这是针对管理数千台 Windows 2012-2016 服务器的托管服务提供商提出的问题。2019 年 8 月的 Microsoft 补丁旨在破坏许多(所有?)VB 脚本。
我可以针对这些机器运行 wmi 和/或 ansible 命令,或者通过远程桌面派遣夜班 noc 人员到这些机器上。
有没有办法知道任何给定机器上是否有 VB 脚本在运行(作为来自不同应用程序的服务的一部分)。建议只在文件系统上搜索 *.vba,但我认为这可能会导致一些误报和漏报。
答案1
我会搜索运行脚本的计划任务,如果您的服务器上有 AV 或 FSRM,我会将其设置为在脚本主机运行时或打开 vbs/wsf 文件时进行记录。
答案2
我不知道我的旧 vbscript 是否能帮助您解决您的问题:
因此,此 vbscript 将生成一个 Excel 文件作为报告,您将在其中找到许多有用的信息,例如:所有任务,没有 Microsoft 任务,服务和 启动项。
Option Explicit
Const xlCenter = -4108
Dim objExcel,objWorkbook,objWorksheet,x,objFSO,objCSVFile,arrStr,i
Dim TaskName,CommandLine,Next_Execution,objRange,Date_Debut,Date_Heure
Dim WS,Command_Query_No_Microsoft_Tasks,Log_CSV_Tasks,Task_Status
Dim Last_Date,Log_CSV_ALL_Tasks,Command_Query_ALL_Tasks,strExcelPath
Set WS = CreateObject("Wscript.Shell")
strExcelPath = WS.RegRead("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\excel.exe\")
If strExcelPath = "" Then
MsgBox "Unable to export. Excel does not appear to be installed.", vbExclamation, "PC Infos"
End If
Log_CSV_ALL_Tasks = WS.ExpandEnvironmentStrings("%Temp%\Log_CSV_ALL_Tasks.txt")
Log_CSV_Tasks = WS.ExpandEnvironmentStrings("%Temp%\Log_CSV_Tasks.txt")
Command_Query_ALL_Tasks = "CMD /C Schtasks /Query /NH /FO CSV /V>"& Log_CSV_ALL_Tasks &""
WS.Run Command_Query_ALL_Tasks,0,True
Command_Query_No_Microsoft_Tasks = "CMD /C Type "& Log_CSV_ALL_Tasks &" | FindStr /I /V "&_
DblQuote("MICRO")&">"& Log_CSV_Tasks &""
WS.Run Command_Query_No_Microsoft_Tasks,0,True
Set objExcel = CreateObject("Excel.Application")
objExcel.Visible = True
'To Open Excel in Full Screen
objExcel.DisplayFullScreen = True
objExcel.ScreenUpdating = False
objExcel.Workbooks.Add
Call Add_Sheet(1,7,"ALL_Tasks",Log_CSV_ALL_Tasks)
Call Add_Sheet(2,6,"No_Microsoft_Tasks",Log_CSV_Tasks)
Call Startup()
Call No_Microsoft_Services()
Call SaveWorkBook("PC_Infos")
objExcel.ScreenUpdating = True
'Scheduled_Tasks
'--------------------------------------------------
Sub Add_Sheet(Sheet_Index, TabColorIndex, Sheet_Name, CSV_To_Parse)
Set objWorksheet = objExcel.Worksheets(Sheet_Index)
objWorksheet.Tab.ColorIndex = TabColorIndex
With objExcel
.WorkSheets(Sheet_Index).Name = Sheet_Name
.WorkSheets(Sheet_Name).Select'
.Cells(1, 1).Value = "Nom de la tâche"
.Cells(1, 1).Font.Bold = TRUE
.Cells(1, 1).Interior.ColorIndex = 43
.Cells(1, 1).Font.ColorIndex = 2
.Cells(1, 1).HorizontalAlignment = xlCenter
'--------------------------------------------------
.Cells(1, 2).Value = "Ligne de Commande"
.Cells(1, 2).Font.Bold = TRUE
.Cells(1, 2).Interior.ColorIndex = 43
.Cells(1, 2).Font.ColorIndex = 2
.Cells(1, 2).HorizontalAlignment = xlCenter
'--------------------------------------------------
.Cells(1, 3).Value = "Prochaine exécution"
.Cells(1, 3).Font.Bold = TRUE
.Cells(1, 3).Interior.ColorIndex = 43
.Cells(1, 3).Font.ColorIndex = 2
.Cells(1, 3).HorizontalAlignment = xlCenter
'--------------------------------------------------
.Cells(1, 4).Value = "Statut de la tâche planifiée"
