代码:
import java.net.UnknownHostException;
import java.util.logging.Level; import org.jinterop.dcom.common.IJIUnreferenced;
import org.jinterop.dcom.common.JIException;
import org.jinterop.dcom.common.JISystem;
import org.jinterop.dcom.core.IJIComObject;
import org.jinterop.dcom.core.JIArray;
import org.jinterop.dcom.core.JICallBuilder;
import org.jinterop.dcom.core.JIComServer;
import org.jinterop.dcom.core.JIFlags;
import org.jinterop.dcom.core.JIProgId;
import org.jinterop.dcom.core.JISession;
import org.jinterop.dcom.core.JIString;
import org.jinterop.dcom.core.JIVariant;
import org.jinterop.dcom.impls.JIObjectFactory;
import org.jinterop.dcom.impls.automation.IJIDispatch;
import org.jinterop.dcom.impls.automation.IJIEnumVariant; public class WMITest { private JIComServer comStub = null;
private IJIComObject comObject = null;
private IJIDispatch dispatch = null;
private String address = null;
private JISession session = null; public WMITest(String address, String[] args) throws JIException, UnknownHostException
{
this.address = address;
session = JISession.createSession(args[1],args[2],args[3]);
session.useSessionSecurity(true);
session.setGlobalSocketTimeout(5000);
comStub = new JIComServer(JIProgId.valueOf("WbemScripting.SWbemLocator"),address,session);
IJIComObject unknown = comStub.createInstance();
comObject = (IJIComObject)unknown.queryInterface("76A6415B-CB41-11d1-8B02-00600806D9B6");//ISWbemLocator
//This will obtain the dispatch interface
dispatch = (IJIDispatch)JIObjectFactory.narrowObject(comObject.queryInterface(IJIDispatch.IID));
} public void performOp(String strQuery) throws JIException, InterruptedException
{
System.gc();
JIVariant results[] = dispatch.callMethodA("ConnectServer",new Object[]{new JIString(address),JIVariant.OPTIONAL_PARAM(),JIVariant.OPTIONAL_PARAM(),JIVariant.OPTIONAL_PARAM()
,JIVariant.OPTIONAL_PARAM(),JIVariant.OPTIONAL_PARAM(),new Integer(0),JIVariant.OPTIONAL_PARAM()}); //using the dispatch results above you can use the "ConnectServer" api to retrieve a pointer to IJIDispatch
//of ISWbemServices //OR
//Make a direct call like below , in this case you would get back an interface pointer to ISWbemServices , NOT to it's IDispatch
JICallBuilder callObject = new JICallBuilder();
callObject.addInParamAsString(address,JIFlags.FLAG_REPRESENTATION_STRING_BSTR);
callObject.addInParamAsString("",JIFlags.FLAG_REPRESENTATION_STRING_BSTR);
callObject.addInParamAsString("",JIFlags.FLAG_REPRESENTATION_STRING_BSTR);
callObject.addInParamAsString("",JIFlags.FLAG_REPRESENTATION_STRING_BSTR);
callObject.addInParamAsString("",JIFlags.FLAG_REPRESENTATION_STRING_BSTR);
callObject.addInParamAsString("",JIFlags.FLAG_REPRESENTATION_STRING_BSTR);
callObject.addInParamAsInt(0,JIFlags.FLAG_NULL);
callObject.addInParamAsPointer(null,JIFlags.FLAG_NULL);
callObject.setOpnum(0);
callObject.addOutParamAsType(IJIComObject.class,JIFlags.FLAG_NULL);
IJIComObject wbemServices = JIObjectFactory.narrowObject((IJIComObject)((Object[])comObject.call(callObject))[0]);
wbemServices.setInstanceLevelSocketTimeout(1000);
wbemServices.registerUnreferencedHandler(new IJIUnreferenced(){
public void unReferenced()
{
System.out.println("wbemServices unreferenced... ");
}
}); //Lets have a look at both.
