How can I moitor file which is executed by user or program in window.
I need to write a code to monitor file. When user clicks the file(.exe) or
is called by program, the name of file will be return to a program.
so, excatly, I need to know the name of the executable file that is executed.
originally, I try to windows service + FileSystemWatcher.
but, There are just created, renamed, deleted, and changed four events in
the FileSystemWacher, not excuted.
So, How can I do???????
thanks.
17  2570 
Don't know about your exact requirements, but you could always just monitor
the running processes:
const string unknown = "{unknown}";
foreach(Process p in Process.GetProcesses()) {
int pid = p.Id;
string name = unknown, module = unknown;
try {name = p.ProcessName;} catch {}
try {module = p.MainModule.FileName;} catch {}
Console.WriteLine("{0}: {1} ({2})",pid,name,module);
}
Console.ReadLine();
Of course, you'd need to do this periodically to monitor new items, and
there is a chance short-lived items could slip between your checks. Not
ideal (and personally I don't like it on principle), but it is an option. It
seems a bit of a "big brother" thing to want to do, though...
Marc
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:B4**********************************@microsof t.com... How can I moitor file which is executed by user or program in window.
I need to write a code to monitor file. When user clicks the file(.exe) or
is called by program, the name of file will be return to a program.
so, excatly, I need to know the name of the executable file that is
executed.
originally, I try to windows service + FileSystemWatcher.
but, There are just created, renamed, deleted, and changed four events in
the FileSystemWacher, not excuted.
So, How can I do???????
thanks.
Hi,
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:B4**********************************@microsof t.com... How can I moitor file which is executed by user or program in window.
I need to write a code to monitor file. When user clicks the file(.exe) or
is called by program, the name of file will be return to a program.
so, excatly, I need to know the name of the executable file that is
executed.
originally, I try to windows service + FileSystemWatcher.
but, There are just created, renamed, deleted, and changed four events in
the FileSystemWacher, not excuted.
So, How can I do???????
There is no way of doing it
--
Ignacio Machin,
ignacio.machin AT dot.state.fl.us
Florida Department Of Transportation
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:B4**********************************@microsof t.com...
| How can I moitor file which is executed by user or program in window.
| I need to write a code to monitor file. When user clicks the file(.exe) or
| is called by program, the name of file will be return to a program.
| so, excatly, I need to know the name of the executable file that is
executed.
| originally, I try to windows service + FileSystemWatcher.
| but, There are just created, renamed, deleted, and changed four events in
| the FileSystemWacher, not excuted.
| So, How can I do???????
| thanks.
If you are running XP or higher,you'll can use the System.Management classes
and listen for WMI Win32_ProcessStartTrace events.
Here's a small sample.
using System;
using System.Management;
class App {
public static void Main() {
WqlEventQuery q = new WqlEventQuery( "Win32_ProcessStartTrace");
using(ManagementEventWatcher w = new ManagementEventWatcher(q)){
w.EventArrived += new
EventArrivedEventHandler(ProcessStartEventArrived) ;
w.Start();
Console.ReadLine(); // block this thread for test purposes
w.Stop();
}
}
static void ProcessStartEventArrived(object sender, EventArrivedEventArgs
e) {
//Get the Event object and display it's properties
foreach(PropertyData pd in e.NewEvent.Properties) {
Console.WriteLine("{0} : {1}",pd.Name, pd.Value);
}
}
}
Willy.
but.... why can the antivirus detect the malicious file when we click a
executable file. And, why can FileSystemWatcher know which file was changed,
but can't know which file was executed ????
"Ignacio Machin ( .NET/ C# MVP )" wrote: Hi,
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:B4**********************************@microsof t.com... How can I moitor file which is executed by user or program in window.
I need to write a code to monitor file. When user clicks the file(.exe) or
is called by program, the name of file will be return to a program.
so, excatly, I need to know the name of the executable file that is
executed.
originally, I try to windows service + FileSystemWatcher.
but, There are just created, renamed, deleted, and changed four events in
the FileSystemWacher, not excuted.
So, How can I do???????
