Windows 7 C# CMD Program to Monitor Windows Processes and Alert on New Tasks

M

Mihailo

New Member
Joined
Jul 3, 2018
Messages
3
I would like to know is it possible to make a cmd program in #C to monitor windows processes?

CMD Starts and automatically sends tasklist command every 10 seconds. If new process starts during that 10 seconds it opens TXT or another CMD windows to inform me that process name and location.



Thanks in advance.
 
Solution
Here is a Powershell version I put together
Code: 
Add-Type -AssemblyName System.Windows.Forms

Function Invoke-Notification
{
    param
    (
        [String] $NotifyTitle,
        [String] $NotifyText,
        [Int] $Duration=2000,
        [System.Windows.Forms.NotifyIcon]$Notification
    )




    $Notification.BalloonTipText = $NotifyText
    $Notification.BalloonTipTitle = $NotifyTitle
    $Notification.BalloonTipIcon = [System.Windows.Forms.ToolTipIcon]::Warning
    $Notification.Icon = [System.Drawing.Icon]::ExtractAssociatedIcon("C:\Windows\System32\cmd.exe")
    $Notification.Visible = $true

    $Notification.ShowBalloonTip($Duration)
}


$ProcessList = $null

While($true)
{
    If($ProcessList)
    {
        # Most of the work is done here...
Sort by date Sort by votes
Here is a Powershell version I put together
Code: 
Add-Type -AssemblyName System.Windows.Forms

Function Invoke-Notification
{
    param
    (
        [String] $NotifyTitle,
        [String] $NotifyText,
        [Int] $Duration=2000,
        [System.Windows.Forms.NotifyIcon]$Notification
    )




    $Notification.BalloonTipText = $NotifyText
    $Notification.BalloonTipTitle = $NotifyTitle
    $Notification.BalloonTipIcon = [System.Windows.Forms.ToolTipIcon]::Warning
    $Notification.Icon = [System.Drawing.Icon]::ExtractAssociatedIcon("C:\Windows\System32\cmd.exe")
    $Notification.Visible = $true

    $Notification.ShowBalloonTip($Duration)
}


$ProcessList = $null

While($true)
{
    If($ProcessList)
    {
        # Most of the work is done here
        # Empty Differential
        $ProcessDifferentials = $null

        $CurrentProcesses = Get-Process
        $ProcessDifferentials = Compare-Object -ReferenceObject $ProcessList -DifferenceObject $CurrentProcesses

        If($ProcessDifferentials)
        {
            foreach($ProcessDifferential in $ProcessDifferentials)
            {
                If($ProcessDifferential.SideIndicator -eq "=>")
                {
                    # New process is running
                    $NotificationObject = New-Object System.Windows.Forms.NotifyIcon
                    Invoke-Notification -NotifyTitle "New Process Found" -NotifyText "Process: $($ProcessDifferential.InputObject.MainModule.FileName) found" -Duration 2000 -Notification $NotificationObject

                    $NotificationObject.Dispose()
                }
            }
        }

        $ProcessList = $CurrentProcesses
    }
    else
    {
        # First run
        $ProcessList = Get-Process
    }

    Start-Sleep -Seconds 10
}
 
Upvote 0 Downvote
Solution
It won't show anything in the prompt. If you run it then open some other program and wait 10 seconds. You should get a notification of the new running process.

It's more of a sample. For example it's pulling the process main module name which some processes won't have it or it won't be viewable.
 
Upvote 0 Downvote
You must log in or register to reply here.