News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • A Tool For Keeping Track Of System Changes

    Posted on Noel Carboni Comment on the AskWoody Lounge

    Home Forums Admin IT Lounge A Tool For Keeping Track Of System Changes

    This topic contains 16 replies, has 7 voices, and was last updated by

     Elly 6 days, 13 hours ago.

    • Author
      Posts
    • #99172 Reply

      Noel Carboni
      AskWoody_MVP

      Have you ever gotten to a point where you discover something about your system and wonder when it happened? Something like, when was a particular update installed? Or when did a particular background task start being run? Or did Microsoft change a scheduled job after an update?

      For this I run a batch script I wrote called LogSystemInfo every night. I do this on all my systems (Windows 7, 8.1, 10). It creates a log file named for the current date and time and runs several commands to dump out a bunch of important info:

      • A list of running processes.
      • A list of running services.
      • A list of DLL modules loaded by processes.
      • A list of all scheduled tasks.
      • A list of the states of all the services.
      • A list of installed updates.
      • A list of boot configuration options.

      Voila, if I want to know when something changed or whether all’s the same as before, I just compare log files from different days (I prefer a really nice tool called Beyond Compare for this). The log files are a few hundred kb so they can just accumulate forever. I’ve been running it in various forms since 2010 and have accumulated 2594 log files so far. 🙂

      I thought I would share this script with you, along with several GnuWin32 toolkit programs (gsort, sed, grep) it uses to gather and format info, and finally one of my own executables that formats the date and time (ShowTime). I assure you they’re all clean, safe, and legal to redistribute, but I encourage you to scan them with your AV to be sure. Or just look at the commands I run in the .bat file to see how to get a lot of good info.

      http://Noel.ProDigitalSoftware.com/files/LogSystemInfo.zip

      Unzip all these files into a single folder from which you want to run the script, start an elevated CMD window, CD into that folder, and run LogSystemInfo.bat. It will create a log file with a name like the following in a Log subfolder of your user area, for example:

      C:\Users\NoelC\Log\SystemInfo_2017_03_05_01_50_00.log

      If you want to schedule this in the Task Scheduler, set up a job that starts at a time when you know your computer will be on, run it from the folder containing the files, and remember to set the [ ] Run with Highest Privileges option, as shown here:

      ScreenGrab_NoelC4_2017_03_06_003946

      Please let me know if you have any problems. I think I’ve included everything it needs to run.

      -Noel

      Attachments:
      You must be logged in to view attached files.
      7 users thanked author for this post.
    • #99676 Reply

      anonymous

      Thank you for sharing this :).

      I tried v2.0 on a Windows 7 x64 computer. I got this output:

      No which in (.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\)

      ERROR:  Not all the tools needed could be found either in the folder with the script or in the path.  Unable to continue.

      The included files were in the same folder as LogSystemInfo.bat.

    • #101008 Reply

      Noel Carboni
      AskWoody_MVP

      Sorry, I missed your message before.

      Did you run the script from within the same folder into which everything was extracted (i.e., make that folder the default folder)?

      -Noel

      • #101047 Reply

        anonymous

        All of your files, including the script file, were in the same folder when I executed the script.

      • #101434 Reply

        NightOwl
        AskWoody Lounger

        Hey Noel

        I tried v2.0 on a Windows 7 x64 computer. I got this output:

        No which in (.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\)

        ERROR: Not all the tools needed could be found either in the folder with the script or in the path. Unable to continue.

        The included files were in the same folder as LogSystemInfo.bat.

        I tested your *.bat* file with your downloaded programs–got the same error message as reported by Anon above.

