public ProcessObject TransformToProcessObject(Process process) { ProcessObject processObject = new ProcessObject(); VirusTotalService hasher = new VirusTotalService(); try { processObject.Hash = hasher.GetHash(process.MainModule.FileName); processObject.HashMatched = CheckHash(processObject.Hash); processObject.ProcessPriorityClass = process.PriorityClass; processObject.PrivilegedProcessorTime = process.PrivilegedProcessorTime; processObject.ProcessName = process.ProcessName; processObject.TotalProcessorTime = process.TotalProcessorTime; processObject.SessionId = process.SessionId; processObject.Responding = process.Responding; processObject.MainModule = new ProcessModuleObject { ModuleName = process.MainModule.ModuleName, FileName = process.MainModule.FileName, ModuleMemorySize = process.MainModule.ModuleMemorySize, Version = process.MainModule.FileVersionInfo.FileVersion }; processObject.MainWindowTitle = process.MainWindowTitle; processObject.MachineName = process.MachineName; processObject.HandleCount = process.HandleCount; processObject.HasExited = process.HasExited; } catch (Exception) { return(null); } return(processObject); }
static void Main(string[] args) { Hasher hasher = new Hasher(new string[] { @"C:\Users\AuthBase\source\repos\AuthBaseSystemIOMonitor\packages\EntityFramework.6.2.0" }); var hashes = hasher.HashSystem(); FileHasherContext context = new FileHasherContext(); FileRepository repository = new FileRepository(context); //repository.SaveFiles(hashes); Program program = new Program(); var objs = program.GetProcessInfo("devenv"); CheckHashes(); //var process = Process.GetProcessesByName("firefox")[0]; //string path = process.MainModule.FileName; //ProcessStartInfo startInfo = new ProcessStartInfo //{ // UseShellExecute = true, // CreateNoWindow = false, // WindowStyle = ProcessWindowStyle.Normal, // FileName = @"C:\Users\AuthBase\source\repos\AuthBaseSystemIOMonitor\AuthBaseMonitoringService\Resources\DialogDisplay.exe", // //Arguments = @"C:\hashes.json" //}; //Process.Start(startInfo); //System.Windows.Forms.Application.Run(new DialogDisplay.DialogDisplay()); RunTest("devenv"); VirusTotalService virusTotal = new VirusTotalService(); var output1 = virusTotal.SigCheckDirectoryFull(@"C:\Users\AuthBase\source\repos\AuthBaseSystemIOMonitor\packages"); var output2 = virusTotal.SigCheckFile(@"C:\Users\AuthBase\source\repos\AuthBaseSystemIOMonitor\AuthBaseMonitoringService\bin\Debug\AuthBaseMonitoringService.exe"); }
public ProcessObject TransformToProcessObject(Process process, Dictionary <string, float> otherResources) { ProcessObject processObject = new ProcessObject(); VirusTotalService hasher = new VirusTotalService(); try { string hash = hasher.GetHash(process.MainModule.FileName); processObject.HashMatched = CheckHash(hash); processObject.CPUUsage = otherResources["CPUUsage"]; processObject.RAMUsage = otherResources["RAMUsage"]; processObject.Handles = otherResources["Handles"]; processObject.Threads = otherResources["Threads"]; processObject.ReadBytes = otherResources["ReadBytes"]; processObject.WriteBytes = otherResources["WriteBytes"]; processObject.ReadOps = otherResources["ReadOps"]; processObject.WriteOps = otherResources["WriteOps"]; processObject.ProcessPriorityClass = process.PriorityClass; processObject.PrivilegedProcessorTime = process.PrivilegedProcessorTime; processObject.ProcessName = process.ProcessName; processObject.TotalProcessorTime = process.TotalProcessorTime; processObject.SessionId = process.SessionId; processObject.Responding = process.Responding; processObject.MainModule = new ProcessModuleObject { ModuleName = process.MainModule.ModuleName, FileName = process.MainModule.FileName, ModuleMemorySize = process.MainModule.ModuleMemorySize, Version = process.MainModule.FileVersionInfo.FileVersion }; processObject.MainWindowTitle = process.MainWindowTitle; processObject.MachineName = process.MachineName; processObject.HandleCount = process.HandleCount; processObject.HasExited = process.HasExited; } catch (Exception ex) { return(null); } return(processObject); }