wolf9228 Posted January 5, 2008 Share Posted January 5, 2008 (edited) expandcollapse popupDim $Notepad = @SystemDir & '\Notepad.exe' ;http://msdn2.microsoft.com/en-us/library/aa394372.aspx ;The following VBScript code example shows how to obtain the owner of each process ;on a local computer. You can use this script to obtain data from a remote computer ;, for example, to determine which users have processes running terminal server, ;substitute the name of the remote computer for "." in the first line. You must also ;be an administrator on the remote machine. ;Return Array Func UserDomainProcessList($User = @UserName, $Domain = @LogonDomain) Dim $List[1][3] $List[0][0] = 0;Array Count ;$List[1 to END][0] = [Caption] $List[0][1] = "[error]" $List[0][2] = "[ProcessId]" $strComputer = "." $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & $strComputer & "\root\cimv2") $colProcesses = $objWMIService.ExecQuery( _ "select * from win32_process" ) For $objProcess in $colProcesses If $objProcess.GetOwner ( $User, $Domain ) = 0 Then ReDim $List[$List[0][0] + 2][3] $List[$List[0][0] + 1][0] = $objProcess.Caption $List[$List[0][0] + 1][1] = $objProcess.GetOwner ( $User, $Domain ) $List[$List[0][0] + 1][2] = $objProcess.ProcessId $List[0][0] = $List[0][0] + 1 Else ReDim $List[$List[0][0] + 2][3] $List[$List[0][0] + 1][0] = $objProcess.Caption $List[$List[0][0] + 1][1] = $objProcess.GetOwner ( $User, $Domain ) $List[$List[0][0] + 1][2] = $objProcess.ProcessId $List[0][0] = $List[0][0] + 1 EndIf Next Return $List EndFunc ;http://msdn2.microsoft.com/en-us/library/aa394372.aspx ;The following VBScript code example shows how to obtain the logon session associated ;with a running process. A process must be running Notepad.exe before the script starts. ;The example locates the instances of Win32_LogonSession associated with the Win32_Process ;that represents Notepad.exe. Win32_SessionProcess is specified as the association class. ;For more information, see ASSOCIATORS OF Statement. ;Return Array Func obtainthelogonsessionProcesRun($appname = 'Notepad.exe') Dim $Session[1][3] Dim $err[2] $Session[0][0] = 0;Array Count ;$List[1 to END][0] = [LogonId] $Session[0][1] = "[ProcessId]" $Session[0][2] = "[ProcessName]" $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & "." & "\root\cimv2") $colProcesses = $objWMIService.ExecQuery( _ "Select * from Win32_Process " _ & "Where Name = '" & $appname & "'") For $objProcess in $colProcesses $ProcessId = $objProcess.ProcessId $colLogonSessions = $objWMIService.ExecQuery _ ("Associators of {Win32_Process='" _ & $ProcessId & "'} Where" _ & " Resultclass = Win32_LogonSession" _ & " Assocclass = Win32_SessionProcess", "WQL", 48) If @error <> 0 Then $err[1] = @error.number Return $err EndIf For $LogonSession in $colLogonSessions ReDim $Session[$Session[0][0] + 2][3] $Session[$Session[0][0] + 1][0] = $LogonSession.LogonId $Session[$Session[0][0] + 1][1] = $objProcess.ProcessId $Session[$Session[0][0] + 1][2] = $objProcess.Name $Session[0][0] = $Session[0][0] + 1 Next Next Return $Session EndFunc ;http://msdn2.microsoft.com/en-us/library/aa389388(VS.85).aspx ;The following VBScript code example creates a Notepad process on the local ;computer. Win32_ProcessStartup is used to configure the process settings. ;$HIDEWindow = 0 ;strCommand FullPath /CmdLine ;Null = Default ;$appname = Notepad.exe ;Return NEW ProcessId or error Func createsprocess($ShowWindow = 1 , $strCommand = $Notepad ,$appname = "Notepad.exe") $intProcessID = 0 $strComputer = "." $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & $strComputer & "\root\cimv2") ; Configure the Notepad process to show a window $objStartup = $objWMIService.Get("Win32_ProcessStartup") $objConfig = $objStartup.SpawnInstance_ $objConfig.ShowWindow = $ShowWindow ; Create Notepad process $objProcess = $objWMIService.Get("Win32_Process") $DAtX = intProcessID(1 ,$appname) $intReturn = $objProcess.Create _ ($strCommand, Default, $objConfig, $intProcessID) $intProcessID = intProcessID(0 ,$appname ,$DAtX) If $intReturn <> 0 Then Return $intReturn Else Return $intProcessID EndIf EndFunc ;http://msdn2.microsoft.com/en-us/library/aa390460(VS.85).aspx ;The following VBScript code example obtains the owner for each running process ;Return Array Func eachrunningprocess($strNameOfUser = @UserName) Dim $processCHK[1][3] $processCHK[0][0] = 0;Array Count ;$List[1 to END][0] = [Name] $processCHK[0][1] = "[error]" $processCHK[0][2] = "[ProcessId]" $strComputer = "." $colProcesses = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\" & $strComputer & "\root\cimv2") $colProcesses = $colProcesses.ExecQuery("Select * from Win32_Process") For $objProcess in $colProcesses $Return = $objProcess.GetOwner($strNameOfUser) If $Return <> 0 Then ReDim $processCHK[$processCHK[0][0] + 2][3] $processCHK[$processCHK[0][0] + 1][0] = $objProcess.Name $processCHK[$processCHK[0][0] + 1][1] = $Return $processCHK[$processCHK[0][0] + 1][2] = $objProcess.ProcessId $processCHK[0][0] = $processCHK[0][0] + 1 Else ReDim $processCHK[$processCHK[0][0] + 2][3] $processCHK[$processCHK[0][0] + 1][0] = $objProcess.Name $processCHK[$processCHK[0][0] + 1][1] = $Return $processCHK[$processCHK[0][0] + 1][2] = $objProcess.ProcessId $processCHK[0][0] = $processCHK[0][0] + 1 EndIf Next Return $processCHK EndFunc ;http://msdn2.microsoft.com/en-us/library/aa394373(VS.85).aspx ;For script code examples, see WMI Tasks for Scripts and Applications and the ;TechNet ScriptCenter Script Repository. ;For C++ code examples, see WMI C++ Application Examples. ;The following VBScript code example shows how to use Win32_Processor to determine ;the computer architecture. ;Return String Func computerarchitecture() $objProc = ObjGet("winmgmts:root\cimv2:Win32_Processor='cpu0'") If $objProc.Architecture = 0 Then Return "x86" ElseIf $objProc.Architecture = 6 Then Return "IPF" Else Return "Unknown" EndIf EndFunc ;http://msdn2.microsoft.com/en-us/library/aa394373(VS.85).aspx ;The following VBScript code example retrieves data about the operating system version and the ;processor it is running on from Win32_Processor, Win32_ComputerSystem, and Win32_OperatingSystem. ;This example requires Windows Vista or later. ;working in windows XP ;Return Array Func dataoperatingsystemandprocessor() Dim $Report ="" $strComputer = "." $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & $strComputer & "\root\cimv2") $colOSes = $objWMIService.ExecQuery("Select * from Win32_OperatingSystem") For $objOS in $colOSes $Report &= @CRLF & "Computer Name: " & $objOS.CSName $Report &= @CRLF & "[Operating System]" $Report &= @CRLF & " Caption: " & $objOS.Caption & 'Name' $Report &= @CRLF & " Version: " & $objOS.Version & 'Version & build' $Report &= @CRLF & " BuildNumber: " & $objOS.BuildNumber & 'Build' $Report &= @CRLF & " BuildType: " & $objOS.BuildType $Report &= @CRLF & " OSType: " & $objOS.OSType $Report &= @CRLF & " OtherTypeDescription: (2003 Server R2 release only)" & $objOS.OtherTypeDescription $Report &= @CRLF & " ServicePackMajorVersion: " & $objOS.ServicePackMajorVersion & "." & _ $objOS.ServicePackMinorVersion Next $Report &= @CRLF & "[Processors]" $colCompSys = $objWMIService.ExecQuery("Select * from Win32_ComputerSystem") For $objCS in $colCompSys $Report &= @CRLF & " NumberOfProcessors: " & $objCS.NumberOfProcessors Next $colProcessors = $objWMIService.ExecQuery("Select * from Win32_Processor") For $objProcessor in $colProcessors $Report &= @CRLF & " Manufacturer: " & $objProcessor.Manufacturer $Report &= @CRLF & " Name: " & $objProcessor.Name $Report &= @CRLF & " Description: " & $objProcessor.Description $Report &= @CRLF & " ProcessorID: " & $objProcessor.ProcessorID $Report &= @CRLF & " Architecture: " & $objProcessor.Architecture $Report &= @CRLF & " AddressWidth: " & $objProcessor.AddressWidth $Report &= @CRLF & " DataWidth: " & $objProcessor.DataWidth $Report &= @CRLF & " Family: " & $objProcessor.Family $Report &= @CRLF & " MaximumClockSpeed: " & $objProcessor.MaxClockSpeed Next $Report = StringSplit($Report, @CRLF) Return $Report EndFunc ;http://msdn2.microsoft.com/en-us/library/aa394376(VS.85).aspx ;The following VBScript code example creates a Notepad process on the local computer that ;reports when the process stops. Run the script and close the Notepad window when the script ;shows the "Waiting for process to stop..." message. Func example($intProcessID = 0) Dim $SW_NORMAL = 1 $strComputer = "." $strCommand = "Notepad.exe" $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & $strComputer & "\root\cimv2") $objStartup = $objWMIService.Get("Win32_ProcessStartup") $objConfig = $objStartup.SpawnInstance_ $objConfig.ShowWindow = $SW_NORMAL $objProcess = $objWMIService.Get("Win32_Process") $DAtX = intProcessID(1 ,"Notepad.exe") $intReturn = $objProcess.Create _ ($strCommand, Default, $objConfig, 0) $intProcessID = intProcessID(0 ,"Notepad.exe" ,$DAtX ) If $intReturn <> 0 Then $message = "Process could not be created." & _ @CRLF & "Command line: " & $strCommand & _ @CRLF & "Return value: " & $intReturn SplashTextOn("Process", $message, 400, 70, 0, 0, 4, "") sleep(2000) SplashOff ( ) Else $message = "Process created." & _ @CRLF & "Command line: " & $strCommand & _ @CRLF & "Process ID: " & $intProcessID SplashTextOn("Process", $message, 400, 70, 0, 0, 4, "") sleep(2000) SplashOff ( ) $colProcessStopTrace = $objWMIService.ExecNotificationQuery _ ("SELECT * FROM Win32_ProcessStopTrace") $message = "Waiting for process to stop ..." SplashTextOn("Process", $message, 400, 70, 0, 0, 4, "") sleep(3000) SplashOff ( ) $i = 0 Do $objLatestEvent = $colProcessStopTrace.NextEvent If $objLatestEvent.ProcessId = $intProcessID Then $message = "StoppedProcess Name: " _ & $objLatestEvent.ProcessName SplashTextOn("Process", $message, 400, 70, 0, 0, 4, "") sleep(4000) $message = "Process ID: " & $objLatestEvent.ProcessId SplashTextOn("Process", $message, 400, 70, 0, 0, 4, "") sleep(4000) SplashOff ( ) $i = 1 EndIf Until $i = 1 exit EndIf EndFunc ;Return Array Func _ProcessListappname($appname = 'Notepad.exe') Dim $List[1][3] $List[0][0] = 0;Array Count ;$List[1 to END][0] = [Caption] $List[0][1] = "[ProcessId]" $strComputer = "." $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & $strComputer & "\root\cimv2") $colProcesses = $objWMIService.ExecQuery _ ("SELECT * FROM Win32_Process") For $objProcess in $colProcesses If $objProcess.Name = $appname then ReDim $List[$List[0][0] + 2][3] $List[$List[0][0] + 1][0] = $objProcess.Caption $List[$List[0][0] + 1][1] = $objProcess.ProcessId $List[0][0] = $List[0][0] + 1 EndIf Next Global $objWMIService = "" Global $colProcesses = "" Return $List EndFunc ;Return Array Func _ProcessList() Dim $List[1][3] $List[0][0] = 0;Array Count ;$List[1 to END][0] = [Caption] $List[0][1] = "[ProcessId]" $strComputer = "." $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & $strComputer & "\root\cimv2") $colProcesses = $objWMIService.ExecQuery _ ("SELECT * FROM Win32_Process") For $objProcess in $colProcesses ReDim $List[$List[0][0] + 2][3] $List[$List[0][0] + 1][0] = $objProcess.Caption $List[$List[0][0] + 1][1] = $objProcess.ProcessId $List[0][0] = $List[0][0] + 1 Next Return $List EndFunc ;Return Array Func _ThreadProcessListappname($appname = 'IEXPLORE.EXE') Dim $List[1][4] $List[0][0] = 0;Array Count ;$List[1 to END][0] = "[strProcessName]" $List[0][1] = "[Handle]" $List[0][2] = "[ThreadState]" $List[0][3] = "[ProcessHandle]" $objDictionary = ObjCreate("Scripting.Dictionary") $strComputer = "." $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & $strComputer & "\root\cimv2") $colProcesses = $objWMIService.ExecQuery _ ("SELECT * FROM Win32_Process") For $objProcess in $colProcesses $objDictionary.Add ($objProcess.ProcessID, $objProcess.Name) Next $colThreads = $objWMIService.ExecQuery _ ("SELECT * FROM Win32_Thread") For $objThread in $colThreads $intProcessID = Int($objThread.ProcessHandle) $strProcessName = $objDictionary.Item($intProcessID) if $strProcessName = $appname then ReDim $List[$List[0][0] + 2][4] $List[$List[0][0] + 1][0] = $strProcessName $List[$List[0][0] + 1][1] = $objThread.Handle $List[$List[0][0] + 1][2] = $objThread.ThreadState $List[$List[0][0] + 1][3] = $objThread.ProcessHandle $List[0][0] = $List[0][0] + 1 EndIf Next Return $List EndFunc ;Return Array Func _ThreadProcessList() Dim $List[1][4] $List[0][0] = 0;Array Count ;$List[1 to END][0] = "[strProcessName]" $List[0][1] = "[Handle]" $List[0][2] = "[ThreadState]" $List[0][3] = "[ProcessHandle]" $objDictionary = ObjCreate("Scripting.Dictionary") $strComputer = "." $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & $strComputer & "\root\cimv2") $colProcesses = $objWMIService.ExecQuery _ ("SELECT * FROM Win32_Process") For $objProcess in $colProcesses $objDictionary.Add ($objProcess.ProcessID, $objProcess.Name) Next $colThreads = $objWMIService.ExecQuery _ ("SELECT * FROM Win32_Thread") For $objThread in $colThreads $intProcessID = Int($objThread.ProcessHandle) $strProcessName = $objDictionary.Item($intProcessID) ReDim $List[$List[0][0] + 2][4] $List[$List[0][0] + 1][0] = $strProcessName $List[$List[0][0] + 1][1] = $objThread.Handle $List[$List[0][0] + 1][2] = $objThread.ThreadState $List[$List[0][0] + 1][3] = $objThread.ProcessHandle $List[0][0] = $List[0][0] + 1 Next Return $List EndFunc ;CHK intProcessID Before / After Create ;$MASK = 1 ==> Before ;$MASK = 0 ==> After Func intProcessID($MASK = 1 ,$appname = "" ,$DAtX = "") $DAt = "" $objWMIService = ObjGet("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & "." & "\root\cimv2") $colProcesses = $objWMIService.ExecQuery( _ "Select * from Win32_Process ") if $MASK = 1 then For $objProcess in $colProcesses $ProcessId = $objProcess.ProcessId if $objProcess.Name = $appname then _ $DAt &= $ProcessId & @CR next Return $DAt else For $objProcess in $colProcesses if $objProcess.Name = $appname then if NOT StringInStr($DAtX ,$objProcess.ProcessId) then _ Return $objProcess.ProcessId EndIf next endif Return "" EndFunc Edited January 5, 2008 by wolf9228 صرح السماء كان هنا Link to comment Share on other sites More sharing options...
Nutster Posted January 5, 2008 Share Posted January 5, 2008 This would probably be easier if you attached the script rather than posting it like this. David NuttallNuttall Computer Consulting An Aquarius born during the Age of Aquarius AutoIt allows me to re-invent the wheel so much faster. I'm off to write a wizard, a wonderful wizard of odd... Link to comment Share on other sites More sharing options...
MaudKip Posted January 7, 2008 Share Posted January 7, 2008 ERROR: @error is not a COM object. $err[1] = @error.number Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now