Windows 7 tasklist CMD

Mihailo

New Member
I would like to know is it possible to make a cmd program in #C to monitor windows processes?

CMD Starts and automatically sends tasklist command every 10 seconds. If new process starts during that 10 seconds it opens TXT or another CMD windows to inform me that process name and location.



Thanks in advance.
 
Here is a Powershell version I put together
Code:
Add-Type -AssemblyName System.Windows.Forms

Function Invoke-Notification
{
    param
    (
        [String] $NotifyTitle,
        [String] $NotifyText,
        [Int] $Duration=2000,
        [System.Windows.Forms.NotifyIcon]$Notification
    )




    $Notification.BalloonTipText = $NotifyText
    $Notification.BalloonTipTitle = $NotifyTitle
    $Notification.BalloonTipIcon = [System.Windows.Forms.ToolTipIcon]::Warning
    $Notification.Icon = [System.Drawing.Icon]::ExtractAssociatedIcon("C:\Windows\System32\cmd.exe")
    $Notification.Visible = $true

    $Notification.ShowBalloonTip($Duration)
}


$ProcessList = $null

While($true)
{
    If($ProcessList)
    {
        # Most of the work is done here
        # Empty Differential
        $ProcessDifferentials = $null

        $CurrentProcesses = Get-Process
        $ProcessDifferentials = Compare-Object -ReferenceObject $ProcessList -DifferenceObject $CurrentProcesses

        If($ProcessDifferentials)
        {
            foreach($ProcessDifferential in $ProcessDifferentials)
            {
                If($ProcessDifferential.SideIndicator -eq "=>")
                {
                    # New process is running
                    $NotificationObject = New-Object System.Windows.Forms.NotifyIcon
                    Invoke-Notification -NotifyTitle "New Process Found" -NotifyText "Process: $($ProcessDifferential.InputObject.MainModule.FileName) found" -Duration 2000 -Notification $NotificationObject

                    $NotificationObject.Dispose()
                }
            }
        }

        $ProcessList = $CurrentProcesses
    }
    else
    {
        # First run
        $ProcessList = Get-Process
    }

    Start-Sleep -Seconds 10
}
 
It won't show anything in the prompt. If you run it then open some other program and wait 10 seconds. You should get a notification of the new running process.

It's more of a sample. For example it's pulling the process main module name which some processes won't have it or it won't be viewable.
 
Back
Top