TC官方合作论坛

标题: NF综合TC支持库V1.0 [打印本页]

---

作者: nfapp    时间: 2017-12-3 17:07
标题: NF综合TC支持库V1.0
前情提要：
Antecedents feed

本支持库只要有人支持和提交BUG或提交建议，都会一直做下去！

This support library whenever someone support and submit BUG or submit Suggesti**, will always do it!
本支持库只要有人支持和提交BUG或提交建议，都会一直做下去！
This support library whenever someone support and submit BUG or submit Suggesti**, will always do it!

本支持库只要有人支持和提交BUG或提交建议，都会一直做下去！
This support library whenever someone support and submit BUG or submit Suggesti**, will always do it!





本支持库目前已提供"进程监控"功能，返回数据非常全面，具体的看真实数据即知！暂时想不到其他实用功能，如有需求，非常欢迎回复，我会尽量加入!

instance of __InstanceCreationEvent
{
        TargetInstance =
instance of Win32_Process
{
        Caption = "c**ent.exe";
        CommandLine = "c**ent.exe 980 288 00000187DDA61E20";
        CreationClassName = "Win32_Process";
        CreationDate = "20171203165847.357821+480";
        CSCreationClassName = "Win32_ComputerSystem";
        CSName = "SC-201707131612";
        Description = "c**ent.exe";
        ExecutablePath = "C:\\windows\\system32\\c**ent.exe";
        Handle = "4904";
        HandleCount = 270;
        KernelModeTime = "1406250";
        MaximumWorkingSetSize = 1380;
        MinimumWorkingSetSize = 200;
        Name = "c**ent.exe";
        OSCreationClassName = "Win32_OperatingSystem";
        OSName = "Microsoft Windows 10 企业版|C:\\windows|\\Device\\Harddisk0\\Partition1";
        OtherOperationCount = "654";
        OtherTransferCount = "9720";
        PageFaults = 7592;
        PageFileUsage = 2788;
        ParentProcessId = 980;
        PeakPageFileUsage = 2788;
        PeakVirtualSize = "2199130230784";
        PeakWorkingSetSize = 20992;
        Priority = 8;
        PrivatePageCount = "2854912";
        ProcessId = 4904;
        QuotaNonPagedPoolUsage = 12;
        QuotaPagedPoolUsage = 211;
        QuotaPeakNonPagedPoolUsage = 12;
        QuotaPeakPagedPoolUsage = 211;
        ReadOperationCount = "11";
        ReadTransferCount = "5767168";
        SessionId = 1;
        ThreadCount = 7;
        UserModeTime = "7500000";
        VirtualSize = "2199130230784";
        WindowsVersion = "10.0.14393";
        WorkingSetSize = "21135360";
        WriteOperationCount = "0";
        WriteTransferCount = "0";
};
        TIME_CREATED = "131567651291545573";
};

数据传递方式采用回调函数传递，未来将会实现线程调用，实现0基础新手线程调用，希望大家多多支持




支持库目前命令：

NT_进程监控_开始监控
NT_进程监控_停止监控
NT_指针到文本

附件下载：(附带有TC调用例程)

---

作者: chen1882729    时间: 2017-12-3 19:11
支持大神！

---

作者: yy4363    时间: 2017-12-3 19:42

前情提要：
Antecedents feed

本支持库只要有人支持和提交BUG或提交建议，都会一直做下去！

This support library whenever someone support and submit BUG or submit Suggesti**, will always do it!
本支持库只要有人支持和提交BUG或提交建议，都会一直做下去！
This support library whenever someone support and submit BUG or submit Suggesti**, will always do it!

本支持库只要有人支持和提交BUG或提交建议，都会一直做下去！
This support library whenever someone support and submit BUG or submit Suggesti**, will always do it!





本支持库目前已提供"进程监控"功能，返回数据非常全面，具体的看真实数据即知！暂时想不到其他实用功能，如有需求，非常欢迎回复，我会尽量加入!
instance of __InstanceCreationEvent
{
        TargetInstance =
instance of Win32_Process
{
        Caption = "c**ent.exe";
        CommandLine = "c**ent.exe 980 288 00000187DDA61E20";
        CreationClassName = "Win32_Process";
        CreationDate = "20171203165847.357821+480";
        CSCreationClassName = "Win32_ComputerSystem";
        CSName = "SC-201707131612";
        Description = "c**ent.exe";
        ExecutablePath = "C:\\windows\\system32\\c**ent.exe";
        Handle = "4904";
        HandleCount = 270;
        KernelModeTime = "1406250";
        MaximumWorkingSetSize = 1380;
        MinimumWorkingSetSize = 200;
        Name = "c**ent.exe";
        OSCreationClassName = "Win32_OperatingSystem";
        OSName = "Microsoft Windows 10 企业版|C:\\windows|\\Device\\Harddisk0\\Partition1";
        OtherOperationCount = "654";
        OtherTransferCount = "9720";
        PageFaults = 7592;
        PageFileUsage = 2788;
        ParentProcessId = 980;
        PeakPageFileUsage = 2788;
        PeakVirtualSize = "2199130230784";
        PeakWorkingSetSize = 20992;
        Priority = 8;
        PrivatePageCount = "2854912";
        ProcessId = 4904;
        QuotaNonPagedPoolUsage = 12;
        QuotaPagedPoolUsage = 211;
        QuotaPeakNonPagedPoolUsage = 12;
        QuotaPeakPagedPoolUsage = 211;
        ReadOperationCount = "11";
        ReadTransferCount = "5767168";
        SessionId = 1;
        ThreadCount = 7;
        UserModeTime = "7500000";
        VirtualSize = "2199130230784";
        WindowsVersion = "10.0.14393";
        WorkingSetSize = "21135360";
        WriteOperationCount = "0";
        WriteTransferCount = "0";
};
        TIME_CREATED = "131567651291545573";
};

数据传递方式采用回调函数传递，未来将会实现线程调用，实现0基础新手线程调用，希望大家多多支持




支持库目前命令：
NT_进程监控_开始监控
NT_进程监控_停止监控
NT_指针到文本

附件下载：(附带有TC调用例程)

---

作者: cjxdn    时间: 2017-12-3 21:50


提取GIf图片中的每一帧
QQ式截图

---

作者: chen71512    时间: 2017-12-4 06:49
学习学习

---

作者: qwe0634    时间: 2017-12-4 14:11
uyyyyyyyyyyyyyyyyyyyyyyyyy

---

作者: 498518599    时间: 2017-12-5 00:53
额2121谔谔

---

欢迎光临 TC官方合作论坛 (http://bbs.52tc.co/)

Powered by Discuz! X3.1