.Cells(1, 4).Font.Bold = TRUE
.Cells(1, 4).Interior.ColorIndex = 43
.Cells(1, 4).Font.ColorIndex = 2
.Cells(1, 4).HorizontalAlignment = xlCenter
'--------------------------------------------------
.Cells(1, 5).Value = "Date de début"
.Cells(1, 5).Font.Bold = TRUE
.Cells(1, 5).Interior.ColorIndex = 43
.Cells(1, 5).Font.ColorIndex = 2
.Cells(1, 5).HorizontalAlignment = xlCenter
'--------------------------------------------------
.Cells(1, 6).Value = "Heure de début"
.Cells(1, 6).Font.Bold = TRUE
.Cells(1, 6).Interior.ColorIndex = 43
.Cells(1, 6).Font.ColorIndex = 2
.Cells(1, 6).HorizontalAlignment = xlCenter
'--------------------------------------------------
.Cells(1, 7).Value = "Heure de la dernière exécution"
.Cells(1, 7).Font.Bold = TRUE
.Cells(1, 7).Interior.ColorIndex = 43
.Cells(1, 7).Font.ColorIndex = 2
.Cells(1, 7).HorizontalAlignment = xlCenter
'--------------------------------------------------
End With
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objCSVFile = objFSO.OpenTextFile(CSV_To_Parse,1)
x = 1
Do while NOT objCSVFile.AtEndOfStream
arrStr = split(objCSVFile.ReadLine,",")
TaskName = DeQuote(Replace(arrStr(1),"\",""))
CommandLine = DeQuote(DeQuote(arrStr(8)))
Next_Execution = DeQuote(DeQuote(arrStr(2)))
Task_Status = Replace(DeQuote(DeQuote(arrStr(11))),"‚","é")
Task_Status = Replace(Task_Status,"ے"," ")
Task_Status = Replace(Task_Status,""""," ")
Date_Debut = DeQuote(DeQuote(arrStr(20)))
Date_Heure = DeQuote(DeQuote(arrStr(19)))
Date_Heure = Replace(Date_Heure,"?","'")
Last_Date = DeQuote(DeQuote(arrStr(5)))
x = x + 1
With objExcel
.Cells(x,1) = TaskName
.Cells(x,2) = CommandLine
.Cells(x,3) = Next_Execution
.Cells(x,4) = Task_Status
.Cells(x,5) = Date_Debut
.Cells(x,6) = Date_Heure
.Cells(x,7) = Last_Date
If Ucase(Next_Execution) = "N/A" Then
.Cells(x, 1).Font.ColorIndex = 3
.Cells(x, 2).Font.ColorIndex = 3
.Cells(x, 3).Font.ColorIndex = 3
.Cells(x, 4).Font.ColorIndex = 3
.Cells(x, 5).Font.ColorIndex = 3
.Cells(x, 6).Font.ColorIndex = 3
.Cells(x, 7).Font.ColorIndex = 3
Else
.Cells(x, 1).Font.ColorIndex = 10
.Cells(x, 2).Font.ColorIndex = 10
.Cells(x, 3).Font.ColorIndex = 10
.Cells(x, 4).Font.ColorIndex = 10
.Cells(x, 5).Font.ColorIndex = 10
.Cells(x, 6).Font.ColorIndex = 10
.Cells(x, 7).Font.ColorIndex = 10
End If
End With
Loop
objCSVFile.Close
Set objRange = objWorksheet.UsedRange
objRange.EntireColumn.Autofit()
End Sub
'-------------------------------------------------
Function DeQuote(S)
If Left(S,1) = """" And Right(S, 1) = """" Then
DeQuote = Trim(Mid(S, 2, Len(S) - 2))
Else
DeQuote = Trim(S)
End If
End Function
'-------------------------------------------------
Function DblQuote(Str)
DblQuote = Chr(34) & Str & Chr(34)
End Function
'-------------------------------------------------
Sub SaveWorkBook(FileName)
Dim FSO : Set FSO = CreateObject("Scripting.FileSystemObject")
Dim Network : Set Network = CreateObject("WScript.Network")
