Jump to content

drlynch

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation Activity

  1. Like
    drlynch got a reaction from TheXman in Close processes within a certain directory and list closed processes in txt file.   
    Hello, TheXman.
    Sorry for not responding as fast as I should, but I was trying to perform some tests that finally didn't work. 
    I've tried _PathSplit, along with ProcessList, ProcessExists and _WinAPI_GetProcessFileName.
    I was trying to get the ID with ProcessList, and then from that ID get the path of the running processes. But in tests I've done, they didn't work.
    The IDs of the Processes showed me perfectly, together with the name of the process, but some processes did not show any path, and other processes did show the path correctly. I've been looking for a reason why this might be happening, but couldn't find it.
     



    In any case, your code is completely different from what I had done.
    I am surprised by your code. It's great. I have to study all those lines of code, because as you tell me, there are many that I don't know.
    I have no words to thank you for that code. You are a master. I wish there were more people like you in other communities, to help beginners like me.
    If I can't find information about some lines of your code, and I have some doubts, I'll let you know. And don't worry, I'm not going to publish any tool without doing a lot of testing first. In the end I am taking this as a way of learning, because I am really at the base of learning AutoIT.
    I'll keep you informed.
    Greetings and thousands of thanks.
  2. Like
    drlynch got a reaction from TheXman in Close processes within a certain directory and list closed processes in txt file.   
    Hello, TheXman
    You are very kind to me. Thank you for your words, because this makes me feel at home.
    Helping beginners is somewhat difficult, because we want to do things too fast, without even knowing the documentation. Serious mistake.
    I will briefly respond to some of your comments.
    I use tools like Farbar to help users remove all kinds of malware, as well as anti-malware like MalwareBytes, AdwCleaner, etc.
    The problem is that the malware that I am trying to eradicate is only affecting a certain country or countries (I understand that there is some illegal software download website that is distributing this malware). I have reported to Google (VirusTotal) and sent a sample of the file to Microsoft. But it doesn't appear that they have taken action against the malware.
    I have yet to report MalwareBytes for example, but in any case there are already reversing technical docs of some of the variants of this malware. I guess some reversing experts will have already done it.
    Of course, my intention is not to create a definitive removal tool, because I would have to use later a more effective study with Farbar for example, but to at least try to eliminate the most vital processes of the malware.
    The best thing would be to check the signature of the files, the hashes, etc.; but I would do this in a later step if I got a breakthrough in this first phase of development.
    The first option that occurred to me was to use C# or Python, but AutoIT seemed like a quick option. This is more of a way of learning. If the tool, once tested on various own computers, works, it could help some users.
     
    Sorry, I thought @TempDir would remove temporary files, but of course, it makes sense that @TempDir simply contains the value of the TEMP environment variable.
     
    Honestly, I didn't even check the folder that AutoIT creates when it installs. I directly went to the code editor.
    From now on, I'm going to go much slower with all of this, because I don't want to make any more mistakes.
     
    I don't want to bother you
    We all have many things to do on a daily basis, and your answers have helped me understand that the answers I am looking for, I will not find directly in a search in the forum. At least, code that may be out of date.
    Thank you for your answers so elaborate, and with so much good information. You have been very helpful. I will try to test and test, before I ask again.
    All the best.
×
×
  • Create New...