Advertisement
aveyo

list_my_programs

Oct 13th, 2014
6,362
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Batch 6.38 KB | None | 0 0
  1. @set @v=4 /* List my programs by AveYo
  2. :: includes running processes and services, installed programs, scheduled tasks and application crashing events
  3. :: 2017 March - modernizing this really old, but still useful batch script
  4. :: 2017 December - added application crashing events, scheduled tasks; listing UninstallString; filter svchost.exe; csv-like format
  5. :: 2019 July - replace quotes, use | delimiter as , appears frequently in program names and breaks csv import
  6. @echo off & setlocal disabledelayedexpansion &title List my programs by AveYo &color 0B &cls
  7. set o="%USERPROFILE%\Desktop\List_my_programs.txt"
  8. cd.>%o%
  9. if not exist %o% set o="%TEMP%\List_my_programs.txt"
  10. echo.
  11. echo  Please wait while generating %o% ...
  12. echo [List_my_programs_v4.bat - http://pastebin.com/GMyD7UwK] >%o%
  13. ver >>%o% & echo \\%COMPUTERNAME% %o% %DATE% %TIME% >>%o%
  14. echo.>>%o%
  15. echo [RUNNING PROCESSES] not svchost.exe>>%o%
  16. set "c1=Name,SessionId,ParentProcessId,ProcessId,Priority,WorkingSetSize,PrivatePageCount,PageFaults,PageFileUsage"
  17. set "c2=ThreadCount,HandleCount,WriteOperationCount,ReadOperationCount,OtherOperationCount,ExecutablePath"
  18. set "NOT_SVCHOST=NOT (Name='svchost.exe' AND ExecutablePath=NULL OR ExecutablePath LIKE '%%%WINDIR:\=\\%\\system32\\svchost.exe%%')"
  19. cscript /nologo /e:JScript "%~f0" wbem_query Win32_Process "%c1%,%c2%" "WHERE %NOT_SVCHOST%">>%o%
  20. echo.>>%o%
  21. echo [RUNNING SERVICES] not svchost-based>>%o%
  22. set "c=Name,StartMode,ProcessId,PathName"
  23. set "NOT_SVCHOST_BASED=NOT PathName LIKE '%%%WINDIR:\=\\%\\system32\\svchost.exe%%'"
  24. cscript /nologo /e:JScript "%~f0" wbem_query Win32_Service "%c%" "WHERE State='Running' AND %NOT_SVCHOST_BASED%">>%o%
  25. echo.>>%o%
  26. echo [DISABLED SERVICES]>>%o%
  27. set "c=Name,StartMode,PathName"
  28. cscript /nologo /e:JScript "%~f0" wbem_query Win32_Service "%c%" "WHERE Startmode='Disabled'">>%o%
  29. echo.>>%o%
  30. echo [STARTUP PROGRAMS]>>%o%
  31. set "c=Command,Description,Caption,Name,User,SettingID,Location"
  32. cscript /nologo /e:JScript "%~f0" wbem_query Win32_StartupCommand "%c%">>%o%
  33. echo.>>%o%
  34. echo [INSTALLED PROGRAMS HKCU X64]>>%o%
  35. set "c=DisplayName,DisplayVersion,Publisher,InstallDate,UninstallString"
  36. cscript /nologo /e:JScript "%~f0" winst_query 1 "Software\Microsoft\Windows\CurrentVersion\Uninstall" "%c%" >>%o%
  37. echo.>>%o%
  38. echo [INSTALLED PROGRAMS HKCU X86]>>%o%
  39. cscript /nologo /e:JScript "%~f0" winst_query 1 "Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall" "%c%" >>%o%
  40. echo.>>%o%
  41. echo [INSTALLED PROGRAMS HKLM X64]>>%o%
  42. cscript /nologo /e:JScript "%~f0" winst_query 2 "Software\Microsoft\Windows\CurrentVersion\Uninstall" "%c%" >>%o%
  43. echo.>>%o%
  44. echo [INSTALLED PROGRAMS HKLM X86]>>%o%
  45. cscript /nologo /e:JScript "%~f0" winst_query 2 "Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall" "%c%" >>%o%
  46. echo.>>%o%
  47. echo [SCHEDULED TASKS] not Microsoft\Windows>>%o%
  48. echo TaskName,NextRunTime,Status>>%o%
  49. echo --------,-----------,------>>%o%
  50. ::schtasks /query /fo csv /nh |find /i /v "\Microsoft\Windows\">>%o%
  51. schtasks /query /fo table /nh|findstr /v "^$">>%o%
  52. echo.>>%o%
  53. echo [APPLICATION CRASHING EVENTS] not Apps\Microsoft>>%o%
  54. set "c=RecordNumber,TimeGenerated,Message"
  55. set "NOT_APPS_MICROSOFT=Category=100 AND NOT Message LIKE '%%Apps\\Microsoft%%'"
  56. cscript /nologo /e:JScript "%~f0" wbem_query Win32_NTLogEvent "%c%" "WHERE Logfile='Application' AND %NOT_APPS_MICROSOFT%" >>%o%
  57. echo.>>%o%
  58.  