Dim Computer : Computer = Network.ComputerName
Dim xlVer,Suffix,Ws
Set Ws = CreateObject("WScript.Shell")
Suffix = computer & "_" & Date & "_" & Time
Suffix = Replace(Suffix,"/","_")
Suffix = Replace(Suffix,":","-")
' Check Excel Version (12.0 = 2007)
xlVer = Split(objExcel.Version,".")(0)
If xlVer >= "12" Then
objExcel.ActiveWorkbook.SaveAs fso.GetAbsolutePathName(".") & "\" & FileName & "_" & Suffix & ".xlsx"
objExcel.DisplayAlerts = True
Ws.Run DblQuote(fso.GetAbsolutePathName(".") & "\" & FileName & "_" & Suffix & ".xlsx")
' 56 = Excel 97-2003
' Voir la page http://msdn.microsoft.com/en-us/library/microsoft.office.interop.excel.xlfileformat.aspx
Else
objExcel.ActiveWorkbook.SaveAs fso.GetAbsolutePathName(".") & "\" & FileName & "_" & Suffix & ".xls",56
objExcel.DisplayAlerts = True
Ws.Run DblQuote(fso.GetAbsolutePathName(".") & "\" & FileName & "_" & Suffix & ".xls")
End If
End Sub
'----------------------------------------------------------------------------------
Sub Startup()
Dim strComputer,objWMIService,colStartupCommands,objWorkSheet,objStartupCommand
Dim strStartupName,strStartupUser,strStartupLocation,strStartupCommand,intStartRow
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colStartupCommands = objWMIService.ExecQuery ("Select * from Win32_StartupCommand")
'objExcel.ActiveWorkbook.Sheets.Add
Set objWorksheet = objExcel.Worksheets(3)
objWorkSheet.Name = "Startup Details"
objWorksheet.Tab.ColorIndex = 3
intStartRow = 2
objWorkSheet.Cells(1, 1).Interior.ColorIndex = 43
objWorkSheet.Cells(1, 1).Font.ColorIndex = 2
objWorkSheet.Cells(1, 2).Interior.ColorIndex = 43
objWorkSheet.Cells(1, 2).Font.ColorIndex = 2
objWorkSheet.Cells(1, 3).Interior.ColorIndex = 43
objWorkSheet.Cells(1, 3).Font.ColorIndex = 2
objWorkSheet.Cells(1, 4).Interior.ColorIndex = 43
objWorkSheet.Cells(1, 4).Font.ColorIndex = 2
objWorkSheet.Cells(1, 1) = "Startup Item"
objWorkSheet.Cells(1, 2) = "User"
objWorkSheet.Cells(1, 3) = "Command Line"
objWorkSheet.Cells(1, 4) = "Startup Location"
For Each objStartupCommand in colStartupCommands
strStartupName = Trim(objStartupCommand.Name)
strStartupUser = objStartupCommand.User
strStartupLocation = objStartupCommand.Location
strStartupCommand = objStartupCommand.Command
objWorkSheet.Cells(intStartRow, 1) = strStartupName
objWorkSheet.Cells(intStartRow, 2) = strStartupUser
objWorkSheet.Cells(intStartRow, 3) = strStartupLocation
objWorkSheet.Cells(intStartRow, 4) = strStartupCommand
intStartRow = intStartRow + 1
Next
objWorkSheet.Columns("A:A").EntireColumn.AutoFit
objWorkSheet.Columns("B:B").EntireColumn.AutoFit
objWorkSheet.Columns("C:C").EntireColumn.AutoFit
objWorkSheet.Columns("D:D").EntireColumn.AutoFit
End Sub
'----------------------------------------------------------------------------------
Sub No_Microsoft_Services()
Dim strComputer,objWMIService
Dim State,colServices,x,objService,objWorksheet,objWorkbook
