Find Newly Launched Processes

Posted on October 31, 2019 by Kae in PowerShell

This simple chunk of code will find newly launched processes (specifically their process IDs) that have started between a given period:


 $existingProcessPids = Get-Process -ErrorAction SilentlyContinue | Select -ExpandProperty Id  

 #new processes launched here
 start-process notepad.exe
 start-process cmd.exe

 $newProcessIds = Get-Process -ErrorAction SilentlyContinue | where-object { $existingProcessPids -notcontains $_.Id } | select -ExpandProperty Id

 write-host $newProcessIds

Leave us a review

Buy me a coffee!

Find Newly Launched Processes

Related posts:

Leave a Reply Cancel reply