X-sploiT Posted May 30, 2007 Posted May 30, 2007 (edited) well ok im making a thing where i have a list off .exes to kill from a text file but what if a cant kill it i msgbox will keep popin up,i wanna check fior system proccesses,is there anyway than making a list and also getting the proccess path would be kool #include <File.au3> Global $Line[256] HotKeySet("{INS}","Scan") while 1 sleep(1) wend Func Scan() $path=@ScriptDir & '\test.txt' $file = FileOpen($path, 0) $count=_FileCountLines($path) If $file = -1 Then MsgBox(0, "Error", "Unable to open file.") Exit EndIf while 1 for $i=1 to $count $line[$i] = FileReadline($file,$i) if ProcessExists($line[$i]) Then ProcessClose($line[$i]) MsgBox(0, $line[$i], "Malicious Proccess Found And Killed") EndIf next WEnd FileClose($file) EndFunc Edited May 30, 2007 by X-sploiT
smashly Posted May 30, 2007 Posted May 30, 2007 Hi, Sorry I'm not sure how to check if a process is a system process but there's a couple of functions ppl on the forum have written for finding the path of the process exe.. I use Larry's function mostly.$pid = Run('notepad.exe') Sleep(500) MsgBox(0, '', _ProcessGetLocation($pid)) Func _ProcessGetLocation($iPID) Local $aProc = DllCall('kernel32.dll', 'hwnd', 'OpenProcess', 'int', BitOR(0x0400, 0x0010), 'int', 0, 'int', $iPID) If $aProc[0] = 0 Then Return SetError(1, 0, '') Local $vStruct = DllStructCreate('int[1024]') DllCall('psapi.dll', 'int', 'EnumProcessModules', 'hwnd', $aProc[0], 'ptr', DllStructGetPtr($vStruct), 'int', DllStructGetSize($vStruct), 'int_ptr', 0) Local $aReturn = DllCall('psapi.dll', 'int', 'GetModuleFileNameEx', 'hwnd', $aProc[0], 'int', DllStructGetData($vStruct, 1), 'str', '', 'int', 2048) If StringLen($aReturn[3]) = 0 Then Return SetError(2, 0, '') Return $aReturn[3] EndFuncoÝ÷ Ù8^íý±©l¡©è¶«¢w®²)àÂhºÒ¢}ý¶·¦zfÞ¯hº-z+l¢ºò¶ay«ÚºÚ"µÍÚ[ÛYH Ð^K]LÉÝÂÛØ[ ÌÍÝØ[QYÔ][[YYX][HHLÈÑÈÕÒSÑB ÌÍÝØ[QYÑÜØÛHHÑÈÕÒSÑBØØ[ ÌÍØÛÛ][Ë ÌÍÛØÓRTÙXÙK ÌÍÛØ][BØØ[ ÌÍÙ^]H ][ÝÉ][ÝÂÌÍÛØÓRTÙXÙHHØÙ] ][ÝÝÚ[YÛ]ÎÌLÉÌLÉ][ÝÈ [ÈÛÛ][YH [È ][ÝÉÌLÜÛÝ ÌLÐÒSU][ÝÊBÌÍØÛÛ][ÈH ÌÍÛØÓRTÙXÙK^XÔ]YH ][ÝÔÑSPÕ ÓHÚ[ÌÔØÙÜÉ][ÝË ][ÝÕÔS ][ÝË ÌÍÝØ[QYÔ][[YYX][H È ÌÍÝØ[QYÑÜØÛJB[H ÌÍÙ^]ÌWBYÓØ ÌÍØÛÛ][ÊH[Ü ÌÍÛØ][H[ ÌÍØÛÛ][ÂQ[H ÌÍÙ^]ÕPÝ[ ÌÍÙ^] JÌWB ÌÍÙ^]ÕPÝ[ ÌÍÙ^] KLWHH ÌÍÛØ][K^XÝ]XT]^[YÐ^QÜ^J ÌÍÙ^] ][ÝÑ^XÝ]XH]É][ÝÊ Cheers
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now