用VBS实现监视进程创建与删除的代码

2019-10-26 18:03:53

字体：大中小

来源：转载

供稿：网友

监视进程的创建，在每次创建新的进程时，临时事件消费程序都发出警报。

1.监视进程的创建
复制代码代码如下:

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!//" & strComputer & "/root/cimv2")
Set colMonitoredProcesses = objWMIService. _
ExecNotificationQuery("select * from __instancecreationevent " _
& " within 1 where TargetInstance isa 'Win32_Process'")
i = 0
Do While i = 0
Set objLatestProcess = colMonitoredProcesses.NextEvent
Wscript.Echo objLatestProcess.TargetInstance.Name
Loop

2.监视进程的删除，在每次进程终止时，临时事件消费程序都发出警报。

复制代码代码如下:

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!//" & strComputer & "/root/cimv2")
Set colMonitoredProcesses = objWMIService. _
ExecNotificationQuery("select * from __instancedeletionevent " _
& "within 1 where TargetInstance isa 'Win32_Process'")
i = 0
Do While i = 0
Set objLatestProcess = colMonitoredProcesses.NextEvent
Wscript.Echo objLatestProcess.TargetInstance.Name
Loop

3.监视进程使用处理器的情况
复制代码代码如下:

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!//" & strComputer & "/root/cimv2")
Set colProcesses = objWMIService.ExecQuery _
("Select * from Win32_process")
For Each objProcess in colProcesses
sngProcessTime = ( CSng(objProcess.KernelModeTime) + _
CSng(objProcess.UserModeTime)) / 10000000
Wscript

参考链接：

监视进程的创建

监视进程的删除

参考: http://hi.baidu.com/%B1%F9%D0%C4%B3%D5/blog/item/5691a1c3146ded55b219a861.html http://demon.tw/programming/vbs-monitoring-process-creation-and-deletion.html

上一篇：用VBS实现PHP的md5_file函数代码

下一篇：VBS中用CDO.Message发送邮件的实现代码

学习交流

电脑开不了机的原因和解决办法

电脑开不了机的原因和解决办法...

热门图片

猜你喜欢的新闻

猜你喜欢的关注