There is no way of doing it
--
Ignacio Machin,
ignacio.machin AT dot.state.fl.us
Florida Department Of Transportation
exactly, I need to know which file was executed in window.
and, I wanna deal with the file (.exe)
It is similar the antivirus. When we click a malicious file (.exe) , then
antivirus can detect it and deal with.
thank you
"Marc Gravell" wrote: Don't know about your exact requirements, but you could always just monitor
the running processes:
const string unknown = "{unknown}";
foreach(Process p in Process.GetProcesses()) {
int pid = p.Id;
string name = unknown, module = unknown;
try {name = p.ProcessName;} catch {}
try {module = p.MainModule.FileName;} catch {}
Console.WriteLine("{0}: {1} ({2})",pid,name,module);
}
Console.ReadLine();
Of course, you'd need to do this periodically to monitor new items, and
there is a chance short-lived items could slip between your checks. Not
ideal (and personally I don't like it on principle), but it is an option. It
seems a bit of a "big brother" thing to want to do, though...
Marc
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:B4**********************************@microsof t.com... How can I moitor file which is executed by user or program in window.
I need to write a code to monitor file. When user clicks the file(.exe) or
is called by program, the name of file will be return to a program.
so, excatly, I need to know the name of the executable file that is
executed.
originally, I try to windows service + FileSystemWatcher.
but, There are just created, renamed, deleted, and changed four events in
the FileSystemWacher, not excuted.
So, How can I do???????
thanks.
Antivirus applications use kernel space drivers to do their thing, don't
expect to do this kind of thing from user space. Take a look at my other
reply, it shows you how you can achieve your goal using C#.
Willy.
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:A9**********************************@microsof t.com...
| but.... why can the antivirus detect the malicious file when we click a
| executable file. And, why can FileSystemWatcher know which file was
changed,
| but can't know which file was executed ????
|
| "Ignacio Machin ( .NET/ C# MVP )" wrote:
|
| > Hi,
| >
| > "spentun" <sp*****@discussions.microsoft.com> wrote in message
| > news:B4**********************************@microsof t.com...
| > > How can I moitor file which is executed by user or program in window.
| > > I need to write a code to monitor file. When user clicks the
file(.exe) or
| > > is called by program, the name of file will be return to a program.
| > > so, excatly, I need to know the name of the executable file that is
| > > executed.
| > > originally, I try to windows service + FileSystemWatcher.
| > > but, There are just created, renamed, deleted, and changed four events
in
| > > the FileSystemWacher, not excuted.
| > > So, How can I do???????
| >
| >
| > There is no way of doing it
| >
| >
| >
| > --
| > Ignacio Machin,
| > ignacio.machin AT dot.state.fl.us
| > Florida Department Of Transportation
| >
| >
| >
I got your other reply. thank you very very very very much.
I try your code which can work.
so, now I don't need to use the window service to monitor file. right?
in fact, the project is my thesis in research institute.
I wanna design a anti-spyware software.
so, I need to grap the spyware in real-time
"Willy Denoyette [MVP]" wrote: Antivirus applications use kernel space drivers to do their thing, don't
expect to do this kind of thing from user space. Take a look at my other
reply, it shows you how you can achieve your goal using C#.
Willy.
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:A9**********************************@microsof t.com...
| but.... why can the antivirus detect the malicious file when we click a
| executable file. And, why can FileSystemWatcher know which file was
changed,
| but can't know which file was executed ????
|
| "Ignacio Machin ( .NET/ C# MVP )" wrote:
|
| > Hi,
| >
| > "spentun" <sp*****@discussions.microsoft.com> wrote in message
| > news:B4**********************************@microsof t.com...
| > > How can I moitor file which is executed by user or program in window.
| > > I need to write a code to monitor file. When user clicks the
file(.exe) or
| > > is called by program, the name of file will be return to a program.
| > > so, excatly, I need to know the name of the executable file that is
| > > executed.
| > > originally, I try to windows service + FileSystemWatcher.
| > > but, There are just created, renamed, deleted, and changed four events
in
| > > the FileSystemWacher, not excuted.
| > > So, How can I do???????
| >
| >
| > There is no way of doing it
| >
| >
| >
| > --
| > Ignacio Machin,
| > ignacio.machin AT dot.state.fl.us
| > Florida Department Of Transportation
| >
| >
| >
and why can't we user kernel space rather than aitivirus can.
the Microsoft accept ???
