ProcessMagnifier.vbs½ø³Ì²é¿´

' FileName: ProcessMagnifier.vbs   
' Function: Capture information about the running processes in detail   
' code by somebody   
' QQ: 240460440   
' LastModified:2007-11-16 18:25   
' ½ö¹©Ñ§Ï°   

Const HKEY_CURRENT_USER = &H80000001   
oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")   
strKeyPath = "Console\%SystemRoot%_system32_cmd.exe"  
oReg.CreateKey(HKEY_CURRENT_USER, strKeyPath)   
strValueName1 = "CodePage"  
dwValue1 = 936   
strValueName2 = "ScreenBufferSize"  
dwValue2 = 98304200   
strValueName3 = "WindowSize"  
dwValue3 = 2818173   
strValueName4 = "HistoryNoDup"  
dwValue4 = 0   
strValueName5 = "WindowPosition"  
dwValue5 = 131068   
strValueName6 = "QuickEdit"  
dwValue6 = 2048   
oReg.SetDWORDValue(HKEY_CURRENT_USER, strKeyPath, strValueName1, dwValue1)   
oReg.SetDWORDValue(HKEY_CURRENT_USER, strKeyPath, strValueName2, dwValue2)   
oReg.SetDWORDValue(HKEY_CURRENT_USER, strKeyPath, strValueName3, dwValue3)   
oReg.SetDWORDValue(HKEY_CURRENT_USER, strKeyPath, strValueName4, dwValue4)   
oReg.SetDWORDValue(HKEY_CURRENT_USER, strKeyPath, strValueName5, dwValue5)   
oReg.SetDWORDValue(HKEY_CURRENT_USER, strKeyPath, strValueName6, dwValue6)   

  
Dim objWSH, FinalPath   
objWSH = WScript.CreateObject("WScript.Shell")   
If (LCase(Right(WScript.Fullname, 11)) = "wscript.exe") Then  
    FinalPath = "'" & WScript.ScriptFullName & "'"  
    objWSH.Run("cmd.exe /k cscript //nologo " & Replace(FinalPath, "'", """"))   
    WScript.Quit()   
End If  

oReg.DeleteKey(HKEY_CURRENT_USER, strKeyPath)   
oReg = Nothing  

WScript.Echo()   
WScript.Sleep(1000)   
WScript.Echo("µ±Ç°ÕýÔÚÔËÐеĽø³Ì¼òÒªÐÅÏ¢ÁбíÈçÏÂ:")   
WScript.Echo(vbCrLf)   
WScript.Sleep(2000)   

Dim MyOBJProcessName   
OBJWMIProcess = GetObject("winmgmts:\\.\root\cimv2").ExecQuery("Select * From Win32_Process")   
 WScript.Echo "Name:               Priority:   PID:    Owner:" &vbTab&vbTab&"ExecutablePath: "  
WScript.Echo("---------------------------------------------------------------------------------------")   
For Each OBJProcess In OBJWMIProcess   
 MyOBJProcessName=OBJProcess.Name&"                    "  
    colProperties = OBJProcess.GetOwner(strNameOfUser, strUserDomain)   
 WScript.Echo Mid(MyOBJProcessName,1,20) &vbTab& OBJProcess.Priority &vbTab& OBJProcess.ProcessID &vbTab& strNameOfUser &vbTab&vbTab& OBJProcess.ExecutablePath   
Next  

WScript.Sleep(5000)   
WScript.Echo(vbCrLf)   
WScript.Echo("µ±Ç°ÕýÔÚÔËÐеĽø³ÌÒÔ¼°Æä¼ÓÔصÄÄ£¿éÏêϸÐÅÏ¢Ê÷×´½á¹¹ÈçÏÂ:")   
WScript.Echo(vbCrLf)   
WScript.Sleep(3000)   
WScript.Echo vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab&vbTab& vbTab&"´´½¨Ê±¼ä             ÎļþÖÆÔìÉÌ"  

OBJWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")   
OBJRefresher = CreateObject("WbemScripting.SWbemRefresher")   
colItems = OBJRefresher.AddEnum(OBJWMIService, "Win32_PerfFormattedData_PerfProc_FullImage_Costly").ObjectSet   
OBJRefresher.Refresh()   
For Each OBJItem In colItems   
    Dim originalPath, ModulePath, WMIPathMode, FileManufacturer, LCaseModulePath   
    Dim FileExtension, mark, MyLCaseModulePath, FinalModulePath   
    originalPath = OBJItem.Name  
    ModulePath = Split(originalPath, "/")   
    WMIPathMode = Replace(ModulePath(1), "\", "\\")   
    OBJWMI = GetObject("winmgmts:\\.\root\CIMV2")   
    colManufacturer = OBJWMI.ExecQuery("SELECT * FROM CIM_DataFile Where Name='" & WMIPathMode & "'")   
    For Each OBJManufacturer In colManufacturer   
        FileManufacturer = Trim(OBJManufacturer.Manufacturer)   
        LCaseModulePath = LCase(Trim(OBJManufacturer.Name))   
        FileExtension = Right(LCaseModulePath, 3)   
        MyLCaseModulePath = LCaseModulePath & "                                                                                                                "  
        FSO = CreateObject("Scripting.FileSystemObject").GetFile(LCaseModulePath)   
        If FileExtension = "exe" Then  
            mark = "©À¡ª"  
            FinalModulePath = Mid(MyLCaseModulePath, 1, 118)   
            WScript.Echo("©¦")   
        Else  
            mark = "©¦©À©¤"  
            FinalModulePath = Mid(MyLCaseModulePath, 1, 116)   
        End If  
    WScript.Echo mark & FinalModulePath & FSO.DateCreated &vbTab& FileManufacturer                            
    Next  
Next