How to monitor apps which are being executed by user

I want to create an application/service to monitor user activity, especi开发者_运维知识库ally to log every application that user is running.

Is this possible in c#? I think not. So how to do this in c++ and winapi? I don't want whole solution because it's surely complicated. Give me an advice only.

Thanks!

---

You could write a DLL that hooks CreateProcessW. In this hook, you would (a) do what you want to do when a process is spawned, and (b) inject itself into the new process.

Then, inject the DLL into all currently running processes.

EDIT: My answer to another related question should help you.

---

Have a look here http://msdn.microsoft.com/en-us/library/1f3ys1f9.aspx

This will give you all processes running on the local computer.

To get processes that have a window do:

var procWithWindow = from proc in Process.GetProcesses()
                     where IntPtr.Zero != proc.MainWindowHandle
                     select proc;

---

Management.ManagementObjectSearcher Processes = new Management.ManagementObjectSearcher("SELECT * FROM Win32_Process");
foreach (Management.ManagementObject Process in Processes.Get())
{
    if (Process.Item("ExecutablePath") != null)
    {
        string ExecutablePath = Process.Item("ExecutablePath").ToString();
        string[] OwnerInfo = new string[2];
        Process.InvokeMethod("GetOwner", (object[])OwnerInfo);
        // do something
    }
}

The process owner will be available in the OwnerInfo string array.