"Willy Denoyette [MVP]" wrote: Antivirus applications use kernel space drivers to do their thing, don't
expect to do this kind of thing from user space. Take a look at my other
reply, it shows you how you can achieve your goal using C#.
Willy.
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:A9**********************************@microsof t.com...
| but.... why can the antivirus detect the malicious file when we click a
| executable file. And, why can FileSystemWatcher know which file was
changed,
| but can't know which file was executed ????
|
| "Ignacio Machin ( .NET/ C# MVP )" wrote:
|
| > Hi,
| >
| > "spentun" <sp*****@discussions.microsoft.com> wrote in message
| > news:B4**********************************@microsof t.com...
| > > How can I moitor file which is executed by user or program in window.
| > > I need to write a code to monitor file. When user clicks the
file(.exe) or
| > > is called by program, the name of file will be return to a program.
| > > so, excatly, I need to know the name of the executable file that is
| > > executed.
| > > originally, I try to windows service + FileSystemWatcher.
| > > but, There are just created, renamed, deleted, and changed four events
in
| > > the FileSystemWacher, not excuted.
| > > So, How can I do???????
| >
| >
| > There is no way of doing it
| >
| >
| >
| > --
| > Ignacio Machin,
| > ignacio.machin AT dot.state.fl.us
| > Florida Department Of Transportation
| >
| >
| >
if I wnna run in win2k, the code doesn't work. right?
"Willy Denoyette [MVP]" wrote:
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:B4**********************************@microsof t.com...
| How can I moitor file which is executed by user or program in window.
| I need to write a code to monitor file. When user clicks the file(.exe) or
| is called by program, the name of file will be return to a program.
| so, excatly, I need to know the name of the executable file that is
executed.
| originally, I try to windows service + FileSystemWatcher.
| but, There are just created, renamed, deleted, and changed four events in
| the FileSystemWacher, not excuted.
| So, How can I do???????
| thanks.
If you are running XP or higher,you'll can use the System.Management classes
and listen for WMI Win32_ProcessStartTrace events.
Here's a small sample.
using System;
using System.Management;
class App {
public static void Main() {
WqlEventQuery q = new WqlEventQuery( "Win32_ProcessStartTrace");
using(ManagementEventWatcher w = new ManagementEventWatcher(q)){
w.EventArrived += new
EventArrivedEventHandler(ProcessStartEventArrived) ;
w.Start();
Console.ReadLine(); // block this thread for test purposes
w.Stop();
}
}
static void ProcessStartEventArrived(object sender, EventArrivedEventArgs
e) {
//Get the Event object and display it's properties
foreach(PropertyData pd in e.NewEvent.Properties) {
Console.WriteLine("{0} : {1}",pd.Name, pd.Value);
}
}
}
Willy.
Nope.
Willy.
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:BC**********************************@microsof t.com...
| if I wnna run in win2k, the code doesn't work. right?
|
|
| "Willy Denoyette [MVP]" wrote:
|
| >
| > "spentun" <sp*****@discussions.microsoft.com> wrote in message
| > news:B4**********************************@microsof t.com...
| > | How can I moitor file which is executed by user or program in window.
| > | I need to write a code to monitor file. When user clicks the
file(.exe) or
| > | is called by program, the name of file will be return to a program.
| > | so, excatly, I need to know the name of the executable file that is
| > executed.
| > | originally, I try to windows service + FileSystemWatcher.
| > | but, There are just created, renamed, deleted, and changed four events
in
| > | the FileSystemWacher, not excuted.
| > | So, How can I do???????
| > | thanks.
| >
| > If you are running XP or higher,you'll can use the System.Management
classes
| > and listen for WMI Win32_ProcessStartTrace events.
