예제 #1
        public static void MonitorLoop()
            //Declare variables to be used
            List <string> ProcessList = new List <string>();
            List <string> SafeList    = new List <string>();
            int           Index;
            String        Trimmed;
            UserSettings  settings = new UserSettings();

            //Setup the eventlog to accept events from this app
            if (!EventLog.SourceExists("SanD"))
                EventLog.CreateEventSource("Sand", "Application");

            //Run through the running processlist and compare it to the safe list
            foreach (string line in File.ReadAllLines(UserSettings.WhiteListLocation))
                Index   = line.IndexOf("~");
                Trimmed = (Index > 0 ? line.Substring(0, Index) : "");
            while (0 == 0)
                //Get a list called localAll of all running processes and do something for each one
                Process[] localAll = Process.GetProcesses();
                foreach (Process IndividualProcess in localAll)
                    //If a running process is not in the safelist attempt to kill it
                    if (SafeList.Contains(IndividualProcess.ProcessName) == false)
                            Console.ForegroundColor = ConsoleColor.Red;
                            Console.WriteLine("Illegal process detected: " + IndividualProcess.ProcessName);
                            Console.WriteLine("Entry Point: " + IndividualProcess.MainModule.EntryPointAddress);
                            Console.ForegroundColor = ConsoleColor.Cyan;
                            Console.WriteLine("Process terminated, writing to event log");
                            EventLog.WriteEntry(IndividualProcess.ProcessName, IndividualProcess.MainModule.FileVersionInfo.ToString(), EventLogEntryType.Warning, 666);
                        catch (Exception ex)

                        Console.ForegroundColor = ConsoleColor.Green;
                        Console.WriteLine("Continuing to monitor....");
예제 #2
        public static void MonitorLoop()
            //Declare variables to be used
            List <string> ProcessList = new List <string>();
            List <string> SafeList    = new List <string>();
            int           Index;
            String        Trimmed;
            UserSettings  settings = new UserSettings();

            //Run through the running processlist and compare it to the safe list
            foreach (string line in File.ReadAllLines(UserSettings.WhiteListLocation))
                Index   = line.IndexOf("~");
                Trimmed = (Index > 0 ? line.Substring(0, Index) : "");
            while (0 == 0)
                //Get a list called localAll of all running processes and do something for each one
                Process[] localAll = Process.GetProcesses();
                foreach (Process IndividualProcess in localAll)
                    //If a running process is not in the safelist attempt to kill it
                    if (SafeList.Contains(IndividualProcess.ProcessName) == false)
                            Console.ForegroundColor = ConsoleColor.Red;
                            Console.WriteLine("Illegal process detected: " + IndividualProcess.ProcessName);
                            Console.WriteLine("Entry Point: " + IndividualProcess.MainModule.EntryPointAddress);
                            Console.ForegroundColor = ConsoleColor.Cyan;
                            Console.WriteLine("Process terminated");
                        catch { };

                        Console.ForegroundColor = ConsoleColor.Green;
                        Console.WriteLine("Continuing to monitor....");
예제 #3
        public static void MonitorLoop()
            //Declare variables to be used
            List <string> ProcessList = new List <string>();
            List <string> SafeList    = new List <string>();
            int           Index;
            String        Trimmed;
            UserSettings  settings   = new UserSettings();
            var           Enviroment = ProcessMonitorOSA.OS.WhatIs();

            Console.ForegroundColor = ConsoleColor.Green;
            Console.WriteLine("Program running...");
            Console.ForegroundColor = ConsoleColor.Gray;

            //Run through the running processlist and compare it to the safe list
            foreach (string line in File.ReadAllLines(UserSettings.WhiteListLocation))
                Index   = line.IndexOf("~");
                Trimmed = (Index > 0 ? line.Substring(0, Index) : "");
            while (0 == 0)
                //Get a list called localAll of all running processes and do something for each one
                Process[] localAll = Process.GetProcesses();
                foreach (Process IndividualProcess in localAll)
                    //If a running process is not in the safelist attempt to kill it
                    if (SafeList.Contains(IndividualProcess.ProcessName) == false)
                            Console.ForegroundColor = ConsoleColor.Red;
                            Console.WriteLine("Illegal process detected: " + IndividualProcess.ProcessName);
                            Console.WriteLine("Entry Point: " + IndividualProcess.MainModule.EntryPointAddress);
                            Console.ForegroundColor = ConsoleColor.Cyan;
                            Console.WriteLine("Process terminated");
                            if (Enviroment == "win")
                            //eventcreate /ID 1 /L APPLICATION /T INFORMATION  /SO MYEVENTSOURCE /D "My first log"
                                Console.ForegroundColor = ConsoleColor.Gray;
                                Console.WriteLine((@"eventcreate /ID 666 /L APPLICATION /T WARNING /SO " + @"""CCDC Process Monitor""" + " /D " + IndividualProcess.ProcessName).Term().stdout);
                            else if (Enviroment == "gnu")
                                Console.ForegroundColor = ConsoleColor.Gray;
                                Console.WriteLine((@"eventcreate /ID 666 /L APPLICATION /T WARNING /SO " + @"""CCDC Process Monitor""" + " /D " + IndividualProcess.ProcessName).Term().stdout);
                            else if (Enviroment == "mac")
                        catch { };

                        Console.ForegroundColor = ConsoleColor.Green;
                        Console.WriteLine("Continuing to monitor....");