath Next WScript.Sleep 5000WScript.Echo vbCrLfWScript.Echo "当前正在运行的进程以及其加载的模块详细信息树状结构如下:"WScript.Echo vbCrLfWScript.Sleep 3000WScript.Echo vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab& vbTab&"创建时间 文件制造商"Set OBJWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")Set OBJRefresher = CreateObject("WbemScripting.SWbemRefresher")Set colItems = OBJRefresher.AddEnum(OBJWMIService,"Win32_PerfFormattedData_PerfProc_FullImage_Costly").ObjectSetOBJRefresher.RefreshFor Each OBJItem In colItems Dim originalPath, ModulePath, WMIPathMode, FileManufacturer, LCaseModulePath Dim FileExtension, mark, MyLCaseModulePath, FinalModulePath originalPath = OBJItem.Name ModulePath = Split(originalPath,"/") WMIPathMode = Replace(ModulePath(1),"\","\\") Set OBJWMI = GetObject("winmgmts:\\.\root\CIMV2") Set colManufacturer = OBJWMI.ExecQuery("SELECT * FROM CIM_DataFile Where Name='" & WMIPathMode & "'") For Each OBJManufacturer In colManufacturer FileManufacturer=Trim(OBJManufacturer.Manufacturer) LCaseModulePath=LCase(Trim(OBJManufacturer.Name)) FileExtension=Right(LCaseModulePath, 3) MyLCaseModulePath=LCaseModulePath & " " Set FSO = CreateObject("Scripting.FileSystemObject").GetFile(LCaseModulePath) If FileExtension="exe" Then mark="├—" FinalModulePath=Mid(MyLCaseModulePath,1,118) WScript.Echo "│" Else mark="│├─" FinalModulePath=Mid(MyLCaseModulePath,1,116) End If WScript.Echo mark & FinalModulePath & FSO.DateCreated &vbTab& FileManufacturer NextNextMyVBSPath = "'" & WScript.ScriptFullName & "'" Myclipboard = "cscript //nologo " & Replace(MyVBSPath,"'","""")Set objIE = CreateObject("InternetExplorer.Application") objIE.Navigate("about:blank") objIE.document.parentwindow.clipboardData.SetData "text", Myclipboard

经过测试效果很不错,喜欢vbs的朋友可以学习一下。

声明:本页内容来源网络,仅供用户参考;我单位不保证亦不表示资料全面及准确无误,也不保证亦不表示这些资料为最新信息,如因任何原因,本网内容或者用户因倚赖本网内容造成任何损失或损害,我单位将不会负任何法律责任。如涉及版权问题,请提交至online#300.cn邮箱联系删除。

相关文章