IJIDispatch wbemServices_dispatch = (IJIDispatch)JIObjectFactory.narrowObject((results[0]).getObjectAsComObject());
//results = wbemServices_dispatch.callMethodA("InstancesOf", new Object[]{new JIString("Win32_Process"), new Integer(0), JIVariant.OPTIONAL_PARAM()});
// String strQuery = "SELECT * FROM Win32_PerfFormattedData_PerfOS_Processor WHERE Name != '_Total'";
results = wbemServices_dispatch.callMethodA("ExecQuery", new Object[] {new JIString(strQuery), JIVariant.OPTIONAL_PARAM(),
JIVariant.OPTIONAL_PARAM(), JIVariant.OPTIONAL_PARAM()}); IJIDispatch wbemObjectSet_dispatch = (IJIDispatch)JIObjectFactory.narrowObject((results[0]).getObjectAsComObject());
JIVariant variant = wbemObjectSet_dispatch.get("_NewEnum");
IJIComObject object2 = variant.getObjectAsComObject(); System.out.println(object2.isDispatchSupported());
System.out.println(object2.isDispatchSupported()); object2.registerUnreferencedHandler(new IJIUnreferenced(){
public void unReferenced()
{
System.out.println("object2 unreferenced...");
}
}); IJIEnumVariant enumVARIANT = (IJIEnumVariant)JIObjectFactory.narrowObject(object2.queryInterface(IJIEnumVariant.IID)); //This will return back a dispatch of ISWbemObjectSet //OR
//It returns back the pointer to ISWbemObjectSet
callObject = new JICallBuilder();
callObject.addInParamAsString("Win32_Process",JIFlags.FLAG_REPRESENTATION_STRING_BSTR);
callObject.addInParamAsInt(0,JIFlags.FLAG_NULL);
callObject.addInParamAsPointer(null,JIFlags.FLAG_NULL);
callObject.setOpnum(4);
callObject.addOutParamAsType(IJIComObject.class,JIFlags.FLAG_NULL);
IJIComObject wbemObjectSet = JIObjectFactory.narrowObject((IJIComObject)((Object[])wbemServices.call(callObject))[0]); //okay seen enough of the other usage, lets just stick to disptach, it's lot simpler
JIVariant Count = wbemObjectSet_dispatch.get("Count");
int count = Count.getObjectAsInt();
for (int i = 0; i < count; i++)
{
Object[] values = enumVARIANT.next(1);
JIArray array = (JIArray)values[0];
Object[] arrayObj = (Object[])array.getArrayInstance();
for (int j = 0; j < arrayObj.length; j++)
{
IJIDispatch wbemObject_dispatch = (IJIDispatch)JIObjectFactory.narrowObject(((JIVariant)arrayObj[j]).getObjectAsComObject());
JIVariant variant2 = (JIVariant)(wbemObject_dispatch.callMethodA("GetObjectText_",new Object[]{new Integer(1)}))[0];
System.out.println(variant2.getObjectAsString().getString());
System.out.println("++++++++++++++++++++++++++++++++++++++++++++++++++++++++++");
}
}
} private void killme() throws JIException
{
JISession.destroySession(session);
} public static void main(String[] args) throws Exception { args = new String[4];
args[0] = "192.168.152.147";
args[1] = "192.168.152.147";
args[2] = "wsc";
args[3] = "123";
JISystem.getLogger().setLevel(Level.ALL);
JISystem.setInBuiltLogHandler(false);
JISystem.setAutoRegisteration(true);
WMITest test = new WMITest(args[0],args); // // 系统信息
// wt.query("SELECT * FROM Win32_ComputerSystem");
// // CPU信息
// wt.query("SELECT * FROM Win32_PerfFormattedData_PerfOS_Processor WHERE Name != '_Total'");
// // 内存信息
// wt.query("SELECT * FROM Win32_PerfFormattedData_PerfOS_Memory");
// // 磁盘信息
// wt.query("SELECT * FROM Win32_PerfRawData_PerfDisk_PhysicalDisk Where Name != '_Total'");
System.out.println("// // 系统信息");
test.performOp("SELECT * FROM Win32_ComputerSystem");
System.out.println("// // CPU信息");
test.performOp("SELECT * FROM Win32_PerfFormattedData_PerfOS_Processor WHERE Name != '_Total'");
System.out.println("// // 内存信息");
test.performOp("SELECT * FROM Win32_PerfFormattedData_PerfOS_Memory");
System.out.println("// // 磁盘信息");
test.performOp("SELECT * FROM Win32_PerfRawData_PerfDisk_PhysicalDisk Where Name != '_Total'");
System.out.println("// // 进程信息");
test.performOp("SELECT * FROM Win32_Process Where Name != '_Total'"); test.killme();
}
}
运行结果:
// // 系统信息
false
false instance of Win32_ComputerSystem
{
AdminPasswordStatus = 1;
AutomaticResetBootOption = TRUE;
AutomaticResetCapability = TRUE;
BootOptionOnLimit = 3;
BootOptionOnWatchDog = 3;
BootROMSupported = TRUE;
BootupState = "Normal boot";
Caption = "WSC-DD1C1371359";
ChassisBootupState = 3;
CreationClassName = "Win32_ComputerSystem";
CurrentTimeZone = 480;
Description = "AT/AT COMPATIBLE";
Domain = "WORKGROUP";
DomainRole = 0;
EnableDaylightSavingsTime = TRUE;
FrontPanelResetStatus = 3;
InfraredSupported = FALSE;
KeyboardPasswordStatus = 3;
Manufacturer = "VMware, Inc.";
Model = "VMware Virtual Platform";
Name = "WSC-DD1C1371359";
NetworkServerModeEnabled = TRUE;
NumberOfLogicalProcessors = 1;
NumberOfProcessors = 1;
OEMStringArray = {"[MS_VM_CERT/SHA1/27d66596a61c48dd3dc7216fd715126e33f59ae7]", "Welcome to the Virtual Machine"};
PartOfDomain = FALSE;
PauseAfterReset = "3932100000";
PowerOnPasswordStatus = 0;
PowerState = 0;
PowerSupplyState = 3;
PrimaryOwnerName = "wsc";
ResetCapability = 1;
ResetCount = -1;
ResetLimit = -1;
Roles = {"LM_Workstation", "LM_Server", "NT"};
Status = "OK";
SystemStartupDelay = 30;
SystemStartupOptions = {"\"Microsoft Windows XP Professional\" /noexecute=optin /fastdetect"};
SystemStartupSetting = 0;
SystemType = "X86-based PC";
ThermalState = 3;
TotalPhysicalMemory = "536330240";
UserName = "WSC-DD1C1371359\\wsc";
WakeUpType = 6;
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
// // CPU信息
wbemServices unreferenced...
object2 unreferenced...
false
false instance of Win32_PerfFormattedData_PerfOS_Processor
{
C1TransitionsPersec = "80";
C2TransitionsPersec = "0";
C3TransitionsPersec = "0";
DPCRate = 0;
DPCsQueuedPersec = 40;
InterruptsPersec = 112;
Name = "0";
PercentC1Time = "95";
PercentC2Time = "0";
PercentC3Time = "0";
PercentDPCTime = "0";
PercentIdleTime = "96";
PercentInterruptTime = "0";
PercentPrivilegedTime = "0";
PercentProcessorTime = "3";
PercentUserTime = "3";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
// // 内存信息
wbemServices unreferenced...
object2 unreferenced...
false
false instance of Win32_PerfFormattedData_PerfOS_Memory
{
AvailableBytes = "368558080";
AvailableKBytes = "359920";
AvailableMBytes = "351";
CacheBytes = "48754688";
CacheBytesPeak = "57954304";
CacheFaultsPersec = 0;
CommitLimit = "1306517504";
CommittedBytes = "128024576";
DemandZeroFaultsPersec = 28174;
FreeSystemPageTableEntries = 24738;
PageFaultsPersec = 28174;
PageReadsPersec = 0;
PagesInputPersec = 0;
PagesOutputPersec = 0;
PagesPersec = 0;
PageWritesPersec = 0;
PercentCommittedBytesInUse = 9;
PoolNonpagedAllocs = 36196;
PoolNonpagedBytes = "6221824";
PoolPagedAllocs = 53540;
PoolPagedBytes = "25804800";
PoolPagedResidentBytes = "25137152";
SystemCacheResidentBytes = "21434368";
SystemCodeResidentBytes = "32768";
SystemCodeTotalBytes = "942080";
SystemDriverResidentBytes = "2150400";
SystemDriverTotalBytes = "3309568";
TransitionFaultsPersec = 0;
WriteCopiesPersec = 0;
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
// // 磁盘信息
object2 unreferenced...
wbemServices unreferenced...
false
false instance of Win32_PerfRawData_PerfDisk_PhysicalDisk
{
AvgDiskBytesPerRead = "181823488";
AvgDiskBytesPerRead_Base = 8801;
AvgDiskBytesPerTransfer = "506663424";
AvgDiskBytesPerTransfer_Base = 24623;
AvgDiskBytesPerWrite = "324839936";
AvgDiskBytesPerWrite_Base = 15822;
AvgDiskQueueLength = "369424608";
AvgDiskReadQueueLength = "96234999";
AvgDisksecPerRead = 34447750;
AvgDisksecPerRead_Base = 8801;
AvgDisksecPerTransfer = 132237200;
AvgDisksecPerTransfer_Base = 24623;
AvgDisksecPerWrite = 97789449;
AvgDisksecPerWrite_Base = 15822;
AvgDiskWriteQueueLength = "273189609";
CurrentDiskQueueLength = 0;
DiskBytesPersec = "506663424";
DiskReadBytesPersec = "181823488";
DiskReadsPersec = 8801;
DiskTransfersPersec = 24623;
DiskWriteBytesPersec = "324839936";
DiskWritesPersec = 15822;
Frequency_Object = "0";
Frequency_PerfTime = "3579545";
Frequency_Sys100NS = "10000000";
Name = "0 C:";
PercentDiskReadTime = "96234999";
PercentDiskReadTime_Base = "130473211584062500";
PercentDiskTime = "369424608";
PercentDiskTime_Base = "130473211584062500";
PercentDiskWriteTime = "273189609";
PercentDiskWriteTime_Base = "130473211584062500";
PercentIdleTime = "22605673211";
PercentIdleTime_Base = "130473211584062500";
SplitIOPerSec = 2465;
Timestamp_Object = "0";
Timestamp_PerfTime = "8298351509";
Timestamp_Sys100NS = "130473211584062500";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
// // 进程信息
wbemServices unreferenced...
object2 unreferenced...