| > Here's a small sample.
| >
| > using System;
| > using System.Management;
| > class App {
| > public static void Main() {
| > WqlEventQuery q = new WqlEventQuery( "Win32_ProcessStartTrace");
| > using(ManagementEventWatcher w = new ManagementEventWatcher(q)){
| > w.EventArrived += new
| > EventArrivedEventHandler(ProcessStartEventArrived) ;
| > w.Start();
| > Console.ReadLine(); // block this thread for test purposes
| > w.Stop();
| > }
| > }
| > static void ProcessStartEventArrived(object sender,
EventArrivedEventArgs
| > e) {
| > //Get the Event object and display it's properties
| > foreach(PropertyData pd in e.NewEvent.Properties) {
| > Console.WriteLine("{0} : {1}",pd.Name, pd.Value);
| > }
| > }
| > }
| >
| > Willy.
| >
| >
| >
one guy told me this. this code can run in win2k
but, it is just detect notepad.exe and a little slow
ManagementEventWatcher watcher;
private void button2_Click(object sender, System.EventArgs e)
{
string query = "select * from __InstanceCreationEvent " +
"within 5 where TargetInstance ISA 'Win32_Process' "+
" and TargetInstance.Name='notepad.exe'";
watcher = new ManagementEventWatcher(query);
watcher.EventArrived += new EventArrivedEventHandler(Display);
watcher.Start();
}
public void Display(object sender, EventArrivedEventArgs e)
{
this.textBox1.Text="notepad start";
}
C# or any other managed code can not be used for driver development,
antivirus products do have parts running as kernel mode drivers.
In short, you won't be able to develop antivirus software in C# only, you
can use C# for the UI part, but that's not key for an antivirus product.
Willy.
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:D8**********************************@microsof t.com...
| and why can't we user kernel space rather than aitivirus can.
| the Microsoft accept ???
|
| "Willy Denoyette [MVP]" wrote:
|
| > Antivirus applications use kernel space drivers to do their thing, don't
| > expect to do this kind of thing from user space. Take a look at my other
| > reply, it shows you how you can achieve your goal using C#.
| >
| > Willy.
| >
| >
| >
| > "spentun" <sp*****@discussions.microsoft.com> wrote in message
| > news:A9**********************************@microsof t.com...
| > | but.... why can the antivirus detect the malicious file when we click
a
| > | executable file. And, why can FileSystemWatcher know which file was
| > changed,
| > | but can't know which file was executed ????
| > |
| > | "Ignacio Machin ( .NET/ C# MVP )" wrote:
| > |
| > | > Hi,
| > | >
| > | > "spentun" <sp*****@discussions.microsoft.com> wrote in message
| > | > news:B4**********************************@microsof t.com...
| > | > > How can I moitor file which is executed by user or program in
window.
| > | > > I need to write a code to monitor file. When user clicks the
| > file(.exe) or
| > | > > is called by program, the name of file will be return to a
program.
| > | > > so, excatly, I need to know the name of the executable file that
is
| > | > > executed.
| > | > > originally, I try to windows service + FileSystemWatcher.
| > | > > but, There are just created, renamed, deleted, and changed four
events
| > in
| > | > > the FileSystemWacher, not excuted.
| > | > > So, How can I do???????
| > | >
| > | >
| > | > There is no way of doing it
| > | >
| > | >
| > | >
| > | > --
| > | > Ignacio Machin,
| > | > ignacio.machin AT dot.state.fl.us
| > | > Florida Department Of Transportation
| > | >
| > | >
| > | >
| >
| >
| >
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:04**********************************@microsof t.com...
| one guy told me this. this code can run in win2k
| but, it is just detect notepad.exe and a little slow
|
| ManagementEventWatcher watcher;
| private void button2_Click(object sender, System.EventArgs e)
| {
| string query = "select * from __InstanceCreationEvent " +
| "within 5 where TargetInstance ISA 'Win32_Process' "+
| " and TargetInstance.Name='notepad.exe'";
| watcher = new ManagementEventWatcher(query);
| watcher.EventArrived += new EventArrivedEventHandler(Display);
| watcher.Start();
| }
|
| public void Display(object sender, EventArrivedEventArgs e)
| {
| this.textBox1.Text="notepad start";
| }
|
True, you can use this to trace process start-up, but the problem here is
that polling is used, which makes it possible to miss events.
