兴国资源网 Design By www.nnzcdc.com
监视进程的创建,在每次创建新的进程时,临时事件消费程序都发出警报。
1.监视进程的创建
复制代码 代码如下:
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colMonitoredProcesses = objWMIService. _
ExecNotificationQuery("select * from __instancecreationevent " _
& " within 1 where TargetInstance isa 'Win32_Process'")
i = 0
Do While i = 0
Set objLatestProcess = colMonitoredProcesses.NextEvent
Wscript.Echo objLatestProcess.TargetInstance.Name
Loop
2.监视进程的删除,在每次进程终止时,临时事件消费程序都发出警报。
复制代码 代码如下:
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colMonitoredProcesses = objWMIService. _
ExecNotificationQuery("select * from __instancedeletionevent " _
& "within 1 where TargetInstance isa 'Win32_Process'")
i = 0
Do While i = 0
Set objLatestProcess = colMonitoredProcesses.NextEvent
Wscript.Echo objLatestProcess.TargetInstance.Name
Loop
3.监视进程使用处理器的情况
复制代码 代码如下:
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colProcesses = objWMIService.ExecQuery _
("Select * from Win32_process")
For Each objProcess in colProcesses
sngProcessTime = ( CSng(objProcess.KernelModeTime) + _
CSng(objProcess.UserModeTime)) / 10000000
Wscript
1.监视进程的创建
复制代码 代码如下:
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colMonitoredProcesses = objWMIService. _
ExecNotificationQuery("select * from __instancecreationevent " _
& " within 1 where TargetInstance isa 'Win32_Process'")
i = 0
Do While i = 0
Set objLatestProcess = colMonitoredProcesses.NextEvent
Wscript.Echo objLatestProcess.TargetInstance.Name
Loop
2.监视进程的删除,在每次进程终止时,临时事件消费程序都发出警报。
复制代码 代码如下:
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colMonitoredProcesses = objWMIService. _
ExecNotificationQuery("select * from __instancedeletionevent " _
& "within 1 where TargetInstance isa 'Win32_Process'")
i = 0
Do While i = 0
Set objLatestProcess = colMonitoredProcesses.NextEvent
Wscript.Echo objLatestProcess.TargetInstance.Name
Loop
3.监视进程使用处理器的情况
复制代码 代码如下:
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colProcesses = objWMIService.ExecQuery _
("Select * from Win32_process")
For Each objProcess in colProcesses
sngProcessTime = ( CSng(objProcess.KernelModeTime) + _
CSng(objProcess.UserModeTime)) / 10000000
Wscript
参考链接:
- 监视进程的创建
- 监视进程的删除
兴国资源网 Design By www.nnzcdc.com
广告合作:本站广告合作请联系QQ:858582 申请时备注:广告合作(否则不回)
免责声明:本站资源来自互联网收集,仅供用于学习和交流,请遵循相关法律法规,本站一切资源不代表本站立场,如有侵权、后门、不妥请联系本站删除!
免责声明:本站资源来自互联网收集,仅供用于学习和交流,请遵循相关法律法规,本站一切资源不代表本站立场,如有侵权、后门、不妥请联系本站删除!
兴国资源网 Design By www.nnzcdc.com
暂无评论...
更新日志
2024年05月22日
2024年05月22日
- 《邓紫棋精选》[FLAC/分轨][980MB]
- 出发吧麦芬尤米尔深渊试炼怎么过 尤米尔深渊阵容打法攻略
- dnf属性lv转移是什么意思
- dnf属性成长用什么材料
- 《贪婪之秋2》登陆平台介绍
- 《机器节奏》成就达成条件一览
- 2024年04月13日
- TOGE-12083-84【TchaikovskySwanlake-AndrePrevin】2CD【ISO】
- SusieArioli,JordanOfficer-NightLights[SP1020](2014)[FLAC]
- 东野圭吾改编新片《彷徨之刃》豆瓣6.6:寡淡又平庸
- 游戏史的绝对经典 CDPR庆祝《巫师3》9周年纪念!
- 波音又出事!一架载468人大型客机的引擎突然起火
- 群星.1994-华纳IN爆榜3辑【华纳】【WAV+CUE】
- 古巨基.2008-GUITAR.FEVER(LPCD45)【金牌大风】【WAV+CUE】
- 自然卷.2005-大卷包小卷【风和日丽】【WAV+CUE】