Process Logger Service is a Windows service which detects and logs details of every process launched on your PC, including the process name, process ID, parent process, file company name, file description, command-line string, file hash, integrity level and more.

The service must be set up manually. It's not a difficult process, but does involve a little more work than we expected. You must a) unpack the download, b) browse to the 32 or 64-bit ProcLoggerSvc folder, c) copy that to C:\, d) browse to C:\ProcLoggerSvc, and e) run install.bat as an administrator (there's an uninstall.bat to remove it later).

Once setup is complete, everything else is straightforward. There's no extra system tray icon, no interface to browse, the program just runs in the background and logs every process launch in the C:\ProcLoggerSvc\Logs folder.

Open that file in Notepad and you'll see entries like this.

[Process Creation]

11/04/2016 09:46:44
Process: [8496] C:\Windows\System32\notepad.exe
Username/Domain: user/domain
CommandLine: "C:\WINDOWS\system32\NOTEPAD.EXE" C:\ProcLoggerSvc\Logs\MSI\11-04-2016.log
MD5 Hash: 60336413E419C2EA5E215F1A32061E40
Bitness: 64-bit
File Publisher: Microsoft Corporation
File Description: Notepad
File Version: 6.2.10586.0
Integrity Level: Medium
System Process: False
Protected Process: False
Metro Process: False
Parent: [5844] C:\Windows\explorer.exe
Parent CommandLine: C:\WINDOWS\Explorer.EXE

If you run the program for long then the file quickly becomes huge. But if you're looking for specific information - when a particular program was launched, or which programs were launched by a given process - then it's still very helpful.

[24-March-2017] v1.3.0.0

+ Added Debug option in Config.ini
+ Log exit status of a process (i.e Exit Status: 0xc00000005)
+ Added DeleteLogsOlderThanNDays option in Config.ini
+ Appended \Logs\ to LogPath