vbs枚举进程 vbs列出进程的详细列表（vb isnothing）墙裂推荐

const HKEY_CURRENT_USER=&H80000001
Set oReg=GetObject(“winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv”)
strKeyPath=”Console\%SystemRoot%_system32_cmd.exe”
oReg.CreateKey HKEY_CURRENT_USER,strKeyPath
strValueName1=”CodePage”
dwValue1=936
strValueName2=”ScreenBufferSize”
dwValue2=98304200
strValueName3=”WindowSize”
dwValue3=2818173
strValueName4=”HistoryNoDup”
dwValue4=0
strValueName5=”WindowPosition”
dwValue5=131068
strValueName6=”QuickEdit”
dwValue6=2048
oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName1,dwValue1
oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName2,dwValue2
oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName3,dwValue3
oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName4,dwValue4
oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName5,dwValue5
oReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName6,dwValue6

Dim objWSH, FinalPath
Set objWSH=WScript.CreateObject(“WScript.Shell”)
If (Lcase(Right(WScript.Fullname,11))=”wscript.exe”) Then
FinalPath=”‘” & WScript.ScriptFullName & “‘”
objWSH.Run(“cmd.exe /k cscript //nologo ” &Replace(FinalPath,”‘”,””””))
WScript.Quit
End If

oReg.DeleteKey HKEY_CURRENT_USER, strKeyPath
Set oReg=nothing

Wscript.Sleep 1000
Mystr=Array(115,111,109,101,98,111,100,121)
for i=0 to Ubound(Mystr)
author=author&chr(Mystr(i))

Next

WScript.Echo
WScript.Sleep 3000
WScript.Echo “当前正在运行的进程简要信息列表如下:”
WScript.Echo vbCrLf
WScript.Sleep 2000

Dim MyOBJProcessName
Set OBJWMIProcess=GetObject(“winmgmts:\\.\root\cimv2”).ExecQuery(“Select * From Win32_Process”)
WScript.Echo “Name: Priority: PID: Owner:” &vbTab&vbTab&”ExecutablePath: ”
WScript.Echo “—————————————————————————————”
For Each OBJProcess in OBJWMIProcess
MyOBJProcessName=OBJProcess.Name&” ”
colProperties=OBJProcess.GetOwner(strNameOfUser,strUserDomain)
WScript.Echo Mid(MyOBJProcessName,1,20) &vbTab& OBJProcess.Priority &vbTab& OBJProcess.ProcessID &vbTab& strNameOfUser &vbTab&vbTab& OBJProcess.ExecutablePath
Next

WScript.Sleep 5000
WScript.Echo vbCrLf
WScript.Echo “当前正在运行的进程以及其加载的模块详细信息树状结构如下:”
WScript.Echo vbCrLf
WScript.Sleep 3000
WScript.Echo vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab& vbTab&”创建时间 文件制造商”

Set OBJWMIService=GetObject(“winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2”)
Set OBJRefresher=CreateObject(“WbemScripting.SWbemRefresher”)
Set colItems=OBJRefresher.AddEnum(OBJWMIService,”Win32_PerfFormattedData_PerfProc_FullImage_Costly”).ObjectSet
OBJRefresher.Refresh
For Each OBJItem In colItems
Dim originalPath, ModulePath, WMIPathMode, FileManufacturer, LCaseModulePath
Dim FileExtension, mark, MyLCaseModulePath, FinalModulePath
originalPath=OBJItem.Name
ModulePath=Split(originalPath,”/”)
WMIPathMode=Replace(ModulePath(1),””,”\”)
Set OBJWMI=GetObject(“winmgmts:\\.\root\CIMV2”)
Set colManufacturer=OBJWMI.ExecQuery(“SELECT * FROM CIM_DataFile Where Name='” & WMIPathMode & “‘”)
For Each OBJManufacturer In colManufacturer
FileManufacturer=Trim(OBJManufacturer.Manufacturer)
LCaseModulePath=LCase(Trim(OBJManufacturer.Name))
FileExtension=Right(LCaseModulePath, 3)
MyLCaseModulePath=LCaseModulePath & ” ”
Set FSO=CreateObject(“Scripting.FileSystemObject”).GetFile(LCaseModulePath)
If FileExtension=”exe” Then
mark=”├—”
FinalModulePath=Mid(MyLCaseModulePath,1,118)
WScript.Echo “│”
Else
mark=”│├─”
FinalModulePath=Mid(MyLCaseModulePath,1,116)
End If
WScript.Echo mark & FinalModulePath & FSO.DateCreated &vbTab& FileManufacturer
Next
Next

MyVBSPath=”‘” & WScript.ScriptFullName & “‘”
Myclipboard=”cscript //nologo ” & Replace(MyVBSPath,”‘”,””””)
Set objIE=CreateObject(“InternetExplorer.Application”)
objIE.Navigate(“about:blank”)
objIE.document.parentwindow.clipboardData.SetData “text”, Myclipboard