VB Script to list all running processes including the folder they are running from
Every wonder about all those processes in the Task Manager list of processes are? This is a quick and dirty way of getting a list of those processes, the file they’re running, and a number of other attributes.
I find it very useful to know the path and filename that is creating the processes in the list.
This is one way.. like I said, quick and dirty.. to detect and possibly help remove spyware, adware, and malware in general. It’s also useful to help debug system performance issues.
On Error Resume Next
Dim LOG_FILE
Dim strYear, strMonth, strDay, intChangedNotes
strYear = Year(Now())
strMonth = Month(Now())
strDay = Day(Now()) LOG_FILE = "Processes_" & strYear & PadLeftZero(strMonth, 2) & PadLeftZero(strDay, 2) & ".txt"
s = ""
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_Process",,48)
For Each objItem in colItems
s = s & vbCrLf & "-------------------------------------" & vbCrLf
s = s & "Caption: " & objItem.Caption & vbcrlf
s = s & "ExecutablePath: " & objItem.ExecutablePath & vbcrlf
s = s & "ProcessId: " & objItem.ProcessId & vbcrlf
s = s & "ParentProcessId: " & objItem.ParentProcessId & vbcrlf
s = s & "WorkingSetSize: " & objItem.WorkingSetSize & vbcrlf
s = s & "Mem Usage: " & objItem.WorkingSetSize/1024 & " K" & vbcrlf
s = s & vbCrLf & vbCrLf
Next
WriteToFile s, LOG_FILE
WScript.Echo "Done."
Function PadLeftZero(ByVal istrExpression, ByVal iintMaxLen)
PadLeftZero = PadLeft(istrExpression, "0", iintMaxLen)
End Function
Public Function PadLeft(ByVal istrSource, ByVal istrPadChar, ByVal iintMaxLen)
' Append istrSource to the end of a string of istrPadChar and return
' a string no longer than iintMaxLen.
PadLeft = Right(String(iintMaxLen, Left(istrPadChar, 1)) & istrSource, iintMaxLen)
End Function
Sub WriteToFile(istrNote, istrLogFile)
Const ForReading = 1, ForWriting = 2, ForAppending = 8
dim objFSO
dim objFile
dim objTS
set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTS = objFSO.OpenTextFile(istrLogFile, ForWriting, True)
objTS.WriteLine istrNote
objTS.Close
set objTS = Nothing
set objFSO = Nothing
End Sub
Note: This script writes the results to a file, but you could just as easily do a WScript.Echo of each process you're interested in.
Note: This script writes the results to a file, but you could just as easily do a WScript.Echo of each process you're interested in.
2 comments January 20th, 2006