  59. :: done!
  60. echo  Done!
  61. call :reg_query notepadfont "HKCU\Software\Microsoft\Notepad" lfFaceName
  62. if exist %o% (
  63. reg add HKCU\Software\Microsoft\Notepad /v lfFaceName /t REG_SZ /d "FixedSys" /f 1>nul 2>nul
  64. start "" notepad %o%
  65. ping -n 2 localhost >nul 2>&1
  66. reg add HKCU\Software\Microsoft\Notepad /v lfFaceName /t REG_SZ /d "%notepadfont%" /f 1>nul 2>nul
  67. )
  68. exit/b
  69.  
  70. :reg_query [USAGE] call :reg_query ResultVar "HKCU\KeyName" "ValueName"
  71. (for /f "skip=2 delims=" %%s in ('reg query "%~2" /v "%~3" /z 2^>nul') do set ".=%%s" & call set "%~1=%%.:*)    =%%") & exit/b
  72.  
  73. *//* [ JScript functions ] all lines above are ignored by starting script with a js comment */
  74. function timer(f){var b=new Date();return{end: function(){var e=new Date(),t=e.getTime()-b.getTime();WSH.Echo('[',f,'] :',t,'ms')}}}
  75. function padder(s,n,chr,dir){var p=Array(n+1).join(chr);return (dir<0)? p.substring(0,n - s.length) + s : s + p.slice(s.length - n)}
  76. function table_print(fields,head){
  77.   var p = 0, f = 0, total = fields[0].length, nr = head.length; if (total<3) return 0;
  78.   var pad = Array(nr), i = 0; while (i<nr) pad[i] = head[i++].length;
  79.   while (f<total) {i = 0; while (i<nr) { var p = (fields[i][f]+' ').length; if (p > pad[i]) {pad[i] = p}; i++ }; f++ }
  80.   f = 0; while (f<total) {
  81.     var row='', i = 0; while (i<nr) {row += padder(fields[i][f]+'', pad[i] + 2, ' ', (i==0) ? 1 : !!) i++ }; WSH.Echo(row); f++;
  82.   }
  83. }
  84. function winst_query(rkey,skey,keys) { /*var _timer=timer(skey);*/
  85.   var winst = WSH.CreateObject('WindowsInstaller.Installer'), head=keys.split(','), nr=head.length;
  86.   var fields = Array(nr), i = 0; while (i<nr) { fields[i] = []; fields[i].push(head[i]+' | '); fields[i].push('-------- | '); i++ }
  87.   var q = function(_rkey,_skey,_keys){var o=null; try{  o=winst.RegistryValue(parseInt(_rkey), _skey, _keys)  }catch(e){} return o};
  88.   var k = null, v = null, s = null, r = 0; while (r<500) {
  89.     r++; k = q(rkey, skey, -r); if (k==null) continue; i = 0; while (i<nr) {
  90.       s = q(rkey, skey+'\\'+k, head[i]);
  91.       if (i==0 && s==null) { i = nr } else { fields[i].push( (s==null) ? '' : s.split('"').join("'")+' | '); i++ }
  92.     }
  93.   }
  94.   table_print(fields,head); /*_timer.end();*/
  95. }
  96. function wbem_query(table,cols,clause) { /*var _timer=timer(skey);*/
  97.   var wbem = WSH.CreateObject('WbemScripting.SWbemLocator').ConnectServer('.', 'root\\cimv2'), head=cols.split(','), nr=head.length;
  98.   var fields = Array(nr), i = 0; while (i<nr) { fields[i] = []; fields[i].push(head[i]+' | '); fields[i].push('-------- | '); i++ }
  99.   var q = new Enumerator(wbem.ExecQuery('select ' + cols + ' from ' + table + ' ' + clause));
  100.   while (!q.atEnd()) {
  101.     var i = 0; while (i<nr) { var s=q.item()[ head[i] ]+'' || ''; fields[i].push( s.split('"').join("'")+' | ' ); i++ }
  102.     q.moveNext();
  103.   }
  104.   table_print(fields,head); /*_timer.end();*/
  105. }
  106. if (WSH.Arguments(0)=='winst_query') winst_query(WSH.Arguments(1),WSH.Arguments(2),WSH.Arguments(3));
  107. if (WSH.Arguments(0)=='wbem_query') wbem_query(WSH.Arguments(1),WSH.Arguments(2),(WSH.Arguments.length>=4) ? WSH.Arguments(3) : '' )
  108. //
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement