private static void Worker_DoWork(object sender, DoWorkEventArgs e)
{
ObservableCollection <ProcessReportsModel> ProcessListHolder_Worker = e.Argument as ObservableCollection <ProcessReportsModel>;
Process[] processlist = Process.GetProcesses();
Application.Current.Dispatcher.Invoke((Action)(() =>
{
ProcessListHolder_Worker.Clear();
try
{
foreach (Process theprocess in processlist)
{
double memory;
ProcessReportsModel ProcessData = new ProcessReportsModel();
ProcessData.ID = theprocess.Id.ToString();
memory = theprocess.PrivateMemorySize64;
memory = memory / 1000000;
ProcessData.Memory = memory.ToString() + " MB";
ProcessData.Name = theprocess.ProcessName;
ProcessData.Status = theprocess.Responding;
try
{
ProcessData.ExecutionPath = theprocess.MainModule.FileName;
ProcessData.MachineName = theprocess.MachineName;
}
catch (Win32Exception w)
{
ProcessData.ExecutionPath = w.Message;
ProcessData.MachineName = w.Message;
}
ProcessListHolder_Worker.Add(ProcessData);
}
}
catch (Exception)
{ }
}));
e.Result = ProcessListHolder_Worker;
}
public static void ProcessAnalyse(ProcessReportsModel Process)
{
bool AuthorizeProcessAnalyse = true;
bool IsProcessUnwanted = true;
bool IsProcessBlacklisted = false;
bool AddAlert_W = true;
bool AddAlert_B = true;
foreach (ProcessReportsModel EProcess in GlobalResources.ProcessList)
{
if (string.Equals(EProcess.Name, Process.Name))
{
AuthorizeProcessAnalyse = false;
}
}
if (AuthorizeProcessAnalyse)
{
if (GlobalResources.SelectedProcessRestrictionType == 0)
{
//Checks whether a process is there in the whitelist, if not triggers an alert
foreach (ProcessReportsModel _Process in Restrictions.AllProcess_Restrictions)
{
if (string.Equals(_Process.Name, Process.Name) & string.Equals(_Process.ExecutionPath, Process.ExecutionPath))
{
IsProcessUnwanted = false;
}
}
if (IsProcessUnwanted)
{
foreach (AlertsModel AM in GlobalAlerts.AllAlerts)
{
if (string.Equals(AM.Activity, Process.Name))
{
AddAlert_W = false;
AlertsModel Alert = new AlertsModel {
No = GlobalAlerts.No, Time = DateTime.Now.ToShortTimeString(), Date = DateTime.Now.ToShortDateString(), Type = "UnWanted Process", Activity = Process.Name, Information = "Process Restriction Violation "
};
GlobalResources.IWantToUpdateAlert(Alert);
}
}
if (AddAlert_W)
{
GlobalAlerts.No++;
AlertsModel Alert = new AlertsModel {
No = GlobalAlerts.No, Time = DateTime.Now.ToShortTimeString(), Date = DateTime.Now.ToShortDateString(), Type = "UnWanted Process", Activity = Process.Name, Information = "Process Restriction Violation "
};
Application.Current.Dispatcher.Invoke(delegate
{
GlobalAlerts.AllAlerts.Add(Alert);
});
GlobalResources.IWantToUpdateAlert(Alert);
}
GlobalResources.IGeneratedAlert();
if (!GlobalResources.IsNotificationWindowShown)
{
Notify();
}
}
}
else
{
//Checks whether a process is there in the Blacklist, if not triggers an alert
foreach (ProcessReportsModel _Process in Restrictions.AllProcess_Restrictions)
{
if (string.Equals(_Process.Name, Process.Name) & string.Equals(_Process.ExecutionPath, Process.ExecutionPath))
{
IsProcessBlacklisted = true;
}
if (IsProcessBlacklisted)
{
foreach (AlertsModel AM in GlobalAlerts.AllAlerts)
{
if (string.Equals(AM.Activity, Process.Name))
{
AddAlert_B = false;
AlertsModel Alert = new AlertsModel {
No = GlobalAlerts.No, Time = DateTime.Now.ToShortTimeString(), Date = DateTime.Now.ToShortDateString(), Type = "Blacklisted Process", Activity = Process.Name, Information = "Process Restriction Violation"
};
GlobalResources.IWantToUpdateAlert(Alert);
}
}
if (AddAlert_B)
{
GlobalAlerts.No++;
AlertsModel Alert = new AlertsModel {
No = GlobalAlerts.No, Time = DateTime.Now.ToShortTimeString(), Date = DateTime.Now.ToShortDateString(), Type = "Blacklisted Process", Activity = Process.Name, Information = "Process Restriction Violation"
};
App.Current.Dispatcher.Invoke((Action) delegate
{
GlobalAlerts.AllAlerts.Add(Alert);
});
GlobalResources.IGeneratedAlert();
GlobalResources.IWantToUpdateAlert(Alert);
}
if (!GlobalResources.IsNotificationWindowShown)
{
Notify();
}
}
}
}
}
}