Note, as I said in another reply, this is not the right code path when your
intention is to write an antivirus application.
Willy.
Could I ask one more issue?
Now, we got the name of the file. so, what is the path of file???? How to
get it?
thank you very very very very much!
Green
"Willy Denoyette [MVP]" wrote:
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:04**********************************@microsof t.com...
| one guy told me this. this code can run in win2k
| but, it is just detect notepad.exe and a little slow
|
| ManagementEventWatcher watcher;
| private void button2_Click(object sender, System.EventArgs e)
| {
| string query = "select * from __InstanceCreationEvent " +
| "within 5 where TargetInstance ISA 'Win32_Process' "+
| " and TargetInstance.Name='notepad.exe'";
| watcher = new ManagementEventWatcher(query);
| watcher.EventArrived += new EventArrivedEventHandler(Display);
| watcher.Start();
| }
|
| public void Display(object sender, EventArrivedEventArgs e)
| {
| this.textBox1.Text="notepad start";
| }
|
True, you can use this to trace process start-up, but the problem here is
that polling is used, which makes it possible to miss events.
Note, as I said in another reply, this is not the right code path when your
intention is to write an antivirus application.
Willy.
I think I got the solution. Reference the MSDN.
I can use system.diagnostics.processmodule.filename to compare the name in
process pool.
thank you very mcuh!!!
"Willy Denoyette [MVP]" wrote:
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:04**********************************@microsof t.com...
| one guy told me this. this code can run in win2k
| but, it is just detect notepad.exe and a little slow
|
| ManagementEventWatcher watcher;
| private void button2_Click(object sender, System.EventArgs e)
| {
| string query = "select * from __InstanceCreationEvent " +
| "within 5 where TargetInstance ISA 'Win32_Process' "+
| " and TargetInstance.Name='notepad.exe'";
| watcher = new ManagementEventWatcher(query);
| watcher.EventArrived += new EventArrivedEventHandler(Display);
| watcher.Start();
| }
|
| public void Display(object sender, EventArrivedEventArgs e)
| {
| this.textBox1.Text="notepad start";
| }
|
True, you can use this to trace process start-up, but the problem here is
that polling is used, which makes it possible to miss events.
Note, as I said in another reply, this is not the right code path when your
intention is to write an antivirus application.
Willy.
Hi Willy.
For one thing. I need to say thank you of you to give me a suggestion.
now, I could monitor the file in the system. But I got the file which name
is just 15 letter at most. If the name of .exe file is more then 15. It will
be cut.
ex: if the name of .exe file is "MonitorExFile.exe".
the "e.NewEvent.Properties["ProcessName"].Value" will just get
"MonitorExFile.e"
so, How could I get the full name of file ?
and exactly, I need to get the full path of .exe file. Because I need to
deal with the process of .exe file.
I got a mothed in MSDN in following.
It must create a process , then I could get the full path of file.
but. I just need to deal with the process of file which is monitored by me.
Could get any sugesstion from you?
thank you very much!!
-----------------------------------
Process myProcess = new Process();
// Get the process start information of notepad.
ProcessStartInfo myProcessStartInfo = new ProcessStartInfo("notepad.exe");
// Assign 'StartInfo' of notepad to 'StartInfo' of 'myProcess' object.
myProcess.StartInfo = myProcessStartInfo;
// Create a notepad.
myProcess.Start();
System.Threading.Thread.Sleep(1000);
ProcessModule myProcessModule;
// Get all the modules associated with 'myProcess'.
