小贝子编程

开始时间,运行持续时间和应用程序的位置(按Windows中的PID)



有没有办法通过使用CMD或VBS在窗口下使用其PID值来获取正在运行的应用程序的开始时间(带日期),总运行时间和位置?如果是这样,如何?提前谢谢。

可以使用

VBScript 查询Win32_Process WMI 类,以获取进程的可执行路径和开始时间。持续时间可以从开始时间派生:

pid = 23
Set wmi = GetObject("winmgmts://./root/cimv2")
Set convert = CreateObject("WbemScripting.SWbemDateTime")
qry = "SELECT * FROM Win32_Process WHERE ProcessId = " & pid
For Each p In wmi.ExecQuery(qry)
  If IsNull(p.CreationDate) Then
    'leave start time and duration empty if CreationDate can't be read
    startTime = ""
    duration  = ""
  Else
    'convert start time from a string yyyyMMddHHmmss.ffffff±zzz to a date
    convert.Value = p.CreationDate
    startTime = convert.GetVarDate(True)
    'calculate duration in minutes
    duration  = DateDiff("n", startTime, Now)
  End If
  WScript.Echo startTime & vbTab & duration & vbTab & p.ExecutablePath
Next

请注意,您需要SeDebugPrivilege权限(默认情况下管理员拥有该权限)才能查看其他用户进程的可执行路径。如果没有该权限,将为不在当前用户上下文中运行的进程Null p.ExecutablePath

不是这样(对于时间 - 路径可用)。

您可以监视进程的启动和退出并自行计算。

因此,Tasklist /v为您提供了包含路径的命令行。

在 VBS 中也是如此。

Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\.rootcimv2")
Set colItems = objWMIService.ExecQuery("Select * From Win32_Process")
For Each objItem in colItems
    msgbox objItem.ProcessID & " " & objItem.Caption
Next

这是一个监视进程启动和退出的 VBS 脚本。

Set WshShell = WScript.CreateObject("WScript.Shell")
Set objWMIService = GetObject("winmgmts:\.rootCIMV2") 
Set objEvents = objWMIService.ExecNotificationQuery _
    ("SELECT * FROM Win32_ProcessTrace")
Do
    Set objReceivedEvent = objEvents.NextEvent
    msgbox objReceivedEvent.ProcessName
Loop

没有开始时间这样的东西

class Win32_Process : CIM_Process
{
  string Caption;
  string CommandLine;
  string CreationClassName;
  datetime CreationDate;
  string CSCreationClassName;
  string CSName;
  string Description;
  string ExecutablePath;
  uint16 ExecutionState;
  string Handle;
  uint32 HandleCount;
  datetime InstallDate;
  uint64 KernelModeTime;
  uint32 MaximumWorkingSetSize;
  uint32 MinimumWorkingSetSize;
  string Name;
  string OSCreationClassName;
  string OSName;
  uint64 OtherOperationCount;
  uint64 OtherTransferCount;
  uint32 PageFaults;
  uint32 PageFileUsage;
  uint32 ParentProcessId;
  uint32 PeakPageFileUsage;
  uint64 PeakVirtualSize;
  uint32 PeakWorkingSetSize;
  uint32 Priority;
  uint64 PrivatePageCount;
  uint32 ProcessId;
  uint32 QuotaNonPagedPoolUsage;
  uint32 QuotaPagedPoolUsage;
  uint32 QuotaPeakNonPagedPoolUsage;
  uint32 QuotaPeakPagedPoolUsage;
  uint64 ReadOperationCount;
  uint64 ReadTransferCount;
  uint32 SessionId;
  string Status;
  datetime TerminationDate;
  uint32 ThreadCount;
  uint64 UserModeTime;
  uint64 VirtualSize;
  string WindowsVersion;
  uint64 WorkingSetSize;
  uint64 WriteOperationCount;
  uint64 WriteTransferCount;
};

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium