console
<
.SYNOPSIS
交互式修改进程的关键状态(关键进程或普通进程)
.DESCRIPTION
此脚本允许您选择进程并将其设置为关键进程(终止会导致蓝屏)或普通进程
增强功能:
1. 自动管理员权限提升
2. 系统进程保护警告
3. 操作确认提示
4. 更完善的错误处理
.NOTES
需要以管理员身份运行
使用风险自负 - 错误使用可能导致系统不稳定
if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
$scriptPath = if ($MyInvocation.MyCommand.Path) {
$MyInvocation.MyCommand.Path
} else {
$tempFile = [System.IO.Path]::GetTempFileName() + ".ps1"
[System.IO.File]::WriteAllText($tempFile, $MyInvocation.MyCommand.Definition)
$tempFile
}
$arguments = "-NoProfile -ExecutionPolicy Bypass -File `"$scriptPath`""
Write-Host "正在请求管理员权限..." -ForegroundColor Yellow
try {
$process = Start-Process -FilePath "pwsh.exe" -ArgumentList $arguments -Verb RunAs -WindowStyle Normal -PassThru
if ($scriptPath -ne $MyInvocation.MyCommand.Path) {
Register-ObjectEvent -InputObject $process -EventName Exited -Action {
Remove-Item $scriptPath -Force -ErrorAction SilentlyContinue
} | Out-Null
}
} catch {
Write-Host "无法提升权限: $_" -ForegroundColor Red
pause
}
exit
}
Add-Type -TypeDefinition @"
using System;
using System.Runtime.InteropServices;
public class ProcessCritical
{
[DllImport("ntdll.dll", SetLastError = true)]
private static extern int NtSetInformationProcess(IntPtr hProcess, int processInformationClass, ref int processInformation, int processInformationLength);
public static bool SetProcessCritical(IntPtr handle, bool enable)
{
int isCritical = enable ? 1 : 0;
return NtSetInformationProcess(handle, 0x1D, ref isCritical, sizeof(int)) == 0;
}
}
"@
$systemCriticalProcesses = @("csrss", "lsass", "smss", "wininit", "winlogon", "services")
function Show-ProcessMenu {
param(
[Parameter(Mandatory=$true)]
[System.Diagnostics.Process[]]$Processes
)
Write-Host "`n请选择要修改的进程(输入数字):" -ForegroundColor Cyan
for ($i = 0; $i -lt $Processes.Count; $i++) {
$warning = if ($systemCriticalProcesses -contains $Processes[$i].ProcessName) { "[系统关键] " } else { "" }
Write-Host ("[{0}] {1}{2} (PID: {3})" -f ($i+1), $warning, $Processes[$i].ProcessName, $Processes[$i].Id)
}
Write-Host ("[{0}] 重新列出所有进程" -f ($Processes.Count+1))
Write-Host ("[{0}] 退出" -f ($Processes.Count+2))
$selection = Read-Host "请输入选择"
return $selection
}
function Set-ProcessCriticalStatus {
param(
[Parameter(Mandatory=$true)]
[System.Diagnostics.Process]$Process,
[Parameter(Mandatory=$true)]
[bool]$Critical
)
if ($systemCriticalProcesses -contains $Process.ProcessName) {
Write-Host "`n警告:您正在尝试修改系统关键进程!" -ForegroundColor Red -BackgroundColor Black
Write-Host "这可能导致系统不稳定或无法启动!" -ForegroundColor Red
$confirm = Read-Host "确定要继续吗?(y/n)"
if ($confirm -ne "y") {
Write-Host "操作已取消" -ForegroundColor Yellow
return
}
}
try {
$result = [ProcessCritical]::SetProcessCritical($Process.Handle, $Critical)
if ($result) {
$status = if ($Critical) { "关键进程" } else { "普通进程" }
Write-Host "成功将进程 $($Process.ProcessName) (PID: $($Process.Id)) 设置为 $status" -ForegroundColor Green
if ($Critical) {
Write-Host "警告:现在终止此进程将导致系统蓝屏!" -ForegroundColor Red
}
} else {
$errorCode = [System.Runtime.InteropServices.Marshal]::GetLastWin32Error()
Write-Host "操作失败 (错误代码: 0x$($errorCode.ToString('X8')))" -ForegroundColor Red
Write-Host "可能原因:权限不足或进程受保护" -ForegroundColor Yellow
}
} catch {
Write-Host "发生错误: $_" -ForegroundColor Red
}
}
Clear-Host
Write-Host "`n进程关键性修改工具 [管理员权限]" -ForegroundColor Yellow
Write-Host "===================================="
Write-Host "当前用户: $([Security.Principal.WindowsIdentity]::GetCurrent().Name)"
Write-Host "操作系统: $([Environment]::OSVersion.VersionString)"
Write-Host "===================================="
Write-Host "警告:将进程设为关键进程后,终止该进程会导致系统蓝屏!" -ForegroundColor Red
Write-Host "重要:修改系统关键进程可能导致系统不稳定!`n" -ForegroundColor Red
do {
$allProcesses = Get-Process | Where-Object { $_.ProcessName -ne "Idle" } | Sort-Object -Property ProcessName
$selection = Show-ProcessMenu -Processes $allProcesses
if ($selection -eq ($allProcesses.Count + 1)) {
continue
}
elseif ($selection -eq ($allProcesses.Count + 2)) {
exit
}
elseif ($selection -match "^\d+$" -and [int]$selection -ge 1 -and [int]$selection -le $allProcesses.Count) {
$selectedProcess = $allProcesses[[int]$selection - 1]
Write-Host "`n已选择进程: $($selectedProcess.ProcessName) (PID: $($selectedProcess.Id))" -ForegroundColor Cyan
try {
$procOwner = (Get-WmiObject Win32_Process -Filter "ProcessId = $($selectedProcess.Id)").GetOwner().User
Write-Host "运行用户: $procOwner" -ForegroundColor Gray
} catch {}
Write-Host "1. 设置为关键进程(终止会导致蓝屏)"
Write-Host "2. 设置为普通进程"
Write-Host "3. 返回进程列表"
$action = Read-Host "请选择操作"
switch ($action) {
"1" {
Write-Host "`n您确定要将 $($selectedProcess.ProcessName) 设置为关键进程吗?" -ForegroundColor Yellow
Write-Host "这将导致终止该进程时系统蓝屏!" -ForegroundColor Red
$confirm = Read-Host "确认操作 (y/n)"
if ($confirm -eq "y") {
Set-ProcessCriticalStatus -Process $selectedProcess -Critical $true
} else {
Write-Host "操作已取消" -ForegroundColor Yellow
}
}
"2" {
Set-ProcessCriticalStatus -Process $selectedProcess -Critical $false
}
"3" { continue }
default { Write-Host "无效选择" -ForegroundColor Red }
}
}
else {
Write-Host "无效选择,请重新输入" -ForegroundColor Red
}
if ($Host.Name -eq "ConsoleHost") {
Write-Host "`n按任意键继续..." -ForegroundColor Gray
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
}
} while ($true)