        Opened an elevated DOS prompt in the directory where the files were unzipped to, ran the .bat file, here’s the output:

        Directory of G:\Utilities\Noel Carboni\LogSystemInfo\LogSystemInfo

        03/08/2017 07:41 AM <DIR> .
        03/08/2017 07:41 AM <DIR> ..
        03/06/2017 01:13 AM 7,197 LogSystemInfo.bat
        02/13/2009 03:19 AM 96,256 grep.exe
        04/20/2005 01:41 PM 96,256 gsort.exe
        10/15/2014 03:50 PM 2,307,978 libeay32.dll
        02/06/2016 12:38 PM 1,008,128 libiconv2.dll
        02/06/2016 12:38 PM 103,424 libintl3.dll
        10/15/2014 03:50 PM 485,987 libssl32.dll
        02/06/2016 12:38 PM 140,288 pcre3.dll
        02/06/2016 12:38 PM 79,360 regex2.dll
        12/27/2010 12:10 PM 77,824 sed.exe
        10/04/2000 10:13 AM 36,864 SHOWTIME.EXE
        03/14/2017 03:49 PM 1,424 ErrorMessageWhenRun.txt
        12 File(s) 4,440,986 bytes
        2 Dir(s) 33,607,614,464 bytes free

        G:\Utilities\Noel Carboni\LogSystemInfo\LogSystemInfo>logsysteminfo.bat

        No which in (.;C:\Program Files\AMD APP\bin\x86;C:\Windows\system32;C:\Windows;C
        :\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program F
        iles\ATI Technologies\ATI.ACE\Core-Static
        )

        ERROR: Not all the tools needed could be found either in the folder with the sc
        ript or in the path. Unable to continue.

        G:\Utilities\Noel Carboni\LogSystemInfo\LogSystemInfo>

        On my system, Win7 (32 bit):

        • C:\Program Files\AMD APP\bin\x86 (this directory does exist on my system)
        • C:\Windows\ (this directory does exist on my system)
        • C:\Windows\system32 (this directory does exist on my system)
        • C:\Windows\System32\Wbem (this directory does exist on my system)
        • C:\Windows\System32\WindowsPowerShell\v1.0\ (this directory does not exist on my system)
        • C:\Program Files\ATI Technologies\ATI.ACE\Core-Static (this directory does exist on my system)

        NightOwl

        No question is stupid ... but, possibly the answers are 😉 !

        1 user thanked author for this post.
    • #102442 Reply

      Noel Carboni
      AskWoody_MVP

      Doggone it, I had forgotten to include which.exe in the .zip file. I’m sorry about that!

      I’ve just added it to the .zip. Please re-download the file from the link in the original post.

      -Noel

      1 user thanked author for this post.
      • #102663 Reply

        anonymous

        This one works fine. Thank you :).

        This tool covers some areas that are not covered by the other two free programs that I use: Autoruns, and What’s Running.

        1 user thanked author for this post.
        • #102683 Reply

          Noel Carboni
          AskWoody_MVP

          You’re welcome, and thanks for reporting back. It’s particularly difficult for me to test since I have all of the GnuWin32 tools in my path.

          -Noel

          1 user thanked author for this post.
    • #102689 Reply

      GoneToPlaid
      AskWoody Plus

      I just tried it out. Slick! It took all of maybe 15 seconds to run. Could you tweak the batch file to add two switches — one for verbose output and another switch to automatically launch the saved text file?

      • #102708 Reply

        Noel Carboni
        AskWoody_MVP

        Thanks for the feedback.

        What additional output would you like to see with a “Verbose” option?

        And I’m not quite sure what you mean by “launch the saved text file”?

        -Noel

    • #323610 Reply

      Elly
      AskWoody MVP

      Hello Noel,

      Thank you for this… its been on my computer since you posted with the .exe added… and gives me reassurance as to changes/stability.

      Being non-techy, but more techy than friends or family, and thus the person they turn to… I thought that this would be great on their machines. Not for them, but for me… so I can see changes since that particular computer was last in my hands. They tend not to even remember what they’ve done, and I’m thinking that it would be easier to problem solve if I knew what had changed, rather than trying to guess what a problem might be from.

      On my own computer, I keep an on-going, hand typed record of changes I make (updates, programs, apps added or deleted). This lets me make sense of what I see in the logs generated by by LogSystemInfo… and I’ve been learning from it. Between that, and firewall info, I have a whole different view of what my computer is doing.

