C
C#2y ago
Luizdodibre

Process Checker [Answered]

I'm creating an ""antivirus"" and I'm using a thread to check when a new process is started (but the thread is consuming a lot of cpu and I was wondering if there is another way to do this)
15 Replies
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
Luizdodibre
Luizdodibre2y ago
@Peep i'm checking every certain time if the process (I'll give an example) notepad.exe was executed if it was it terminates the process however this demands a lot of CPU and I don't know another effective way or that doesn't spend so much cpu
Anchy
Anchy2y ago
share some code as you may be able to do it in a more efficient way
Luizdodibre
Luizdodibre2y ago
internal void exc()
        {
            if (!hasStarted)
            {
                hasStarted = true;
                var ff = new Form();
                int flag = 0;
                Thread eventThread = new Thread(() =>
                {
                    while (keepRunning)
                    {
                        Thread.Sleep(5);
                        Process[] ps = Process.GetProcesses();

                        foreach (Process pr in ps)
                        {
                            if (pr.ProcessName.Contains("notepad++"))
                            {
                                flag += 1;
                                try
                                {
                                pr.Kill();
                                if (flag == 1)
                                    {
                                        this.Invoke((MethodInvoker)delegate { ff.Show(); });
                                    }
                                }
                                catch (Exception ex)
                                {
                                    keepRunning = false;
                                    MessageBox.Show($"Oops! {ex}", "Error");
                                }
                            }
                        }
                    }
                });


                eventThread.IsBackground = true;
                eventThread.Start();
            }
        }
internal void exc()
        {
            if (!hasStarted)
            {
                hasStarted = true;
                var ff = new Form();
                int flag = 0;
                Thread eventThread = new Thread(() =>
                {
                    while (keepRunning)
                    {
                        Thread.Sleep(5);
                        Process[] ps = Process.GetProcesses();

                        foreach (Process pr in ps)
                        {
                            if (pr.ProcessName.Contains("notepad++"))
                            {
                                flag += 1;
                                try
                                {
                                pr.Kill();
                                if (flag == 1)
                                    {
                                        this.Invoke((MethodInvoker)delegate { ff.Show(); });
                                    }
                                }
                                catch (Exception ex)
                                {
                                    keepRunning = false;
                                    MessageBox.Show($"Oops! {ex}", "Error");
                                }
                            }
                        }
                    }
                });


                eventThread.IsBackground = true;
                eventThread.Start();
            }
        }
@Anchy the code looks like this
ero
ero2y ago
You need to Dispose all other processes in the array that you don't use
Kouhai
Kouhai2y ago
The app would always be CPU heavy because your loop is running every 5ms
Luizdodibre
Luizdodibre2y ago
@Kouhai yes it is running every 5ms just so the application can't even run (but I don't know any other way to do this without using a thread)
Kouhai
Kouhai2y ago
Unfortunately querying all running proceses is an expensive operation If you're actually interested in how anti viruses work, they essentially get notified when a new process starts instead of looping and checking every process
Luizdodibre
Luizdodibre2y ago
@Kouhai OK. but how can I be ""notified""
Kouhai
Kouhai2y ago
You can take a look at WMI, though a real anti virus would have a custom driver instead of using WMI
Luizdodibre
Luizdodibre2y ago
okay, I'll look
Zendist
Zendist2y ago
https://stackoverflow.com/a/972067/618441
Stack Overflow
Is there a System event when processes are created?
Is there any event when a new process is created. I'm writing a c# application that checks for certain processes, but I don't want to write an infinite loop to iterate through all known processes
Zendist
Zendist2y ago
For the WMI approach.
Luizdodibre
Luizdodibre2y ago
Ok thanks
Accord
Accord2y ago
✅ This post has been marked as answered!
Want results from more Discord servers?
Add your server
More Posts
ArgumentNullException when argument is not nullI have this code: ```cs public class Config { [JsonProperty("token")] public string Token = "TOKWPF reusing the same template across multiple columnsThe following question https://social.msdn.microsoft.com/Forums/silverlight/en-US/f84e0efd-b1f2-4ab6Cascading DropDownI'm using MVC (.NET5) with EF and had this code to select a species on a View (to Create/Edit): ```cAssembly service findingHi, I am trying to find out if it's possible to get IServiceProvider, Microsoft IConfiguration or sohow do i submit a progra min vs to google classroomim trying to submit a project that's due to today but when i do submit it all i get is this and not WPF custom property not recognized by the compilerI have defined a custom property like below, it's in the namespace `CarApp`. It is supposed to repreEntity Framework DbContextOptionsBuilder.UseSqlServer() missing definitionI just installed the newest version of Entity Framework (6.0.9) and am inside my program.cs trying tDoes API manual nuget downloads come with the package dependencies?-WPF passing binding to a template from DataGridTemplateColumnSay, I have a template like this in resources, which I want to reuse for multiple columns, and whichBest way to implement a regex based lexer [Answered]In a regex lexer, you can loop over every pattern and do something like this: ```cs if (match.Succes