ProcessModuleCollection myProcessModuleCollection = myProcess.Modules;
Console.WriteLine("File names of the modules associated "
+"with 'notepad' are:");
// Display the 'FileName' of each of the modules.
for( int i = 0;i < myProcessModuleCollection.Count; i++)
{
myProcessModule = myProcessModuleCollection[i];
Console.WriteLine(myProcessModule.ModuleName+" : "
+myProcessModule.FileName);
}
// Get the main module associated with 'myProcess'.
myProcessModule = myProcess.MainModule;
// Display the 'FileName' of the main module.
Console.WriteLine("The process's main module's FileName is: "
+myProcessModule.FileName);
myProcess.CloseMainWindow();
-----------------------------------------------------------------------
"Willy Denoyette [MVP]" wrote:
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:04**********************************@microsof t.com...
| one guy told me this. this code can run in win2k
| but, it is just detect notepad.exe and a little slow
|
| ManagementEventWatcher watcher;
| private void button2_Click(object sender, System.EventArgs e)
| {
| string query = "select * from __InstanceCreationEvent " +
| "within 5 where TargetInstance ISA 'Win32_Process' "+
| " and TargetInstance.Name='notepad.exe'";
| watcher = new ManagementEventWatcher(query);
| watcher.EventArrived += new EventArrivedEventHandler(Display);
| watcher.Start();
| }
|
| public void Display(object sender, EventArrivedEventArgs e)
| {
| this.textBox1.Text="notepad start";
| }
|
True, you can use this to trace process start-up, but the problem here is
that polling is used, which makes it possible to miss events.
Note, as I said in another reply, this is not the right code path when your
intention is to write an antivirus application.
Willy.
Use the ProcessID property returned to get the process instance and iuse
this one to get the mainmodules file name like:
....
Process proc =
Process.GetProcessById((int)(uint)e.NewEvent.Prope rties["ProcessID"].Value);
string s = proc.MainModule.FileName; // full exe path...
Willy.
"spentun" <sp*****@discussions.microsoft.com> wrote in message
news:5B**********************************@microsof t.com...
| Hi Willy.
| For one thing. I need to say thank you of you to give me a suggestion.
| now, I could monitor the file in the system. But I got the file which name
| is just 15 letter at most. If the name of .exe file is more then 15. It
will
| be cut.
| ex: if the name of .exe file is "MonitorExFile.exe".
| the "e.NewEvent.Properties["ProcessName"].Value" will just get
| "MonitorExFile.e"
|
| so, How could I get the full name of file ?
| and exactly, I need to get the full path of .exe file. Because I need to
| deal with the process of .exe file.
| I got a mothed in MSDN in following.
| It must create a process , then I could get the full path of file.
| but. I just need to deal with the process of file which is monitored by
me.
| Could get any sugesstion from you?
| thank you very much!!
| -----------------------------------
| Process myProcess = new Process();
| // Get the process start information of notepad.
| ProcessStartInfo myProcessStartInfo = new
ProcessStartInfo("notepad.exe");
| // Assign 'StartInfo' of notepad to 'StartInfo' of 'myProcess' object.
| myProcess.StartInfo = myProcessStartInfo;
| // Create a notepad.
| myProcess.Start();
| System.Threading.Thread.Sleep(1000);
| ProcessModule myProcessModule;
| // Get all the modules associated with 'myProcess'.
| ProcessModuleCollection myProcessModuleCollection = myProcess.Modules;
| Console.WriteLine("File names of the modules associated "
| +"with 'notepad' are:");
| // Display the 'FileName' of each of the modules.
| for( int i = 0;i < myProcessModuleCollection.Count; i++)
| {
| myProcessModule = myProcessModuleCollection[i];
| Console.WriteLine(myProcessModule.ModuleName+" : "
| +myProcessModule.FileName);
| }
| // Get the main module associated with 'myProcess'.
| myProcessModule = myProcess.MainModule;
| // Display the 'FileName' of the main module.
| Console.WriteLine("The process's main module's FileName is: "
| +myProcessModule.FileName);
| myProcess.CloseMainWindow();
| -----------------------------------------------------------------------
|
|
| "Willy Denoyette [MVP]" wrote:
|
| >
| > "spentun" <sp*****@discussions.microsoft.com> wrote in message
| > news:04**********************************@microsof t.com...
