1. 首页
  2. 问答
  3. 获取启动(例如)iexplore与VBScript/JScript的进程

获取启动(例如)iexplore与VBScript/JScript的进程

2012-04-27 47 views

回答

2

您可以使用WMI检查您感兴趣的进程的ParentProcessId。对于“正常”用户模式应用程序,父进程应该是explorer.exe。

strProcess = "iexplore.exe" 
strComputer = "." 
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2") 
Set colProcesses = objWMIService.ExecQuery("Select * from Win32_Process " _ 
    & " Where name = '" & strProcess & "'") 

For Each objProcess in colProcesses 
    WScript.Echo objProcess.ParentProcessId 
Next

在Internet Explorer的情况下,请确保您检查IE的ID,因为它会产生自己的多个实例。尝试这样的事情:

strProcess = "iexplore.exe" 
strComputer = "." 
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2") 

Set colProcesses = objWMIService.ExecQuery("Select * from Win32_Process " _ 
    & " Where name = 'explorer.exe' OR name = 'iexplore.exe'") 

i = 0 
arrIds = Array() 
For Each objProcess in colProcesses 
    ReDim Preserve arrIds(i) 
    arrIds(i) = objProcess.ProcessId 
    i = i + 1 
Next 

Set colProcesses = objWMIService.ExecQuery("Select * from Win32_Process " _ 
    & " Where name = '" & strProcess & "'") 

For Each objProcess in colProcesses 
    intParentID = objProcess.ParentProcessId 

    blnIsFound = False 
    For Each intID in arrIds 
     If intID = intParentID Then 
      blnIsFound = True 
      Exit For 
     End If 
    Next 

    If blnIsFound = False Then 
     WScript.Echo "Process " & objProcess.ProcessId & " spawned by process " & objProcess.ParentProcessId 
    End If 
Next

来源

2012-04-27 18:01:48 Nilpo

+0

感谢@Nilipo,然而当第二次看(和第三,第四等)我似乎无法想出你的答案的第二个脚本想法找到(真)ID IE的父进程。在我看来,它使用iexplore/explorer进程的PID填充数组,然后将每个PID与指定程序的父进程ID进行比较(根据我的问题 - iexplore)。实际上,这似乎输出可能是父母iexplore的许多正在运行的进程的所有子进程(因为它是使用iexplore而不是strProcess = iexplore的未知程序)还是我误读? – user66001 2012-04-27 18:49:34

+0

@ user66001我犯了一个错字。我应该在最后检查这个错误的案例。换句话说,Iexplore.exe的所有实例都不是** Explorer.exe或Iexplore.exe产生的。这应该包括你正在寻找的那个。 – Nilpo 2012-04-27 23:20:34

相关问题

 相关问题