false
false instance of Win32_Process
{
Caption = "System Idle Process";
CreationClassName = "Win32_Process";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "System Idle Process";
Handle = "0";
HandleCount = 0;
KernelModeTime = "20882343750";
Name = "System Idle Process";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "0";
OtherTransferCount = "0";
PageFaults = 0;
PageFileUsage = 0;
ParentProcessId = 0;
PeakPageFileUsage = 0;
PeakVirtualSize = "0";
PeakWorkingSetSize = 0;
Priority = 0;
PrivatePageCount = "0";
ProcessId = 0;
QuotaNonPagedPoolUsage = 0;
QuotaPagedPoolUsage = 0;
QuotaPeakNonPagedPoolUsage = 0;
QuotaPeakPagedPoolUsage = 0;
ReadOperationCount = "0";
ReadTransferCount = "0";
SessionId = 0;
ThreadCount = 1;
UserModeTime = "0";
VirtualSize = "0";
WindowsVersion = "5.1.2600";
WorkingSetSize = "28672";
WriteOperationCount = "0";
WriteTransferCount = "0";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "System";
CreationClassName = "Win32_Process";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "System";
Handle = "4";
HandleCount = 276;
KernelModeTime = "120156250";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 0;
Name = "System";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "2937";
OtherTransferCount = "370800";
PageFaults = 4010;
PageFileUsage = 0;
ParentProcessId = 0;
PeakPageFileUsage = 0;
PeakVirtualSize = "2666496";
PeakWorkingSetSize = 2158592;
Priority = 8;
PrivatePageCount = "28672";
ProcessId = 4;
QuotaNonPagedPoolUsage = 0;
QuotaPagedPoolUsage = 0;
QuotaPeakNonPagedPoolUsage = 0;
QuotaPeakPagedPoolUsage = 0;
ReadOperationCount = "100";
ReadTransferCount = "77484";
SessionId = 0;
ThreadCount = 58;
UserModeTime = "0";
VirtualSize = "1863680";
WindowsVersion = "5.1.2600";
WorkingSetSize = "303104";
WriteOperationCount = "1303";
WriteTransferCount = "6224370";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "smss.exe";
CommandLine = "\\SystemRoot\\System32\\smss.exe";
CreationClassName = "Win32_Process";
CreationDate = "20140615231403.296875+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "smss.exe";
ExecutablePath = "C:\\WINDOWS\\System32\\smss.exe";
Handle = "516";
HandleCount = 19;
KernelModeTime = "312500";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "smss.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "161";
OtherTransferCount = "31238";
PageFaults = 209;
PageFileUsage = 172032;
ParentProcessId = 4;
PeakPageFileUsage = 188416;
PeakVirtualSize = "12152832";
PeakWorkingSetSize = 483328;
Priority = 11;
PrivatePageCount = "172032";
ProcessId = 516;
QuotaNonPagedPoolUsage = 640;
QuotaPagedPoolUsage = 6044;
QuotaPeakNonPagedPoolUsage = 792;
QuotaPeakPagedPoolUsage = 22116;
ReadOperationCount = "8";
ReadTransferCount = "26";
SessionId = 0;
ThreadCount = 3;
UserModeTime = "156250";
VirtualSize = "3833856";
WindowsVersion = "5.1.2600";
WorkingSetSize = "397312";
WriteOperationCount = "4";
WriteTransferCount = "4";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "csrss.exe";
CommandLine = "C:\\WINDOWS\\system32\\csrss.exe ObjectDirectory=\\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16";
CreationClassName = "Win32_Process";
CreationDate = "20140615231405.578125+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "csrss.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\csrss.exe";
Handle = "596";
HandleCount = 372;
KernelModeTime = "205937500";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "csrss.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "23770";
OtherTransferCount = "280072";
PageFaults = 29394;
PageFileUsage = 2428928;
ParentProcessId = 516;
PeakPageFileUsage = 2650112;
PeakVirtualSize = "79278080";
PeakWorkingSetSize = 21041152;
Priority = 13;
PrivatePageCount = "2428928";
ProcessId = 596;
QuotaNonPagedPoolUsage = 6648;
QuotaPagedPoolUsage = 136172;
QuotaPeakNonPagedPoolUsage = 7232;
QuotaPeakPagedPoolUsage = 163324;
ReadOperationCount = "27582";
ReadTransferCount = "1858573";
SessionId = 0;
ThreadCount = 10;
UserModeTime = "25468750";
VirtualSize = "65953792";
WindowsVersion = "5.1.2600";
WorkingSetSize = "6385664";
WriteOperationCount = "0";
WriteTransferCount = "0";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "winlogon.exe";
CommandLine = "winlogon.exe";
CreationClassName = "Win32_Process";
CreationDate = "20140615231406.484375+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "winlogon.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\winlogon.exe";
Handle = "620";
HandleCount = 544;
KernelModeTime = "40000000";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "winlogon.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "9296";
OtherTransferCount = "224937";
PageFaults = 35993;
PageFileUsage = 8613888;
ParentProcessId = 516;
PeakPageFileUsage = 18022400;
PeakVirtualSize = "81559552";
PeakWorkingSetSize = 22265856;
Priority = 13;
PrivatePageCount = "8613888";
ProcessId = 620;
QuotaNonPagedPoolUsage = 39472;
QuotaPagedPoolUsage = 108172;
QuotaPeakNonPagedPoolUsage = 43536;
QuotaPeakPagedPoolUsage = 138420;
ReadOperationCount = "257";
ReadTransferCount = "2281890";
SessionId = 0;
ThreadCount = 20;
UserModeTime = "10937500";
VirtualSize = "65028096";
WindowsVersion = "5.1.2600";
WorkingSetSize = "8458240";
WriteOperationCount = "418";
WriteTransferCount = "4786854";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "services.exe";
CommandLine = "C:\\WINDOWS\\system32\\services.exe";
CreationClassName = "Win32_Process";
CreationDate = "20140615231407.078125+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "services.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\services.exe";
Handle = "664";
HandleCount = 268;
KernelModeTime = "14843750";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "services.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "4336";
OtherTransferCount = "46967";
PageFaults = 3442;
PageFileUsage = 4083712;
ParentProcessId = 620;
PeakPageFileUsage = 4608000;
PeakVirtualSize = "52043776";
PeakWorkingSetSize = 7032832;
Priority = 9;
PrivatePageCount = "4083712";
ProcessId = 664;
QuotaNonPagedPoolUsage = 6512;
QuotaPagedPoolUsage = 37636;
QuotaPeakNonPagedPoolUsage = 11584;
QuotaPeakPagedPoolUsage = 81420;
ReadOperationCount = "208";
ReadTransferCount = "6422804";
SessionId = 0;
ThreadCount = 16;
UserModeTime = "2656250";
VirtualSize = "25759744";
WindowsVersion = "5.1.2600";
WorkingSetSize = "4530176";
WriteOperationCount = "210";
WriteTransferCount = "1187383";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "lsass.exe";
CommandLine = "C:\\WINDOWS\\system32\\lsass.exe";
CreationClassName = "Win32_Process";
CreationDate = "20140615231407.125000+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "lsass.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\lsass.exe";
Handle = "676";
HandleCount = 355;
KernelModeTime = "9375000";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "lsass.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "11552";
OtherTransferCount = "92865";
PageFaults = 5660;
PageFileUsage = 3895296;
ParentProcessId = 620;
PeakPageFileUsage = 4096000;
PeakVirtualSize = "45924352";
PeakWorkingSetSize = 6762496;
Priority = 9;
PrivatePageCount = "3895296";
ProcessId = 676;
QuotaNonPagedPoolUsage = 8768;
QuotaPagedPoolUsage = 76084;
QuotaPeakNonPagedPoolUsage = 11064;
QuotaPeakPagedPoolUsage = 79644;
ReadOperationCount = "5642";
ReadTransferCount = "1026411";
SessionId = 0;
ThreadCount = 20;
UserModeTime = "4218750";
VirtualSize = "44085248";
WindowsVersion = "5.1.2600";
WorkingSetSize = "1937408";
WriteOperationCount = "5066";
WriteTransferCount = "710548";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "svchost.exe";
CommandLine = "C:\\WINDOWS\\system32\\svchost -k rpcss";
CreationClassName = "Win32_Process";
CreationDate = "20140615231408.828125+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "svchost.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\svchost.exe";
Handle = "888";
HandleCount = 250;
KernelModeTime = "2500000";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "svchost.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "560";
OtherTransferCount = "22315";
PageFaults = 1389;
PageFileUsage = 1994752;
ParentProcessId = 664;
PeakPageFileUsage = 2011136;
PeakVirtualSize = "39129088";
PeakWorkingSetSize = 4980736;
Priority = 8;
PrivatePageCount = "1994752";
ProcessId = 888;
QuotaNonPagedPoolUsage = 13968;
QuotaPagedPoolUsage = 74892;
QuotaPeakNonPagedPoolUsage = 15952;
QuotaPeakPagedPoolUsage = 75316;
ReadOperationCount = "113";
ReadTransferCount = "439164";
SessionId = 0;
ThreadCount = 9;
UserModeTime = "2031250";
VirtualSize = "38866944";
WindowsVersion = "5.1.2600";
WorkingSetSize = "4947968";
WriteOperationCount = "8";
WriteTransferCount = "444";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "svchost.exe";
CommandLine = "C:\\WINDOWS\\System32\\svchost.exe -k netsvcs";
CreationClassName = "Win32_Process";
CreationDate = "20140615231409.015625+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "svchost.exe";
ExecutablePath = "C:\\WINDOWS\\System32\\svchost.exe";
Handle = "992";
HandleCount = 1908;
KernelModeTime = "40468750";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "svchost.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "31774";
OtherTransferCount = "452990";
PageFaults = 31949;
PageFileUsage = 16052224;
ParentProcessId = 664;
PeakPageFileUsage = 20156416;
PeakVirtualSize = "161574912";
PeakWorkingSetSize = 30507008;
Priority = 8;
PrivatePageCount = "16052224";
ProcessId = 992;
QuotaNonPagedPoolUsage = 69464;
QuotaPagedPoolUsage = 244924;
QuotaPeakNonPagedPoolUsage = 72976;
QuotaPeakPagedPoolUsage = 251708;
ReadOperationCount = "2994";
ReadTransferCount = "20808396";
SessionId = 0;
ThreadCount = 76;
UserModeTime = "25781250";
VirtualSize = "153354240";
WindowsVersion = "5.1.2600";
WorkingSetSize = "26402816";
WriteOperationCount = "5089";
WriteTransferCount = "29132527";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "svchost.exe";
CommandLine = "C:\\WINDOWS\\system32\\svchost -k DcomLaunch";
CreationClassName = "Win32_Process";
CreationDate = "20140615231409.156250+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "svchost.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\svchost.exe";
Handle = "1036";
HandleCount = 231;
KernelModeTime = "1250000";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "svchost.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "762";
OtherTransferCount = "108740";
PageFaults = 1565;
