C#•3y ago

Process Checker [Answered]

I'm creating an ""antivirus"" and I'm using a thread to check when a new process is started (but the thread is consuming a lot of cpu and I was wondering if there is another way to do this)

15 Replies

Unknown User•3y ago

Message Not Public

LuizdodibreOP•3y ago

@Peep i'm checking every certain time if the process (I'll give an example) notepad.exe was executed if it was it terminates the process however this demands a lot of CPU and I don't know another effective way or that doesn't spend so much cpu

Anchy•3y ago

share some code as you may be able to do it in a more efficient way

LuizdodibreOP•3y ago

internal void exc()
        {
            if (!hasStarted)
            {
                hasStarted = true;
                var ff = new Form();
                int flag = 0;
                Thread eventThread = new Thread(() =>
                {
                    while (keepRunning)
                    {
                        Thread.Sleep(5);
                        Process[] ps = Process.GetProcesses();

                        foreach (Process pr in ps)
                        {
                            if (pr.ProcessName.Contains("notepad++"))
                            {
                                flag += 1;
                                try
                                {
                                pr.Kill();
                                if (flag == 1)
                                    {
                                        this.Invoke((MethodInvoker)delegate { ff.Show(); });
                                    }
                                }
                                catch (Exception ex)
                                {
                                    keepRunning = false;
                                    MessageBox.Show($"Oops! {ex}", "Error");
                                }
                            }
                        }
                    }
                });


                eventThread.IsBackground = true;
                eventThread.Start();
            }
        }

internal void exc()
        {
            if (!hasStarted)
            {
                hasStarted = true;
                var ff = new Form();
                int flag = 0;
                Thread eventThread = new Thread(() =>
                {
                    while (keepRunning)
                    {
                        Thread.Sleep(5);
                        Process[] ps = Process.GetProcesses();

                        foreach (Process pr in ps)
                        {
                            if (pr.ProcessName.Contains("notepad++"))
                            {
                                flag += 1;
                                try
                                {
                                pr.Kill();
                                if (flag == 1)
                                    {
                                        this.Invoke((MethodInvoker)delegate { ff.Show(); });
                                    }
                                }
                                catch (Exception ex)
                                {
                                    keepRunning = false;
                                    MessageBox.Show($"Oops! {ex}", "Error");
                                }
                            }
                        }
                    }
                });


                eventThread.IsBackground = true;
                eventThread.Start();
            }
        }

@Anchy the code looks like this

ero•3y ago

You need to Dispose all other processes in the array that you don't use

Kouhai•3y ago

The app would always be CPU heavy because your loop is running every 5ms

LuizdodibreOP•3y ago

@Kouhai yes it is running every 5ms just so the application can't even run (but I don't know any other way to do this without using a thread)

Kouhai•3y ago

Unfortunately querying all running proceses is an expensive operation If you're actually interested in how anti viruses work, they essentially get notified when a new process starts instead of looping and checking every process

LuizdodibreOP•3y ago

@Kouhai OK. but how can I be ""notified""

Kouhai•3y ago

You can take a look at WMI, though a real anti virus would have a custom driver instead of using WMI

LuizdodibreOP•3y ago

okay, I'll look

Zendist•3y ago

https://stackoverflow.com/a/972067/618441

Stack Overflow

Is there a System event when processes are created?

Is there any event when a new process is created. I'm writing a c# application that checks for certain processes, but I don't want to write an infinite loop to iterate through all known processes

Zendist•3y ago

For the WMI approach.

LuizdodibreOP•3y ago

Ok thanks

Accord•3y ago

✅ This post has been marked as answered!

Gaming

Programming

Process Checker [Answered]