Some code worth publishing (from some work I am doing over at RMF Network Security on Conficker, worm detection, etc: ):
$Global:ps = ps
$ps_count = $ps.count
write "Process Count = $ps_count"
$Global:all_modules = 0..$ps_count |%{$ps[$_].Modules} | Select Size,ModuleName,FileName,FileVersion
$allmod_count = $all_modules.count
write "All instances of loaded modules = $allmod_count"
$Global:unique_all_modules = $all_modules | Select -property ModuleName | Sort -Unique -property ModuleName
$uniqmod_count = $unique_all_modules.count
write "All uniq module names = $uniqmod_count"
$Global:all_modules_memory = $all_modules | Select -property ModuleName,Size | Sort -property Size
$Global:MO_all_mod_mem = $all_modules_memory | measure-object -property Size -sum
$Global:CountModMem = $MO_all_mod_mem.count
$Global:SumModMem = $MO_all_mod_mem.sum
$SumModMemMB = ( ( $SumModMem * 1000)/ 1GB)
write "Sum of $CountModMem modules memory size = $SumModMemMB GB"
