"Vérificateur de Processus" pour vérifier en ligne dans Fichier.net, ProcessLibrary et Google les différents processus qui tournent sur un PC.
Donc le but de cette application est de vérifier si le processus est un Malware ou bien un processus normal qui appartient au système.
On peut afficher le fichier exécutable qui est associé à ce processus dans l'explorateur.
On peut aussi terminer le processus douteux, voir même toutes les instances de ce processus.
Source / Exemple :
<html>
<head>
<title>Vérificateur de Processus © Hackoo Crackoo Version Beta © 2012</title>
<HTA:APPLICATION
ID="Vérificateur de Processus"
APPLICATIONNAME="Vérificateur de Processus"
SCROLL="yes"
SINGLEINSTANCE="yes"
WINDOWSTATE="Maximize"
icon="verifier.exe"
>
<style>
a:link {color: #F19105;}
a:visited {color: #F19105;}
a:active {color: #F19105;}
a:hover {color: #FF9900;background-color: rgb(255, 255, 255);}
input,button
{
border:1px solid Darkorange;
background-color:white;
font-family:Comic sans MS;
font-size:10px;
color:#804040;
font-weight:bold;
cursor:hand;
}
</style>
</head>
<META HTTP-EQUIV="MSThemeCompatible" CONTENT="YES">
<SCRIPT LANGUAGE="VBScript">
Dim sTimer,iTimerID
Set fso = CreateObject("Scripting.FileSystemObject")
Set Ws = CreateObject("WScript.Shell")
Set ProcessEnv = Ws.Environment("Process")
NomMachine = ProcessEnv("COMPUTERNAME")
NomUtilisateur = ProcessEnv("USERNAME")
strComputer = "."
Sub Window_OnLoad
Call NomComputer()
document.body.style.cursor = "wait"
DataArea.InnerHTML = "<br><br><br><br><br><br><br><br><br><br>"&_
"<hr noshode color=""#FFFFFFF""><b><font color='DarkOrange' size='6'>Veuillez Patienter le Chargement des Processus est en cours ....... </font><hr noshode color=""#FFFFFFF"">"
PauseScript(0)
Call CheckProcess()
sTimer = window.setInterval("CheckProcess()", 240000)
End Sub
Sub CheckProcess
On Error Resume Next
Self.document.title ="Liste des Processus en cours d'exécution le " & date & " à " & Time & " © Hackoo Crackoo Version Beta © 2012"
document.body.style.cursor = "default"
count=0
lien ="<font color=yellow size =""1"">(Cliquer sur un lien pour afficher le fichier dans l'explorateur)</font>"
strComputer = Computer.Value
NomUtilisateur = User.Value
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colProcesses = objWMIService.ExecQuery("Select * From Win32_Process")
strHTML = strHTML & "<table border='1' style='border-collapse: collapse' bordercolor='#111111' width='100%' id='Table1'>"
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td style=""text-align:center"" width='10%' bgcolor = 'black'><font color = 'DarkOrange'><b>Processus</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='5%' bgcolor = 'black'><font color = 'DarkOrange'><b>Propriétaire</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='5%' bgcolor = 'black'><font color = 'DarkOrange'><b>PID</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='5%' bgcolor = 'black'><font color = 'DarkOrange'><b>Mémoire</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='50%' bgcolor = 'black'><font color = 'DarkOrange'><b>Processus en Ligne de Commande<br>"&lien&"</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='5%' bgcolor = 'black'><font color = 'DarkOrange'><b>Vérifier dans fichier.net</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='5%' bgcolor = 'black'><font color = 'DarkOrange'><b>Vérifier dans Library</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='15%' bgcolor = 'black'><font color = 'DarkOrange'><b>Vérifier dans Google</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='1%' bgcolor = 'black'><font color = 'DarkOrange'><b>Terminer un seul Processus</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='2%' bgcolor = 'black'><font color = 'DarkOrange'><b>Terminer Plusieurs Instances</td>"