PageFileUsage = 3244032;
ParentProcessId = 664;
PeakPageFileUsage = 23957504;
PeakVirtualSize = "68231168";
PeakWorkingSetSize = 5664768;
Priority = 8;
PrivatePageCount = "3244032";
ProcessId = 1036;
QuotaNonPagedPoolUsage = 6864;
QuotaPagedPoolUsage = 81780;
QuotaPeakNonPagedPoolUsage = 7264;
QuotaPeakPagedPoolUsage = 84580;
ReadOperationCount = "128";
ReadTransferCount = "441196";
SessionId = 0;
ThreadCount = 17;
UserModeTime = "1250000";
VirtualSize = "66371584";
WindowsVersion = "5.1.2600";
WorkingSetSize = "5586944";
WriteOperationCount = "22";
WriteTransferCount = "1388";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "svchost.exe";
CommandLine = "C:\\WINDOWS\\system32\\svchost.exe -k NetworkService";
CreationClassName = "Win32_Process";
CreationDate = "20140615231430.390625+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "svchost.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\svchost.exe";
Handle = "1260";
HandleCount = 80;
KernelModeTime = "781250";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "svchost.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "461";
OtherTransferCount = "96287";
PageFaults = 1311;
PageFileUsage = 1392640;
ParentProcessId = 664;
PeakPageFileUsage = 1531904;
PeakVirtualSize = "34390016";
PeakWorkingSetSize = 3866624;
Priority = 8;
PrivatePageCount = "1392640";
ProcessId = 1260;
QuotaNonPagedPoolUsage = 3808;
QuotaPagedPoolUsage = 57564;
QuotaPeakNonPagedPoolUsage = 6976;
QuotaPeakPagedPoolUsage = 66964;
ReadOperationCount = "124";
ReadTransferCount = "420304";
SessionId = 0;
ThreadCount = 5;
UserModeTime = "781250";
VirtualSize = "31436800";
WindowsVersion = "5.1.2600";
WorkingSetSize = "3780608";
WriteOperationCount = "13";
WriteTransferCount = "228";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "svchost.exe";
CommandLine = "C:\\WINDOWS\\system32\\svchost.exe -k LocalService";
CreationClassName = "Win32_Process";
CreationDate = "20140615231430.671875+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "svchost.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\svchost.exe";
Handle = "1384";
HandleCount = 233;
KernelModeTime = "2031250";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "svchost.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "895";
OtherTransferCount = "106204";
PageFaults = 1483;
PageFileUsage = 2035712;
ParentProcessId = 664;
PeakPageFileUsage = 2035712;
PeakVirtualSize = "43114496";
PeakWorkingSetSize = 5562368;
Priority = 8;
PrivatePageCount = "2035712";
ProcessId = 1384;
QuotaNonPagedPoolUsage = 6760;
QuotaPagedPoolUsage = 78860;
QuotaPeakNonPagedPoolUsage = 10128;
QuotaPeakPagedPoolUsage = 80620;
ReadOperationCount = "52";
ReadTransferCount = "28132";
SessionId = 0;
ThreadCount = 16;
UserModeTime = "468750";
VirtualSize = "42979328";
WindowsVersion = "5.1.2600";
WorkingSetSize = "5562368";
WriteOperationCount = "38";
WriteTransferCount = "2056";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "spoolsv.exe";
CommandLine = "C:\\WINDOWS\\system32\\spoolsv.exe";
CreationClassName = "Win32_Process";
CreationDate = "20140615231431.156250+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "spoolsv.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\spoolsv.exe";
Handle = "1512";
HandleCount = 109;
KernelModeTime = "1406250";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "spoolsv.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "305";
OtherTransferCount = "4316";
PageFaults = 1336;
PageFileUsage = 3166208;
ParentProcessId = 664;
PeakPageFileUsage = 3391488;
PeakVirtualSize = "48046080";
PeakWorkingSetSize = 4837376;
Priority = 8;
PrivatePageCount = "3166208";
ProcessId = 1512;
QuotaNonPagedPoolUsage = 4752;
QuotaPagedPoolUsage = 80924;
QuotaPeakNonPagedPoolUsage = 6792;
QuotaPeakPagedPoolUsage = 84164;
ReadOperationCount = "8";
ReadTransferCount = "22632";
SessionId = 0;
ThreadCount = 11;
UserModeTime = "468750";
VirtualSize = "45596672";
WindowsVersion = "5.1.2600";
WorkingSetSize = "4816896";
WriteOperationCount = "7";
WriteTransferCount = "372";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "alg.exe";
CommandLine = "C:\\WINDOWS\\System32\\alg.exe";
CreationClassName = "Win32_Process";
CreationDate = "20140615231457.234375+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "alg.exe";
ExecutablePath = "C:\\WINDOWS\\System32\\alg.exe";
Handle = "572";
HandleCount = 102;
KernelModeTime = "468750";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "alg.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "164";
OtherTransferCount = "3164";
PageFaults = 954;
PageFileUsage = 1265664;
ParentProcessId = 664;
PeakPageFileUsage = 1277952;
PeakVirtualSize = "37081088";
PeakWorkingSetSize = 3772416;
Priority = 8;
PrivatePageCount = "1265664";
ProcessId = 572;
QuotaNonPagedPoolUsage = 4848;
QuotaPagedPoolUsage = 71036;
QuotaPeakNonPagedPoolUsage = 6048;
QuotaPeakPagedPoolUsage = 71724;
ReadOperationCount = "5";
ReadTransferCount = "22432";
SessionId = 0;
ThreadCount = 6;
UserModeTime = "312500";
VirtualSize = "36818944";
WindowsVersion = "5.1.2600";
WorkingSetSize = "3768320";
WriteOperationCount = "4";
WriteTransferCount = "156";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "wscntfy.exe";
CommandLine = "C:\\WINDOWS\\system32\\wscntfy.exe";
