tasklist CMD

#1
I would like to know is it possible to make a cmd program in #C to monitor windows processes?

CMD Starts and automatically sends tasklist command every 10 seconds. If new process starts during that 10 seconds it opens TXT or another CMD windows to inform me that process name and location.



Thanks in advance.
 


Neemobeer

Windows Forum Team
Staff member
#2
Most definitely, you could also do this in PowerShell just as easily.
 


Neemobeer

Windows Forum Team
Staff member
#3
Here is a Powershell version I put together
Code:
Add-Type -AssemblyName System.Windows.Forms

Function Invoke-Notification
{
    param
    (
        [String] $NotifyTitle,
        [String] $NotifyText,
        [Int] $Duration=2000,
        [System.Windows.Forms.NotifyIcon]$Notification
    )




    $Notification.BalloonTipText = $NotifyText
    $Notification.BalloonTipTitle = $NotifyTitle
    $Notification.BalloonTipIcon = [System.Windows.Forms.ToolTipIcon]::Warning
    $Notification.Icon = [System.Drawing.Icon]::ExtractAssociatedIcon("C:\Windows\System32\cmd.exe")
    $Notification.Visible = $true

    $Notification.ShowBalloonTip($Duration)
}


$ProcessList = $null

While($true)
{
    If($ProcessList)
    {
        # Most of the work is done here
        # Empty Differential
        $ProcessDifferentials = $null

        $CurrentProcesses = Get-Process
        $ProcessDifferentials = Compare-Object -ReferenceObject $ProcessList -DifferenceObject $CurrentProcesses

        If($ProcessDifferentials)
        {
            foreach($ProcessDifferential in $ProcessDifferentials)
            {
                If($ProcessDifferential.SideIndicator -eq "=>")
                {
                    # New process is running
                    $NotificationObject = New-Object System.Windows.Forms.NotifyIcon
                    Invoke-Notification -NotifyTitle "New Process Found" -NotifyText "Process: $($ProcessDifferential.InputObject.MainModule.FileName) found" -Duration 2000 -Notification $NotificationObject

                    $NotificationObject.Dispose()
                }
            }
        }

        $ProcessList = $CurrentProcesses
    }
    else
    {
        # First run
        $ProcessList = Get-Process
    }

    Start-Sleep -Seconds 10
}
 


#4
Thank you for your time! When I run the script is shows me a black CMD window. It does nothing.
 


Neemobeer

Windows Forum Team
Staff member
#5
It won't show anything in the prompt. If you run it then open some other program and wait 10 seconds. You should get a notification of the new running process.

It's more of a sample. For example it's pulling the process main module name which some processes won't have it or it won't be viewable.
 


#6
Hmm..I waited for 20 seconds and nothing happen...How to make it viewable?
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.
Top