strHTML = strHTML & "</tr>"
For Each objProcess in colProcesses
count=count+1
ProcessName = objProcess.Name
ProcessID = objProcess.ProcessID
Memoire = objProcess.WorkingSetSize
CommandLine = objProcess.CommandLine
ExecutablePath = objProcess.ExecutablePath
link = "<a href=""#"" OnClick='Explore("""& ExecutablePath & """)'>"& CommandLine &"</a>"
objProcess.GetOwner strUserName, strUserDomain
Owner = strUserName
If IsNull(Memoire) OR Memoire = "" Then Memoire = 0
If Memoire = 0 Then
Memoire = "0 Ko"
Else
Memoire = ConvertToDiskSize(Memoire)
End If
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td style=""text-align:center"" width='10%'>" & ProcessName & "</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='5%'>" & Owner & "</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='5%'>" & ProcessID & "</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='5%'>" & Memoire & "</td>"
strHTML = strHTML & "<td width='50%'>" & link & "</td>"
strHTML = strHTML & "<td style=""text-align:center"" width='5%'>" & "<Input type=""button"" class=""button"" Value=""Vérifier"" onClick='OpenURL(""http://fichier.net/processus/"& objProcess.Name & ".html"")'></td>"
strHTML = strHTML & "<td style=""text-align:center"" width='5%'>" & "<Input type=""button"" class=""button"" Value=""Vérifier"" onClick='OpenURL(""http://www.processlibrary.com/fr/search/?q=" & objProcess.Name & """)'></td>"
strHTML = strHTML & "<td style=""text-align:center"" width='15%'>" & "<Input type=""button"" class=""button"" Value=""Googler"" onClick='OpenURL(""http://www.google.com/search?q=" & objProcess.Name & """)'></td>"
strHTML = strHTML & "<td align=""center"" width='1%'><input type=""button"" value=""M"" style=""font-family: Wingdings"" style=""cursor:hand;"" onClick='KillOneProcess("""& objProcess.ProcessID & """)'></td>"
strHTML = strHTML & "<td align=""center"" width='2%'><input type=""button"" value=""MMMM"" style=""font-family: Wingdings"" style=""cursor:hand;"" onClick='KillALLProcess("""& objProcess.Name & """)'></td>"
strHTML = strHTML & "</tr>"
Next
strHTML = strHTML & "</table>"
strHTML = strHTML & "<br><B><font color=DarkOrange>Il y a "& Count &" Processus en cours d'exécution le " & date & " à " & time & " sur Le PC </font><font color=Yellow>"& qq(strComputer) & "</font><font color=DarkOrange> connecté en tant que </font><font color=Yellow>" & qq(NomUtilisateur) & "</font></B>"
strHTML = strHTML & "<br><br><img src='"&Chr(104)&Chr(116)&Chr(116)&Chr(112)&Chr(58)&Chr(47)&Chr(47)&Chr(110)&Chr(115)&Chr(109)&_
Chr(48)&Chr(53)&Chr(46)&Chr(99)&Chr(97)&Chr(115)&Chr(105)&_
Chr(109)&Chr(97)&Chr(103)&Chr(101)&Chr(115)&Chr(46)&Chr(99)&Chr(111)&Chr(109)&Chr(47)&Chr(105)&_
Chr(109)&Chr(103)&Chr(47)&Chr(50)&Chr(48)&Chr(49)&Chr(49)&Chr(47)&Chr(48)&Chr(55)&Chr(47)&Chr(50)&_
Chr(51)&Chr(47)&Chr(47)&Chr(49)&Chr(49)&Chr(48)&Chr(55)&_
Chr(50)&Chr(51)&Chr(48)&Chr(55)&Chr(52)&Chr(49)&_
Chr(52)&Chr(48)&Chr(49)&Chr(51)&Chr(49)&Chr(49)&Chr(48)&_
Chr(52)&Chr(56)&Chr(53)&Chr(48)&Chr(54)&Chr(52)&Chr(49)&_
Chr(57)&Chr(46)&Chr(103)&Chr(105)&Chr(102)&"' alt='"&Chr(104)&Chr(97)&_