CreationClassName = "Win32_Process";
CreationDate = "20140615231551.812500+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "wscntfy.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\wscntfy.exe";
Handle = "1340";
HandleCount = 37;
KernelModeTime = "468750";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "wscntfy.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "99";
OtherTransferCount = "2110";
PageFaults = 658;
PageFileUsage = 684032;
ParentProcessId = 992;
PeakPageFileUsage = 684032;
PeakVirtualSize = "31674368";
PeakWorkingSetSize = 2580480;
Priority = 8;
PrivatePageCount = "684032";
ProcessId = 1340;
QuotaNonPagedPoolUsage = 2000;
QuotaPagedPoolUsage = 64036;
QuotaPeakNonPagedPoolUsage = 2024;
QuotaPeakPagedPoolUsage = 65020;
ReadOperationCount = "0";
ReadTransferCount = "0";
SessionId = 0;
ThreadCount = 1;
UserModeTime = "312500";
VirtualSize = "31674368";
WindowsVersion = "5.1.2600";
WorkingSetSize = "2580480";
WriteOperationCount = "0";
WriteTransferCount = "0";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "explorer.exe";
CommandLine = "C:\\WINDOWS\\Explorer.EXE";
CreationClassName = "Win32_Process";
CreationDate = "20140615231552.000000+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "explorer.exe";
ExecutablePath = "C:\\WINDOWS\\Explorer.EXE";
Handle = "1408";
HandleCount = 485;
KernelModeTime = "454218750";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "explorer.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "93067";
OtherTransferCount = "2650807";
PageFaults = 89090;
PageFileUsage = 13684736;
ParentProcessId = 1236;
PeakPageFileUsage = 18440192;
PeakVirtualSize = "959401984";
PeakWorkingSetSize = 21835776;
Priority = 8;
PrivatePageCount = "13684736";
ProcessId = 1408;
QuotaNonPagedPoolUsage = 11520;
QuotaPagedPoolUsage = 147492;
QuotaPeakNonPagedPoolUsage = 16176;
QuotaPeakPagedPoolUsage = 1850084;
ReadOperationCount = "6109";
ReadTransferCount = "170032752";
SessionId = 0;
ThreadCount = 12;
UserModeTime = "89062500";
VirtualSize = "87437312";
WindowsVersion = "5.1.2600";
WorkingSetSize = "17227776";
WriteOperationCount = "4791";
WriteTransferCount = "192941865";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "ctfmon.exe";
CommandLine = "\"C:\\WINDOWS\\system32\\CTFMON.EXE\" ";
CreationClassName = "Win32_Process";
CreationDate = "20140615231609.546875+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "ctfmon.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\CTFMON.EXE";
Handle = "2004";
HandleCount = 109;
KernelModeTime = "2968750";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "ctfmon.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "181";
OtherTransferCount = "316";
PageFaults = 2628;
PageFileUsage = 1343488;
ParentProcessId = 1408;
PeakPageFileUsage = 1404928;
PeakVirtualSize = "41644032";
PeakWorkingSetSize = 4288512;
Priority = 8;
PrivatePageCount = "1343488";
ProcessId = 2004;
QuotaNonPagedPoolUsage = 4720;
QuotaPagedPoolUsage = 79148;
QuotaPeakNonPagedPoolUsage = 5840;
QuotaPeakPagedPoolUsage = 82388;
ReadOperationCount = "0";
ReadTransferCount = "0";
SessionId = 0;
ThreadCount = 1;
UserModeTime = "1562500";
VirtualSize = "41009152";
WindowsVersion = "5.1.2600";
WorkingSetSize = "4177920";
WriteOperationCount = "0";
WriteTransferCount = "0";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "wpabaln.exe";
CommandLine = "C:\\WINDOWS\\system32\\wpabaln.exe";
CreationClassName = "Win32_Process";
CreationDate = "20140615231751.640625+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "wpabaln.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\wpabaln.exe";
Handle = "300";
HandleCount = 67;
KernelModeTime = "625000";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "wpabaln.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "112";
OtherTransferCount = "2196";
PageFaults = 828;
PageFileUsage = 1064960;
ParentProcessId = 620;
PeakPageFileUsage = 1064960;
PeakVirtualSize = "37031936";
PeakWorkingSetSize = 3260416;
Priority = 8;
PrivatePageCount = "1064960";
ProcessId = 300;
QuotaNonPagedPoolUsage = 2560;
QuotaPagedPoolUsage = 64204;
QuotaPeakNonPagedPoolUsage = 3680;
QuotaPeakPagedPoolUsage = 72124;
ReadOperationCount = "1";
ReadTransferCount = "22264";
SessionId = 0;
ThreadCount = 1;
UserModeTime = "156250";
VirtualSize = "32608256";
WindowsVersion = "5.1.2600";
WorkingSetSize = "3260416";
WriteOperationCount = "0";
WriteTransferCount = "0";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "conime.exe";
CommandLine = "C:\\WINDOWS\\system32\\conime.exe";
CreationClassName = "Win32_Process";
CreationDate = "20140615231835.328125+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "conime.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\conime.exe";
Handle = "120";
HandleCount = 38;
KernelModeTime = "468750";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "conime.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "164";
OtherTransferCount = "384";
PageFaults = 853;
PageFileUsage = 983040;
ParentProcessId = 1212;
PeakPageFileUsage = 983040;
PeakVirtualSize = "37023744";
PeakWorkingSetSize = 3272704;
Priority = 8;
PrivatePageCount = "983040";
ProcessId = 120;
QuotaNonPagedPoolUsage = 2520;
QuotaPagedPoolUsage = 61764;
