Help to get started on a process blocker tool for work

Question

Hi, I'm learning c# (on my own time on the net) and I'm making it in C#. My goal is to block known bad process. Reason is that i want to make something for work since I work on computer (a computer repair store) and i run into common files that are virus, or any other malware. Some are very annoying to clean and if I had a this, this would decrease my work time on them. The problem I'm running into is just to get started. I'm also making this app just so I can learn and it helps to motivate me to learn. So I got several question on how to get started. And also to point out on what else I would like this to do is to run without installing, meaning that I want to just double click the .exe file that I make and run it without installing.

1. How do I go about to store all these known files. (Just to start with, just 10 or less) Do I make an XML file to store all these processes or what can I do to go about this?

2. Can you give me a brief code snippet of the code needed to read/ and block the process? (just a very short lines of code be helpful, or links to ensamples or to read)

3.  Can c# make portable .exe files? (just a yes or no to what I would like to do will work)
Thank you in advance
-WG

Answer 1

You can make use of the process Class to identify the running processes and use Process.Kill() to kill it

You can store the process names, or their IDs in the XML file. This config XML file can be read at runtime to get all the process to be killed.

Once you have done that you can get a list of all running processes and iterate through them to identify if the malware processes are running. If so then kill them

By Portable .exe do you mean which can be setup on some other system? If so,the answer is yes.

See the following link

http://stackoverflow.com/questions/116090/how-do-i-kill-a-process-using-vb-net-or-c

---

Ganesh Ranganathan
[Please mark the post as answer if you find it helpful]

Answer 2

Hi, and thanks for your replied.

What i mean by a portable .exe is i want to run my APP without installing it. And also for better understanding, I have a list of process I do not want to run. <In my App> So i click "Go" to begin the button click event to start automaticly killing all the processes I have stored. Question is how do I to store my list, in my app, a XML? in the APP or how to store the list in the APP in code?
How to setup my APP to be a portable APP " meaning without installation"?

All I'm asking is a short code of some of these question. I don't need the whole code but just a little where I could get started at. I do see that I got alot to learn, but I'm willing to take the app by the horns and learn, even being ingorant, This has already become challege,,, but,  I like a challege.
No, I may may not get it done and end up downloading something, but I am determined to make it. I do have some knowlege as a beginer in vb/c#. Also, just some links will do as well. And sorry for the long time to reply, but i took a break over the week-end from the computer (some what, just watch movies, tv show online)


Thanks again, and in advance
-WG

Answer 3

This sounds like a good candidate for a console application, at least to start. This will enable you to focus initially on core application logic as opposed to UI framework issues. See http://msdn.microsoft.com/en-us/library/452fz12a.aspx for how to get started building one of those. When it comes to your application logic, i.e. the part which finds & kills specific processes, the link Ganesh posted above has sample code. Additional information for the relevant APIs can be found here: http://msdn.microsoft.com/en-us/library/system.diagnostics.process.aspx. Regarding where your store the names/info of the processes you want to terminate. I suggest some sort of configurable list, e.g. an XML file the application reads. This will prevent you from having to make code changes to update your tools' knowledge of new malicious targets.

If you want to do this as a GUI application, then you should look at WinForms or Windows Presentation Foundation (WPF). Samples for these two application types, can be found here:
WinForms: http://msdn.microsoft.com/en-us/library/z9w2f38k.aspx
WPF: http://msdn.microsoft.com/en-us/library/ms742119.aspx

At a very cursory level, I'd say the advantage of WinForms is that it's an older technology and therefore available more widely (i.e. it's been in the Framework since V1.0). WPF allows for much more visually appealing applications but requires newer versions of the framework to run. I'd encourage you to use WPF if possible. It's where we're investing heavily in terms of client application development. WinForms is still supported but we're not adding much to it.

Availability of certain framework pieces (e.g. WPF) directly impacts the "portability" of your application. Your application will be portable as long as a supported version of the .Net Framework is installed on the machine along with any application dependencies you might introduce. .Net Framework 2.0 has reached fairly widespread deployment on XP+ so if you target version 2.0 you should be fairly safe. You'll need Framework 3.0 or greater to support WPF. Bottom line though, if a compatible framework isn't on a machine you want to run this on, you'll need to deploy it first. A quick search for ".Net Framework deployment" at http://msdn.microsoft.com should get you going on that.

As your project sounds like a general malware detection/prevention utility, I think you'll find plenty of challenges along the way. More sophisticated malware go to great lengths to ensure you have a difficult time finding them, killing them, and preventing their being launched again. :)

Since you're new to .Net development, I'd suggest http://msdn.microsoft.com and your favorite search engine as a great place to start for tackling issues you run into. There are a LOT of samples out there and material, in general. If you get stuck on a particular problem, feel free to ask here, we'll redirect you to more appropriate forums if necessary.

Jon

Answer 4

Thanks for your help,

I have thought about a console app, but thought about other things of why I should use WinForms, and like you said about the .Net 2.0, I am targeting it, and I'm not going to use wpf since some computers <XP> still doesn't have the right .net to run it. And thanks for confirming about the xml, I was unsure of it. I am new to this. So I'll be asking alot for help with code. Also for everyone to know, I should use Winforms just because I want to add reporting like features like how many times a process has been block and other things, and add other tools in the future (it is a simple looking App (the control will be in a tab control with a listview to show all process that is being block (so I like to know how to do that as well, with code on how to make the listview to work), so each feature will be in it own tab) So I thought about what I wanted. So Winform has it right now for future updates to be added. So any for links will be helpful, I may sound like I know what I'm doing but, I am still quite young to this. So more help the better for me. Here is what I got, but everything you see is not working and like help to make this to work < http://cid-f067fe990f8b12a4.skydrive.live.com/self.aspx/.Public/ProcessBlocker.jpg >

thanks again
-WG