| > | one guy told me this. this code can run in win2k
| > | but, it is just detect notepad.exe and a little slow
| > |
| > | ManagementEventWatcher watcher;
| > | private void button2_Click(object sender, System.EventArgs e)
| > | {
| > | string query = "select * from __InstanceCreationEvent " +
| > | "within 5 where TargetInstance ISA 'Win32_Process' "+
| > | " and TargetInstance.Name='notepad.exe'";
| > | watcher = new ManagementEventWatcher(query);
| > | watcher.EventArrived += new EventArrivedEventHandler(Display);
| > | watcher.Start();
| > | }
| > |
| > | public void Display(object sender, EventArrivedEventArgs e)
| > | {
| > | this.textBox1.Text="notepad start";
| > | }
| > |
| >
| > True, you can use this to trace process start-up, but the problem here
is
| > that polling is used, which makes it possible to miss events.
| > Note, as I said in another reply, this is not the right code path when
your
| > intention is to write an antivirus application.
| >
| > Willy.
| >
| >
| >
| >
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: KJM |
last post by:
How can I detect if the user has dual monitors and then how do I control
which monitor a form is displayed on. Currently my forms always come up on...
|
by: Bill Burwell |
last post by:
I am converting a VB6 WebClass application to VB.Net. Used the VB upgrade
tool to do the conversion - and it left me a lot of little code things to...
|
by: Omid |
last post by:
Hi.
I have problems when I try to redirect everything that is sent to cout
to a file.
I have one piece of code that works and one that does not...
|
by: sonic_soul |
last post by:
Hi,
Is there a way to monitor a newly opepend child window with opener,
even when the page keeps reloading ?
Say window A opens window B and...
|
by: Jack David |
last post by:
Using the code below I am able to monitor a single directory for a new file
and then kick-off a process to deal with the file. The question is???...
|
by: Mike |
last post by:
I have a program which runs in a dos window. That program generates output and
writes it to the dos window as well as piping it to a text file.
...
|
by: Jim Hubbard |
last post by:
Is it possible to emulate a monitor (create a virtual monitor) using vb.net?
Any code snippets or pointers to helpful articles would be very much...
|
by: Clark Sann |
last post by:
Can someone help me understand what object should be used as the lock
object? I've seen some programs that use Monitor.Enter(Me). Then, in those...
|
by: nanban4u |
last post by:
Hi,
Programming Language - HTML, JavaScript
Web server : IIS 6
Browser : IE 6 +
I am working in a Dual Monitor screen setup. I have a scenario...
|
by: concettolabs |
last post by:
In today's business world, businesses are increasingly turning to PowerApps to develop custom business applications. PowerApps is a powerful tool...
|
by: better678 |
last post by:
Question:
Discuss your understanding of the Java platform. Is the statement "Java is interpreted" correct?
Answer:
Java is an object-oriented...
|
by: teenabhardwaj |
last post by:
How would one discover a valid source for learning news, comfort, and help for engineering designs? Covering through piles of books takes a lot of...
|
by: CD Tom |
last post by:
This only shows up in access runtime. When a user select a report from my report menu when they close the report they get a menu I've called Add-ins...
|
by: Naresh1 |
last post by:
What is WebLogic Admin Training?
WebLogic Admin Training is a specialized program designed to equip individuals with the skills and knowledge...
|
by: jalbright99669 |
last post by:
Am having a bit of a time with URL Rewrite. I need to incorporate http to https redirect with a reverse proxy. I have the URL Rewrite rules made...
|
by: Arjunsri |
last post by:
I have a Redshift database that I need to use as an import data source. I have configured the DSN connection using the server, port, database, and...
|
by: WisdomUfot |
last post by:
It's an interesting question you've got about how Gmail hides the HTTP referrer when a link in an email is clicked. While I don't have the specific...
|
by: Matthew3360 |
last post by:
Hi,
I have been trying to connect to a local host using php curl. But I am finding it hard to do this. I am doing the curl get request from my web...
| |