QuotaPeakNonPagedPoolUsage = 2560;
QuotaPeakPagedPoolUsage = 72108;
ReadOperationCount = "0";
ReadTransferCount = "0";
SessionId = 0;
ThreadCount = 1;
UserModeTime = "312500";
VirtualSize = "31629312";
WindowsVersion = "5.1.2600";
WorkingSetSize = "3268608";
WriteOperationCount = "0";
WriteTransferCount = "0";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "dllhost.exe";
CommandLine = "C:\\WINDOWS\\system32\\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}";
CreationClassName = "Win32_Process";
CreationDate = "20140615232735.453125+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "dllhost.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\dllhost.exe";
Handle = "1176";
HandleCount = 229;
KernelModeTime = "2343750";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "dllhost.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "367";
OtherTransferCount = "8578";
PageFaults = 2266;
PageFileUsage = 3084288;
ParentProcessId = 664;
PeakPageFileUsage = 4337664;
PeakVirtualSize = "54083584";
PeakWorkingSetSize = 8798208;
Priority = 8;
PrivatePageCount = "3084288";
ProcessId = 1176;
QuotaNonPagedPoolUsage = 5920;
QuotaPagedPoolUsage = 88772;
QuotaPeakNonPagedPoolUsage = 8800;
QuotaPeakPagedPoolUsage = 90628;
ReadOperationCount = "4271";
ReadTransferCount = "2596407";
SessionId = 0;
ThreadCount = 14;
UserModeTime = "2656250";
VirtualSize = "50540544";
WindowsVersion = "5.1.2600";
WorkingSetSize = "8642560";
WriteOperationCount = "25";
WriteTransferCount = "4853";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "msdtc.exe";
CommandLine = "C:\\WINDOWS\\system32\\msdtc.exe";
CreationClassName = "Win32_Process";
CreationDate = "20140615232736.015625+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "msdtc.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\msdtc.exe";
Handle = "560";
HandleCount = 151;
KernelModeTime = "1406250";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "msdtc.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "257";
OtherTransferCount = "6752";
PageFaults = 1453;
PageFileUsage = 1978368;
ParentProcessId = 664;
PeakPageFileUsage = 2101248;
PeakVirtualSize = "38850560";
PeakWorkingSetSize = 5337088;
Priority = 8;
PrivatePageCount = "1978368";
ProcessId = 560;
QuotaNonPagedPoolUsage = 6200;
QuotaPagedPoolUsage = 64588;
QuotaPeakNonPagedPoolUsage = 7960;
QuotaPeakPagedPoolUsage = 74300;
ReadOperationCount = "5";
ReadTransferCount = "22436";
SessionId = 0;
ThreadCount = 12;
UserModeTime = "781250";
VirtualSize = "37498880";
WindowsVersion = "5.1.2600";
WorkingSetSize = "5251072";
WriteOperationCount = "16";
WriteTransferCount = "40612";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "dllhost.exe";
CommandLine = "C:\\WINDOWS\\system32\\DllHost.exe /Processid:{76A64158-CB41-11D1-8B02-00600806D9B6}";
CreationClassName = "Win32_Process";
CreationDate = "20140615233532.437500+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "dllhost.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\DllHost.exe";
Handle = "172";
HandleCount = 179;
KernelModeTime = "9843750";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "dllhost.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "12894";
OtherTransferCount = "2027691";
PageFaults = 3445;
PageFileUsage = 4878336;
ParentProcessId = 1036;
PeakPageFileUsage = 6991872;
PeakVirtualSize = "49643520";
PeakWorkingSetSize = 11132928;
Priority = 8;
PrivatePageCount = "4878336";
ProcessId = 172;
QuotaNonPagedPoolUsage = 8984;
QuotaPagedPoolUsage = 80180;
QuotaPeakNonPagedPoolUsage = 13000;
QuotaPeakPagedPoolUsage = 80180;
ReadOperationCount = "136";
ReadTransferCount = "439444";
SessionId = 0;
ThreadCount = 8;
UserModeTime = "13593750";
VirtualSize = "49643520";
WindowsVersion = "5.1.2600";
WorkingSetSize = "9076736";
WriteOperationCount = "4";
WriteTransferCount = "288";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ instance of Win32_Process
{
Caption = "wmiprvse.exe";
CommandLine = "C:\\WINDOWS\\system32\\wbem\\wmiprvse.exe";
CreationClassName = "Win32_Process";
CreationDate = "20140615235236.765625+480";
CSCreationClassName = "Win32_ComputerSystem";
CSName = "WSC-DD1C1371359";
Description = "wmiprvse.exe";
ExecutablePath = "C:\\WINDOWS\\system32\\wbem\\wmiprvse.exe";
Handle = "1172";
HandleCount = 170;
KernelModeTime = "1406250";
MaximumWorkingSetSize = 1413120;
MinimumWorkingSetSize = 204800;
Name = "wmiprvse.exe";
OSCreationClassName = "Win32_OperatingSystem";
OSName = "Microsoft Windows XP Professional|C:\\WINDOWS|\\Device\\Harddisk0\\Partition1";
OtherOperationCount = "602";
OtherTransferCount = "110860";
PageFaults = 2299;
PageFileUsage = 3166208;
ParentProcessId = 1036;
PeakPageFileUsage = 3428352;
PeakVirtualSize = "49258496";
PeakWorkingSetSize = 7524352;
Priority = 8;
PrivatePageCount = "3166208";
ProcessId = 1172;
QuotaNonPagedPoolUsage = 5832;
QuotaPagedPoolUsage = 81828;
QuotaPeakNonPagedPoolUsage = 6280;
QuotaPeakPagedPoolUsage = 81972;
ReadOperationCount = "67";
ReadTransferCount = "295563";
SessionId = 0;
ThreadCount = 8;
UserModeTime = "937500";
VirtualSize = "49258496";
WindowsVersion = "5.1.2600";
WorkingSetSize = "7401472";
WriteOperationCount = "61";
WriteTransferCount = "4288";
}; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++