When computers get viruses/adware/malware, sometimes anti-malware/anti-spyware/antivirus or whatever utility used to clean the clean them, they ignore or don't detect some threats (like adware still present in the web browser even if web browsers have been cleaned and set to default settings)
for those ghost process that we don't know where are they running from
I have created this script to get a detailed process report of all running process, including: name,location (path) and command-line used to run, using this tool is easy to detect hidden threats and the remove them manually
Here is the code
- Copy the code and paste it in the notepad
- Click on Menu File then Save as, choose the location where to save it, in File Name: type ListProcess.bat, then in Save as type: Selec All files then Click on Save
- Locate the script and double click to run.
- Enjoy
@echo off
color 0b
Title Process CmdLine Execution Path
setlocal EnableDelayedexpansion
echo ****************************************************
echo * Process Report, by gvalvaro v. 2015 *
echo ****************************************************
echo.
echo How would you like to get the Report
echo.
echo HTML Report Press 1
echo Text Report Press 2
set /p response=
if "%response%"=="" set response=1
if "%response%"=="1" (
wmic /output:%TEMP%\pro_log.html process get description,commandline,executablepath /format:HFORM
start %TEMP%\pro_log.html
)
if "%response%"=="2" (
wmic process get description,commandline,executablepath /format:list>>Log.txt
start log.txt
)
echo.
echo ****************************************************
echo.
echo Press any Key to exit
pause>null
if exist %TEMP%\pro_log.html del %TEMP%\pro_log.html
if exist log.txt del log.txt
del null
exit
No comments:
Post a Comment