Monitor proccess creation

  • Thread starter Thread starter Rashad Rivera
  • Start date Start date
R

Rashad Rivera

Try this:

strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & _
strComputer & "\root\CIMV2")
Set MySink = WScript.CreateObject( _
"WbemScripting.SWbemSink","SINK_")

objWMIservice.ExecNotificationQueryAsync MySink, _
"SELECT * FROM __InstanceCreationEvent WITHIN 1 WHERE " _
& "TargetInstance ISA 'Win32_Process'"

WScript.Echo "Waiting for events..."

While (True)
Wscript.Sleep(1000)
Wend

Sub SINK_OnObjectReady(objObject, objAsyncContext)
WScript.Echo "Event call happened."
End Sub

Sub SINK_OnCompleted(objObject, objAsyncContext)
WScript.Echo "Event call complete."
End Sub


Rashad Rivera
www.omegusprime.com
 
Hello there
Is there a way to monitor when new processes are created, else then a loop
that check each specific amount of time?
Something that will be only triggered when an event occurs?
thanks a lot in advance
Regards
Sameh
 
Excellent
does the job
Thanks a lot

Rashad Rivera said:
Try this:

strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & _
strComputer & "\root\CIMV2")
Set MySink = WScript.CreateObject( _
"WbemScripting.SWbemSink","SINK_")

objWMIservice.ExecNotificationQueryAsync MySink, _
"SELECT * FROM __InstanceCreationEvent WITHIN 1 WHERE " _
& "TargetInstance ISA 'Win32_Process'"

WScript.Echo "Waiting for events..."

While (True)
Wscript.Sleep(1000)
Wend

Sub SINK_OnObjectReady(objObject, objAsyncContext)
WScript.Echo "Event call happened."
End Sub

Sub SINK_OnCompleted(objObject, objAsyncContext)
WScript.Echo "Event call complete."
End Sub


Rashad Rivera
www.omegusprime.com
Click to expand...
 
Back
Top