Set objWorksheet = objExcel.ActiveWorkbook.Sheets.Add
objWorksheet.Name = "No-Microsoft_Services"
objExcel.WorkSheets("No-Microsoft_Services").select
objWorksheet.Tab.ColorIndex = 8
' Format the cell A1 and add the text: Service Name
objWorkSheet.Cells(1, 1).Value = "Service Name"
objWorkSheet.Cells(1, 1).Font.Bold = TRUE
objWorkSheet.Cells(1, 1).Interior.ColorIndex = 43
objWorkSheet.Cells(1, 1).Font.ColorIndex = 2
' Format the cell A2 and add the text: Display Name
objWorkSheet.Cells(1, 2).Value = "Display Name"
objWorkSheet.Cells(1, 2).Font.Bold = TRUE
objWorkSheet.Cells(1, 2).Interior.ColorIndex = 43
objWorkSheet.Cells(1, 2).Font.ColorIndex = 2
'*************************************************
' Format the cell A3 and add the text: State
objWorkSheet.Cells(1, 3).Value = "State"
objWorkSheet.Cells(1, 3).Font.Bold = TRUE
objWorkSheet.Cells(1, 3).Interior.ColorIndex = 43
objWorkSheet.Cells(1, 3).Font.ColorIndex = 2
'*************************************************
' Format the cell A4 and add the text: Executable Path
objWorkSheet.Cells(1, 4).Value = "Executable Path"
objWorkSheet.Cells(1, 4).Font.Bold = TRUE
objWorkSheet.Cells(1, 4).Interior.ColorIndex = 43
objWorkSheet.Cells(1, 4).Font.ColorIndex = 2
'*************************************************
' Format the cell A5 and add the text: Description
objWorkSheet.Cells(1, 5).Value = "Description"
objWorkSheet.Cells(1, 5).Font.Bold = TRUE
objWorkSheet.Cells(1, 5).Interior.ColorIndex = 43
objWorkSheet.Cells(1, 5).Font.ColorIndex = 2
' Find the Non-Microsoft Windows services on this computer
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colServices = objWMIService.ExecQuery("Select * From Win32_Service where Not PathName like '%Micro%' AND Not PathName like '%Windows%'")
' Write each service to Excel, starting in A2
x = 1
For Each objService in colServices
x = x + 1
objWorkSheet.Cells(x, 1) = objService.Name
objWorkSheet.Cells(x, 2) = objService.DisplayName
objWorkSheet.Cells(x, 3) = objService.State
objWorkSheet.Cells(x, 4) = objService.PathName
objWorkSheet.Cells(x, 5) = objService.Description
State = objService.Started
If State Then
objWorkSheet.Cells(x, 1).Font.ColorIndex = 10
objWorkSheet.Cells(x, 2).Font.ColorIndex = 10
objWorkSheet.Cells(x, 3).Font.ColorIndex = 10
objWorkSheet.Cells(x, 4).Font.ColorIndex = 10
objWorkSheet.Cells(x, 5).Font.ColorIndex = 10
ELSE
objWorkSheet.Cells(x, 1).Font.ColorIndex = 3
objWorkSheet.Cells(x, 2).Font.ColorIndex = 3
objWorkSheet.Cells(x, 3).Font.ColorIndex = 3
objWorkSheet.Cells(x, 4).Font.ColorIndex = 3
objWorkSheet.Cells(x, 5).Font.ColorIndex = 3
end if
Next
objWorkSheet.Columns("A:A").EntireColumn.AutoFit
objWorkSheet.Columns("B:B").EntireColumn.AutoFit
objWorkSheet.Columns("C:C").EntireColumn.AutoFit
objWorkSheet.Columns("D:D").EntireColumn.AutoFit
objWorkSheet.Columns("E:E").EntireColumn.AutoFit
End Sub
'----------------------------------------------------------------------------------