Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

[SOLVED] Scaning Bad Processes

Managed C++ timer streamwriter

  • This topic is locked This topic is locked
9 replies to this topic

#1 Tonchi

Tonchi

    Helping the world with programming

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1249 posts
  • Location:Zagreb
  • Programming Language:C#, Others
  • Learning:C, C++, Python, JavaScript, Transact-SQL, Assembly

Posted 27 May 2012 - 10:32 AM

hello everyone...i'm working on a program that already exist but the main prupose of doing it is to see how it function...this is the code i have made already

#include "Program.h"
using namespace System;
using namespace System::Collections::Generic;
using namespace System::Linq;
using namespace System::Text;
using namespace System::Diagnostics;
namespace Dijagnostika
{
int Program::Main(array<String^> ^args)
{
  StreamWriter w = File.AppendText("log_procesi.txt")
  String ^a = "";

  //lista loših procesa preuzeta sa http://www.pacs-portal.co.uk/startup_browse.php
  char losi_procesi[9] = {"$sys$drv.exe","$sys$sonyTimer.exe","$sys$sos$sys$.exe","$sys$WeLoveMcCOL.exe","$sys$xp.exe","${HOOKOE_FILE}","PAV.EXE","%WinHook32.exe",
		  "REGCXMARQ.EXE"};

   array<Process^> ^processlist = Process::GetProcesses();
  char *b = new char[processlist->Length];
   for each (Process ^theprocess in processlist)
   {
	Console::WriteLine("Process: {0} ID: {1}", theprocess->ProcessName, theprocess->Id);
  
	w.Open();
	w.Write("Log kreiran: {0}", DateTime->Now->ToLongTimeString());
	w.WriteLine("Lista pokrenutih procesa: \n");
	w.WriteLine ("-------------------------------");
	w.WriteLine("Process: {0} ID: {1}", theprocess->ProcessName, theprocess->Id);
	// Update the underlying file.
	w.Flush();
	w.Close();
	b = processlist;
	for(int i = 0; i < b; i++)
	{
	 for(int j = 0; j < 9; j++)
	 {
	  if(b[i] == losi_procesi[j])
	  {
	   Console::WriteLine("Pronadjen je los proces: {0}", losi_proces[j]);
	   b[i]->Kill();	  
	   Console::WriteLine("Proces je ubijen!");
	  }
	  else
	  {
	   Console::WriteLine("Nije pronadjen los proces!");
	  }
	 }
	}
   }

   array<Process^> ^processes = Process::GetProcessesByName(a);

   Console::ReadKey();
   return 0;
}
}

i've managed to get the full list of running processes but what i wan to do is to make a log that contains that list of running processes...i have copied the code for that from MSDN but it is not working...program should create log_procesi.txt but it doesn't...i don't know why

and can you tell me if the part for killing the process is correct??? i mean the syntax
  • 0

Microsoft Student Partner, Microsoft Certified Professional


#2 kernelcoder

kernelcoder

    CC Devotee

  • Expert Member
  • PipPipPipPipPipPip
  • 990 posts
  • Location:Dhaka
  • Programming Language:C, Java, C++, C#, Visual Basic .NET
  • Learning:Objective-C, PHP, Python, Delphi/Object Pascal

Posted 27 May 2012 - 10:47 AM

I bet your code is not even compiling successfully.

Few errors in your code.
  • You should declare w as "StreamWriter ^ w".
  • AppendText method is used to append text to an existing file. I think this is the cause your code is not working. You need to use CreateText method.
  • You are using dot (.) which should be score resolution operator in C++ (: :).
  • You are using dot (.) operator with w to call its method. Note w is an managed object. So you should use -> to access its methods.
  • You are calling open method for each project which is wrong.

So your code should be as follows...
StreamWriter ^w = File::CreateText("log_procesi.txt");

for each (Process ^theprocess in processlist)
{
w->Write("Log kreiran: {0}", DateTime::Now->ToLongTimeString());
w->WriteLine("Lista pokrenutih procesa: \n");
w->WriteLine ("-------------------------------");
}

  • 0

#3 Tonchi

Tonchi

    Helping the world with programming

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1249 posts
  • Location:Zagreb
  • Programming Language:C#, Others
  • Learning:C, C++, Python, JavaScript, Transact-SQL, Assembly

Posted 27 May 2012 - 11:51 AM

i've tried your code but there is no log_procesi.txt on my computer...and VS has compiled my code that i posted :D so you would lost your bet hehe :D
  • 0

Microsoft Student Partner, Microsoft Certified Professional


#4 papabear

papabear

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 472 posts
  • Location:DarkSide

Posted 27 May 2012 - 04:02 PM

This are the only bad process that your program scans


char losi_procesi[9] = {"$sys$drv.exe","$sys$sonyTimer.exe","$sys$sos$sys$.exe","$sys$WeLoveMcCOL.exe","$sys$xp.exe","${HOOKOE_FILE}","PAV.EXE","%WinHook32.exe",
"REGCXMARQ.EXE"};


Am I right? If so it's not that good to put everything like that in an array... you might want to put those bad processes in a text file or a database file so whenever you want to update your bad process you can do it without editing your whole source code.
If you want to scan all the bad process you'll go into what they called "Heuristic Analysis" where you have a virtual machine to analyze what every process do.. If they seems to be malicious then you can tell it's bad.
  • 0
Life has no CTRL+Z
Never Forget To HIT "LIKE" If I Helped

#5 kernelcoder

kernelcoder

    CC Devotee

  • Expert Member
  • PipPipPipPipPipPip
  • 990 posts
  • Location:Dhaka
  • Programming Language:C, Java, C++, C#, Visual Basic .NET
  • Learning:Objective-C, PHP, Python, Delphi/Object Pascal

Posted 27 May 2012 - 04:24 PM

Well, I just tried your code by creating a project. I got every errors I said. So now I request you to look into the code you posted not the code you have on your machine.

