WMI – Listing Processes

Listing Processes with Win32_Process

This page is the foundation for a trilogy of Process pages. The sequence is: list, stop and finally start (restart) the process.

Even if your mission is to start or stop a process, the logical place to begin is with listing the processes running on a computer. The benefit of beginning with this page, which just lists the processes, is that you can learn the WMI methods without the risk of killing the wrong program.

The benefit of beginning with just listing the processes is that you can learn the WMI methods without the risk of killing the wrong program.

Topics for Win32_Process

• Scenario – Why you would want to List Processes?
• Example – List the Processes Running on the Computer
• Win32_Process Tutorial – Learning Points
• Starting a Process – See this page
• Stopping a Process – See this page
• Starting a Service (as opposed to a process) – See this page
• Summary of List  Process
• (PowerShell Process Script)

 ♦

Scenario – Why you would want to List a Process?

Before creating a script, which will stop the process, you need to research the precise name of the corresponding program.  One way to investigate the names would be to Launch Task Manager, select the Application tab, right-click the program and then choose, Go to Process.   An example of this link is Applications shows  Microsoft FrontPage and the corresponding process is frontpg.exe

Incidentally, the screen shot on the right reminds us that VBScript automates steps that you could walk through manually.  In this instance, we could click on the Processes tab to view all the running programs.

Example 1 – List the Processes Running on the Computer

Whilst our goal is to control programs on another machine by using a VBscript, let us begin with a script which simply lists the processes.  Then, if necessary, we could append code to the script and thus terminate one of those processes.  The key part of both scripts is where they connect to the CIM class called Win32_Process.  Each script begins with GetObject winmgmts and ExecQuery commands.  The second example adds a terminate  process command.

Prerequisites for Your Win32_Process Script

No specific requirements.  I cannot think of an operating system that does not have the Win32_ComputerSystem Class.

Instructions for Listing Processes WMI Script

1. Copy and paste the example script below into notepad or a VBScript editor.
2. Decide which machine on your network to interrogate and then change line 10:
   My default value of, strComputer = "." means use the current machine.
3. Save the file with a .vbs extension, for example: Process.vbs 
4. Double click Process.vbs and check the list of processes.

Script to List the Processes Running on the Computer

Guy Recommends: WMI Monitor and It’s Free!

Windows Management Instrumentation (WMI) is one of the hidden treasures of Microsoft’s operating systems.  Fortunately, SolarWinds have created a Free WMI Monitor so that you can discover these gems of performance information, and thus improve your scripts.

Take the guess work out of which WMI counters to use when scripting the operating system, Active Directory or Exchange Server. Give this WMI monitor a try – it’s free.

Download your free copy of WMI Monitor

Win32_Process Tutorial – Learning Points

From a WMI perspective

1) If you are experienced with WMI, then the two features to concentrate on are, Win32_Service and objProcess.name.

2)  If you are new to WMI then you will soon appreciate that all WMI scripts begin by employing winmgmts to access the root of the CIM library, here is the command:
Set objWMIService = GetObject("winmgmts:" & strComputer & "\root\cimv2")

3) Often, as in this instance, WMI requires security clearance in order to query the other machine’s hardware, this is why we add :
 & "{impersonationLevel=impersonate}!\\" _  

4) Set colProcess = objWMIService.ExecQuery _ is a standard WMI phrase to prepare for the WQL command:  Select * from Win32_Service
".  The part we are particularly interested in is _Process.  Win32 has dozens of properties, here we need to query the Process component and not the Service or PhysicalDisk.

From a VBScript perspective

5) What makes scripting so powerful is the speed with which VBScript loops through an array of objects or properties, in this instance the loop is controlled by: For Each….In… Next.

6)  I am particularly proud of the other loop, in scripting terms it’s primitive almost a non-entity, but to me it makes the output easier to read, strList = strList & vbCr & objProcess.name.

7) The only property of objProcess that we are interested in is, .Name.  However, for other examples we could substitute different properties, for example .ProcessId or .PeakVirtualSize.

8) It is also possible to output the process information not to the screen but to a file.  VBScript has all the tools you need to create a file and write a service on each line.

Guy Recommends: The Free Config Generator

SolarWinds’ Config Generator is a free tool, which puts you in charge of controlling changes to network routers and other SNMP devices.  Boost your network performance by activating network device features you’ve already paid for.

Guy says that for newbies the biggest benefit of this free tool is that it will provide the impetus for you to learn more about configuring the SNMP service with its ‘Traps’ and ‘Communities’. Try Config Generator now – it’s free!

Download your free copy of Config Generator

Simple PowerShell Equivelent – Get-Process

• Launch PowerShell, in v 2.0 the ISE version is best.
• Copy the lines of code below (into memory)
• Right-click on the PowerShell symbol
• Edit –> Paste
• Press enter to execute the code.

Learning Points

Note 1:  PowerShell’s commands are not case sensitive, thus you could type Get-Process, or Get-Process.  Also you can omit the ‘get’ in Get-Process, this is because ‘get’ is the default verb and PowerShell intelligently adds ‘Get-‘ to process.

Note 2:  Invariably, PowerShell uses singular nouns, thus Get-Process (and not Get-Processes).

Switches or modifiers for Get-Process

With Get-Process, the wildcard asterisk * is optional, however, it does remind us that we can modify the output to produce a restricted range:

Get-Process [ab]* returns all processes beginning with the letter a or b.

Get-Process [ae]* surprised me, it only listed process beginning with ‘a’, or beginning with ‘e’.  To get a range we must add a hyphen between the letters: Get-Process [a-e]*

If you have taken my advice and you have the Task Manager open, it’s worth checking that what you see in PowerShell matches what you see in Task Manager.

See more about PowerShell Get-Service

Guy Recommends: SolarWinds Free Wake-On-LAN Utility

Encouraging computers to sleep when they’re not in use is a great idea – until you are away from your desk and need a file on that remote sleeping machine!

WOL also has business uses for example, rousing machines so that they can have update patches applied.  My real reason for recommending you download this free tool is because it’s so much fun sending those ‘Magic Packets’. Give WOL a try – it’s free.

Download your free copy of SolarWinds Wake-On-LAN

Summary of Win32_Process With VBScript

This page provides the foundation skills necessary to control Windows processes.  Before you start or stop a process, you need a script which just lists the processes running.  This page features a simple script, which lists the processes (programs) and then echoes the result to the screen.

See Also

• Starting a Process – See this page
• Stopping a Process – See this page
• Starting a Service (as opposed to a process) – See this page
• WMI Home