Chr(99)&Chr(107)&Chr(111)&Chr(111)&Chr(102)&Chr(114)&Chr(64)&_
Chr(121)&Chr(97)&Chr(104)&Chr(111)&Chr(111)&Chr(46)&Chr(102)&Chr(114)&"'</img>"
strHTML = strHTML & "<bgsound src="&MusicAuHasard()&">"
DataArea.InnerHTML = strHTML
If Err.Number <> 0 Then
document.body.style.cursor = "wait"
Tool.style.visibility="hidden"
strError = "<b><font color=Orange>Veuillez Patienter car le Système est Occupé pour accomplir une tâche en arrière plan et il va se relancer Automatiquement. Merci !</font></b>"
DataArea.InnerHTML = strError
Err.Clear
End If
End Sub
Function Explore(filename)
ws.run "Explorer /n,/select,"&filename&""
End Function
Function NomComputer()
Set WshShell = CreateObject("WScript.Shell" )
Set env = WshShell.Environment("PROCESS" )
computername = env("COMPUTERNAME" )
NomUtilisateur = env("USERNAME")
Computer.Value = computername
User.Value = NomUtilisateur
End Function
Function KillALLProcess(Name)
strComputer="."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colProcesses = objWMIService.ExecQuery("Select * From Win32_Process Where Name = '"&Name&"'")
result=-1
Question = MsgBox ("Voulez-vous Terminer Tout les Processus qui porte le nom " & qq(Name)&" ?",VBYesNO+VbQuestion,"Terminaison du processus " & qq(Name))
If Question = VbYes Then
if result<>0 Then
FOR each objProcess in colProcesses
Name = objProcess.Name
result=objProcess.terminate(0)
Fermer(Name)
Call CheckProcess()
if result<>0 Then
Call CheckProcess()
MsgBox "Erreur code " & result, vbExclamation,"Terminaison du processus " & qq(Name)
Exit FOR
end If
NEXT
end If
Else
MsgBox "L'action de la Terminaison du Processus " & qq(Name) &" est Annulée ! " , vbExclamation,"Annulation de la Terminaison du processus " & qq(Name)
Exit Function
End If
Call CheckProcess()
If result=0 Then
MsgBox "Tout les Processus qui porte le nom " & qq(Name) &" sont correctement terminés !", vbInformation,"Terminaison des processus avec le nom " & qq(Name)
End if
KillALLProcess=result
End Function
Function KillOneProcess(PID)
strComputer="."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colProcesses = objWMIService.ExecQuery("Select * From Win32_Process Where ProcessID = '"&PID&"'")
result=-1
for each objProcess in colProcesses
Name = objProcess.Name
Question = MsgBox ("Voulez-vous Terminer ce Processus " & qq(Name)&" ?",VBYesNO+VbQuestion,"Terminaison du processus " & qq(Name))
If Question = VbYes Then
result=objProcess.terminate(0)
Call CheckProcess()
End If
If Question = 6 Then
If result<>0 Then
MsgBox "Erreur code " & result, vbExclamation,"Terminaison du processus " & qq(Name)
Call CheckProcess()
Exit for
Else
MsgBox "Le Processus " & qq(Name) &" est correctement terminé !", vbInformation,"Terminaison du processus " & qq(Name)
End If
End If
Next
KillOneProcess=result
End Function
Sub Fermer(Process)
Set Ws = CreateObject("Wscript.Shell")
Command = "cmd /c Taskkill /F /IM "&Process&""
Execution = Ws.Run(Command,0,True)
End Sub
Function ConvertToDiskSize(intValue)
If (intValue / 1099511627776) > 1 Then
ConvertToDiskSize = Round(intValue / 1099511627776,1) & " To "
ElseIf (intValue / 1073741824) > 1 Then
ConvertToDiskSize = Round(intValue / 1073741824,1) & " Go "
ElseIf (intValue / 1048576) > 1 Then
ConvertToDiskSize = Round(intValue / 1048576,2) & " Mo "
ElseIf (intValue / 1024) > 1 Then
ConvertToDiskSize = Round(intValue / 1024,2) & " Ko "
Else
ConvertToDiskSize = Round(intValue) & " Octets "
End If
End Function
Function qq(strIn)
qq = Chr(34) & strIn & Chr(34)
End Function
Sub MonitorUpdate()
sTimer = window.setInterval("CheckProcess()", 10000)
End Sub
Sub PauseScript(intPause)
Set objShell = CreateObject("WScript.Shell" )
objShell.Run "%COMSPEC% /c ping -w " & intPause & " -n 1 1.0.0.0", 0, True
End Sub
Sub OpenURL(strURL)
Set objShell = CreateObject("WScript.Shell")
strURL = Replace(strURL, "_", " ")
objShell.Run strURL,1,False
End Sub
Function MusicAuHasard()
URL1 = ChrW(104)&ChrW(116)&ChrW(116)&ChrW(112)&ChrW(58)&ChrW(47)&ChrW(47)&ChrW(104)&ChrW(97)&ChrW(99)&ChrW(107)&ChrW(111)&ChrW(111)&ChrW(46)&ChrW(97)&ChrW(108)&ChrW(119)&ChrW(97)&ChrW(121)&ChrW(115)&ChrW(100)&ChrW(97)&ChrW(116)&ChrW(97)&ChrW(46)&ChrW(110)&ChrW(101)&ChrW(116)&ChrW(47)&ChrW(80)&ChrW(105)&ChrW(116)&ChrW(98)&ChrW(117)&ChrW(108)&ChrW(108)&ChrW(46)&ChrW(109)&ChrW(112)&ChrW(51)
URL2 = ChrW(104)&ChrW(116)&ChrW(116)&ChrW(112)&ChrW(58)&ChrW(47)&ChrW(47)&ChrW(104)&ChrW(97)&ChrW(99)&ChrW(107)&ChrW(111)&ChrW(111)&ChrW(46)&ChrW(97)&ChrW(108)&ChrW(119)&ChrW(97)&ChrW(121)&ChrW(115)&ChrW(100)&ChrW(97)&ChrW(116)&ChrW(97)&ChrW(46)&ChrW(110)&ChrW(101)&ChrW(116)&ChrW(47)&ChrW(102)&ChrW(101)&ChrW(101)&ChrW(108)&ChrW(105)&ChrW(110)&ChrW(103)&ChrW(46)&ChrW(109)&ChrW(112)&ChrW(51)
URL3 = ChrW(104)&ChrW(116)&ChrW(116)&ChrW(112)&ChrW(58)&ChrW(47)&ChrW(47)&ChrW(104)&ChrW(97)&ChrW(99)&ChrW(107)&ChrW(111)&ChrW(111)&ChrW(46)&ChrW(97)&ChrW(108)&ChrW(119)&ChrW(97)&ChrW(121)&ChrW(115)&ChrW(100)&ChrW(97)&ChrW(116)&ChrW(97)&ChrW(46)&ChrW(110)&ChrW(101)&ChrW(116)&ChrW(47)&ChrW(102)&ChrW(101)&ChrW(101)&ChrW(108)&ChrW(105)&ChrW(110)&ChrW(103)&ChrW(50)&ChrW(46)&ChrW(109)&ChrW(112)&ChrW(51)
URL4 = ChrW(104)&ChrW(116)&ChrW(116)&ChrW(112)&ChrW(58)&ChrW(47)&ChrW(47)&ChrW(104)&ChrW(97)&ChrW(99)&ChrW(107)&ChrW(111)&ChrW(111)&ChrW(46)&ChrW(97)&ChrW(108)&ChrW(119)&ChrW(97)&ChrW(121)&ChrW(115)&ChrW(100)&ChrW(97)&ChrW(116)&ChrW(97)&ChrW(46)&ChrW(110)&ChrW(101)&ChrW(116)&ChrW(47)&ChrW(84)&ChrW(114)&ChrW(117)&ChrW(99)&ChrW(107)&ChrW(46)&ChrW(109)&ChrW(112)&ChrW(51)
URL5 = ChrW(104)&ChrW(116)&ChrW(116)&ChrW(112)&ChrW(58)&ChrW(47)&ChrW(47)&ChrW(104)&ChrW(97)&ChrW(99)&ChrW(107)&ChrW(111)&ChrW(111)&ChrW(46)&ChrW(97)&ChrW(108)&ChrW(119)&ChrW(97)&ChrW(121)&ChrW(115)&ChrW(100)&ChrW(97)&ChrW(116)&ChrW(97)&ChrW(46)&ChrW(110)&ChrW(101)&ChrW(116)&ChrW(47)&ChrW(71)&ChrW(97)&ChrW(110)&ChrW(103)&ChrW(110)&ChrW(97)&ChrW(109)&ChrW(95)&ChrW(114)&ChrW(101)&ChrW(109)&ChrW(105)&ChrW(120)&ChrW(46)&ChrW(109)&ChrW(112)&ChrW(51)
URL6 = ChrW(104)&ChrW(116)&ChrW(116)&ChrW(112)&ChrW(58)&ChrW(47)&ChrW(47)&ChrW(104)&ChrW(97)&ChrW(99)&ChrW(107)&ChrW(111)&ChrW(111)&ChrW(46)&ChrW(97)&ChrW(108)&ChrW(119)&ChrW(97)&ChrW(121)&ChrW(115)&ChrW(100)&ChrW(97)&ChrW(116)&ChrW(97)&ChrW(46)&ChrW(110)&ChrW(101)&ChrW(116)&ChrW(47)&ChrW(109)&ChrW(121)&ChrW(100)&ChrW(114)&ChrW(101)&ChrW(97)&ChrW(109)&ChrW(46)&ChrW(109)&ChrW(112)&ChrW(51)
ListMusic = array(URL1,URL2,URL3,URL4,URL5,URL6)
Randomize
For i = 0 To UBound(ListMusic)
j = Int((UBound(ListMusic) - i + 1) * Rnd + i)
tmp = ListMusic(i)
ListMusic(i) = ListMusic(j)
ListMusic(j) = tmp
Next
MusicAuHasard=tmp
End Function
</SCRIPT>
<body text=white bgcolor=#1234568 TOPMARGIN="1" LEFTMARGIN="1" RIGHTMARGIN="1"><center>
<span id ="DataArea"></span>
<input type="hidden" name="Computer" ID="Computer">
<input type="hidden" name="User" ID="User"><br>
</body>
</html>
Conclusion :
Vos Commentaires et vos Remarques sont les Bienvenues !