However, I fixed those errors and I found that it is working for me. However, there were more error than those I said. So I fixed them too. Attachment BuildLog.htm is the file that contains all the errors I got during compiling your code. I also provided absolute log path to CreateFile method. Attachment log_procesi.txt is the file created by the program.

Here is the code that I worked with on a CLR Console application.
#include "stdafx.h"
using namespace System;
using namespace System::Collections::Generic;
using namespace System::Text;
using namespace System::Diagnostics;
using namespace System::IO;

int main(array<String^> ^args)
{
StreamWriter ^w = File::AppendText("D:\\log_procesi.txt");
String ^a = "";

//lista loših procesa preuzeta sa http://www.pacs-portal.co.uk/startup_browse.php
array<String^> ^losi_procesi = {"$sys$drv.exe","$sys$sonyTimer.exe","$sys$sos$sys$.exe","$sys$WeLoveMcCOL.exe","$sys$xp.exe","${HOOKOE_FILE}","PAV.EXE","%WinHook32.exe",
"REGCXMARQ.EXE"};

array<Process^> ^processlist = Process::GetProcesses();
char *b = new char[processlist->Length];
for each (Process ^theprocess in processlist)
{
Console::WriteLine("Process: {0} ID: {1}", theprocess->ProcessName, theprocess->Id);
w->Write("Log kreiran: {0}", DateTime::Now.ToLongTimeString());
w->WriteLine("Lista pokrenutih procesa: \n");
w->WriteLine ("-------------------------------");
w->WriteLine("Process: {0} ID: {1}", theprocess->ProcessName, theprocess->Id);
// Update the underlying file.
w->Flush();
for(int j = 0; j < 9; j++)
{
if(theprocess->ProcessName == losi_procesi[j])
{
Console::WriteLine("Pronadjen je los proces: {0}", losi_procesi[j]);
theprocess->Kill();        
Console::WriteLine("Proces je ubijen!");
}
else
{
Console::WriteLine("Nije pronadjen los proces!");
}
} 
}

array<Process^> ^processes = Process::GetProcessesByName(a);

Console::ReadKey();
return 0;
}

Attached Files


  • 0

#6 Tonchi

Tonchi

    Helping the world with programming

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1249 posts
  • Location:Zagreb
  • Programming Language:C#, Others
  • Learning:C, C++, Python, JavaScript, Transact-SQL, Assembly

Posted 27 May 2012 - 04:59 PM

am i blind or what? i have runed your code and there is no log_procesi.txt on my computer O_o
also Console::ReadKey should act the same as system("PAUSE") but it's not...it isn't friezing my program
  • 0

Microsoft Student Partner, Microsoft Certified Professional


#7 kernelcoder

kernelcoder

    CC Devotee

  • Expert Member
  • PipPipPipPipPipPip
  • 990 posts
  • Location:Dhaka
  • Programming Language:C, Java, C++, C#, Visual Basic .NET
  • Learning:Objective-C, PHP, Python, Delphi/Object Pascal

Posted 27 May 2012 - 05:05 PM

What about the code you posted? Do you agree that there are errors?

You may be blind or may be not but I'm not sure about it. In my case, I have a "d:" drive on my machine and I found a file created for me in that drive named "log_procesi.txt".

You can try method File::CreateText instead of File::AppendText.
  • 0

#8 Tonchi

Tonchi

    Helping the world with programming

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1249 posts
  • Location:Zagreb
  • Programming Language:C#, Others
  • Learning:C, C++, Python, JavaScript, Transact-SQL, Assembly

Posted 27 May 2012 - 06:05 PM

i've tried with File::CreateText and nothing...i will cry because i don't know what to do :(
  • 0

Microsoft Student Partner, Microsoft Certified Professional


#9 kernelcoder

kernelcoder

    CC Devotee

  • Expert Member
  • PipPipPipPipPipPip
  • 990 posts
  • Location:Dhaka
  • Programming Language:C, Java, C++, C#, Visual Basic .NET
  • Learning:Objective-C, PHP, Python, Delphi/Object Pascal

Posted 27 May 2012 - 06:06 PM

Do you see outputs in console?
  • 0

#10 Tonchi

Tonchi

    Helping the world with programming

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1249 posts
  • Location:Zagreb
  • Programming Language:C#, Others
  • Learning:C, C++, Python, JavaScript, Transact-SQL, Assembly

Posted 27 May 2012 - 06:26 PM

not even for a second... Console::ReadKey() is doing what he should do :S
but when i start the app in cmd then i see everything and it gives me what i need :)
  • 0

Microsoft Student Partner, Microsoft Certified Professional






Also tagged with one or more of these keywords: Managed C++, timer, streamwriter

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download