‹‹ 上一主题 | 下一主题 ››
发新话题
打印

[转载]kevin1986的查杀进程的VBE代码

金州

智囊团成员

Rank: 7Rank: 7Rank: 7Rank: 7

E.S.T智囊团成员

帖子
1243 
精华
8 
积分
6153 
阅读权限
150 
性别
男 
在线时间
593 小时 
注册时间
2005-3-18 
最后登录
2008-6-6 

原创技术奖

楼主 发表于 2005-12-17 07:08  只看该作者

[转载]kevin1986的查杀进程的VBE代码

文章作者:kevin1986
信息来源:邪恶八进制信息安全团队(www.eviloctal.com


On error resume next

if (lcase(right(wscript.fullname,11))="wscript.exe") then
  wscript.echo "Execute it under the cmd.exe Plz! Thx."
  wscript.quit
end if
Set wmi = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")

action=lcase(trim(Wscript.Arguments(0)))

select case action
  case "pslist"
    pslist
  case "pskill"
    pskill
  case else
    usage
end select


function pslist()
  if Wscript.Arguments.count<2 then
    set process=wmi.execquery("select * from win32_process")
    wscript.echo "PID    Process" & chr(10) & "-----------------------------"
    for each objprocess in process
      wscript.echo objprocess.processid & space(6) & objprocess.name & chr(10) & space(6) & objProcess.ExecutablePath & chr(10) &"-----------------------------"
    next
  else
    set process=wmi.execquery("select * from win32_process where processid=&#39;"&Wscript.Arguments(1)&"&#39;")
    for each objprocess in process
      wscript.echo "PID: [ " & objprocess.processid &" ]"& vbcrlf
      wscript.echo "Name: [ " & objprocess.name &" ]"& vbcrlf
      wscript.echo "Path: [ " & objProcess.ExecutablePath &" ]"& vbcrlf
      wscript.echo "Thread: [ " & objProcess.Threadcount &" ]"& vbcrlf
      wscript.echo "PFS: [ " & objProcess.PageFileUsage &" ]"& vbcrlf
      wscript.echo "PF: [ " & objProcess.PageFaults &" ]"& vbcrlf
      Wscript.Echo "WSS: [ " & objProcess.WorkingSetSize &" ]"& vbcrlf
      cputime=(CSng(objProcess.KernelModeTime) + CSng(objProcess.UserModeTime)) / 10000000
      Wscript.Echo "Time: [ " & cputime &" sec ]"& vbcrlf
    next
  end if
end function

function pskill()
  n=0
  if Wscript.Arguments.count<2 then
    wscript.echo "Plz type the the Process ID who you want to kill"
  else
  set process=wmi.execquery("select * from win32_process where processid=&#39;"&Wscript.Arguments(1)&"&#39;")
  for each objprocess in process
    n=n+1
    objprocess.terminate()
  next
  wscript.echo n & " process killed"
  end if
end function

function usage()
  wscript.echo "+-------codz By kEvin1986.solitude----------------------------------+"
  wscript.echo "|We Are Fighting Dreamers.                            |"
  wscript.echo "|Useage:                                        |"
  wscript.echo "|     cscript.exe solitude.vbe [pslist [PID]| pskill [PID]]     |"
  wscript.echo "+-------------------------------------------------------------------+"&chr(10)
end function
人情如冰六月寒,花做一份艳,为谁笑人间? 如果任何人发现我转载的有图像的文章中图像失效或者文章有问题,请及时短消息通知我。先谢谢。::)) coup de foudre

TOP

‹‹ 上一主题 | 下一主题 ››
发新话题