      Question for you is… could I set this up so I don’t have to search for where the log files are being saved to… specifically, how would I designate where the log files are saved at? Is it possible?

      Win 7 Home, 64 bit, Group B

      • #324292 Reply

        anonymous

        Hi Elly,

        Sorry for the delay in responding.

        LogSystemInfo puts its logs, named by date, in a Log subdirectory of your USERPROFILE directory. For example, on your system it may be:

        C:\Users\Elly\Log

        The files are named: SystemInfo + the date and time the script was run + .log

        Please let me know if you’re not seeing the files put in the above directory.

        The script would have to be changed to put them in a different folder. That’s doable, but (presuming there’s not a problem with the current logic) would just knowing the folder is the one I named above be good enough?

        -Noel

        • #324988 Reply

          Elly
          AskWoody MVP

          The files are absolutely there, not missing, and on my own computer this isn’t a problem for me…

          I was just hoping, since all the computers I help friends and family with are all different, with a variety of user names, to standardize what I do by creating one folder where I have everything I need in one place. It would be for my convenience, and not really necessary for anything else. Well, I’ve reached a time where routine and finding things in the same place are important, and I’m trying to implement that regarding computing…

          Example: friends show up, with three laptops… for an updating social event (not something anyone techy would be doing)… We are socially chatting, and not entirely focused on computers… Rather than have to rethink where to find this or that, I wanted to create one desktop folder on each computer where I can open it and have the info and other stuff available, while we pass the various laptops back and forth…

          Problems encountered in trying to teach others so they aren’t dependent on me:
          – the window gets closed before the laptop comes back to me, but I still need it for the next step.
          – my shaky fingers close things and I have to find and open them again, sometimes repeatedly.
          – I have to remember/look for the user of each computer in order to remember the path… and I can look straight at someone I’ve known since birth and not remember their name in that instant… and that isn’t to say that their name corresponds to the actual user name…
          – they don’t use Everything Search, and don’t want to… and I try not to install things they don’t want, but Windows Search isn’t as clear cut in finding the user/log folder, so I have to remember the actual path and navigate to it…
          – and I’m socializing, too, and focusing on task can be difficult…

          I can get through all of that… but it just takes extra time and energy. I just thought it would be nice to open the desktop folder, in the same place in each computer, and find the same things (ex- folder for logs), and work from there. Maybe its wishful thinking on my part… but to know what to do to point it once, and then finding it there every time would save hassle on my part.

          I’d like to find them in Elly Helps (an administrative account desktop folder), in a “Log” sub folder… that way I don’t have to think about what user this is… just the task I’m trying to complete… ?

          Win 7 Home, 64 bit, Group B

          • #325003 Reply

            PKCano
            Da Boss

            You could make a shortcut to each of the folders on the desktop, You can name shortcuts whatever you want, so you could name them “Johns Log” and “Janes Log” for example.

            Right click, send to desktop as shortcut.

            1 user thanked author for this post.
            • #325051 Reply

              Elly
              AskWoody MVP

              And that would be a do once fix… yes!

              Thank you!

              Didn’t even think of making a shortcut!!!

              Happy now… 🙂

              Win 7 Home, 64 bit, Group B

    • #323715 Reply

      Paul T
      AskWoody MVP

      RG has a PowerShell version he has kindly shared, but it doesn’t quite do logs the same way.
      https://forums.windowssecrets.com/showthread.php/179727-Introducing-CMsLocalPCInfo?p=1081841&viewfull=1#post1081841

      cheers, Paul

      1 user thanked author for this post.
      • #325001 Reply

        Elly
        AskWoody MVP

        Its been really nice to have links to the Windows Secret resources… thank you @PaulT.

        Already using/familiar with Noel’s, so going to continue with it… 🙂

        Win 7 Home, 64 bit, Group B

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: A Tool For Keeping Track Of System Changes

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.