Add-Type -AssemblyName System.Windows.Forms
Function Invoke-Notification
{
param
(
[String] $NotifyTitle,
[String] $NotifyText,
[Int] $Duration=2000,
[System.Windows.Forms.NotifyIcon]$Notification
)
$Notification.BalloonTipText = $NotifyText
$Notification.BalloonTipTitle = $NotifyTitle
$Notification.BalloonTipIcon = [System.Windows.Forms.ToolTipIcon]::Warning
$Notification.Icon = [System.Drawing.Icon]::ExtractAssociatedIcon("C:\Windows\System32\cmd.exe")
$Notification.Visible = $true
$Notification.ShowBalloonTip($Duration)
}
$ProcessList = $null
While($true)
{
If($ProcessList)
{
# Most of the work is done here
# Empty Differential
$ProcessDifferentials = $null
$CurrentProcesses = Get-Process
$ProcessDifferentials = Compare-Object -ReferenceObject $ProcessList -DifferenceObject $CurrentProcesses
If($ProcessDifferentials)
{
foreach($ProcessDifferential in $ProcessDifferentials)
{
If($ProcessDifferential.SideIndicator -eq "=>")
{
# New process is running
$NotificationObject = New-Object System.Windows.Forms.NotifyIcon
Invoke-Notification -NotifyTitle "New Process Found" -NotifyText "Process: $($ProcessDifferential.InputObject.MainModule.FileName) found" -Duration 2000 -Notification $NotificationObject
$NotificationObject.Dispose()
}
}
}
$ProcessList = $CurrentProcesses
}
else
{
# First run
$ProcessList = Get-Process
}
Start-Sleep -Seconds 10
}