Sign in to follow this  
Followers 0
anixon

Process Monitor

15 posts in this topic

Comments and improvements would be appreciated.

I thought that an INI file would avoid unnecessary changes to the code.

I guess that it should have also included the name of the program to be monitored.

; Program monitor on anyprogram.exe

;

; Check that INI File available

;

$file = FileOpen(@scriptdir&"\ypmonitor.ini", 0)

if $file = -1 then

MsgBox(0, "Processing Error", "Unable to open ypmonitor.ini")

exit

EndIf

; Read INI File Variables

;

$var8 = iniread(@scriptdir&"\ypmonitor.ini", "monitor", "countm", "60000")

$var9 = iniread(@scriptdir&"\ypmonitor.ini", "stealth", "mode", "0")

;Process stealth mode setting

;

if $var9() = 1 then

#NoTrayIcon

EndIf

;Monitor anyprogram for restart

;

While 1 = 1

$PID = ProcessExists("anyprogram.exe") ; Will return the PID or 0 if the process isn't found.

If $PID = 0 Then

Run ("c:\program files\program\anyprogram.exe")

endif

Sleep ($var8)

Wend

;

;End of script

Share this post


Link to post
Share on other sites



Fixed it up a bit.

If Not FileExists(@ScriptDir & "\ypmonitor.ini") Then 
MsgBox(0, "Processing Error", "Unable to open ypmonitor.ini")
exit
EndIf

; Read INI File Variables
;
$var8 = iniread(@scriptdir&"\ypmonitor.ini", "monitor", "countm", "60000")
$var9 = iniread(@scriptdir&"\ypmonitor.ini", "stealth", "mode", "0")

;Process stealth mode setting
;
if $var9 = 1 then
#NoTrayIcon
EndIf

;Monitor anyprogram for restart
;
While 1
$PID = ProcessExists("anyprogram.exe"); Will return the PID or 0 if the process isn't found.
If $PID = 0 Then
Run ("c:\program files\program\anyprogram.exe")
endif
Sleep ($var8)
Wend

Live and Learn, 'cause Knowledge is Super Power.

Share this post


Link to post
Share on other sites

Sounds malicious to me ..... hummmmm ;)


Agreement is not necessary - thinking for one's self is!

My-Colors.jpg

cuniform2.gif

Share this post


Link to post
Share on other sites

Sounds malicious to me ..... hummmmm ;)

Its part of a system I am working on that manages a home security surveillance system. If an unauthorised person gets access and attempts to close the surveillance software then this monitor will restart it and keep it running and recording video of the intruders.

Share this post


Link to post
Share on other sites

Fixed it up a bit.

If Not FileExists(@ScriptDir & "\ypmonitor.ini") Then 
MsgBox(0, "Processing Error", "Unable to open ypmonitor.ini")
exit
EndIf

; Read INI File Variables
;
$var8 = iniread(@scriptdir&"\ypmonitor.ini", "monitor", "countm", "60000")
$var9 = iniread(@scriptdir&"\ypmonitor.ini", "stealth", "mode", "0")

;Process stealth mode setting
;
if $var9 = 1 then
#NoTrayIcon
EndIf

;Monitor anyprogram for restart
;
While 1
$PID = ProcessExists("anyprogram.exe"); Will return the PID or 0 if the process isn't found.
If $PID = 0 Then
Run ("c:\program files\program\anyprogram.exe")
endif
Sleep ($var8)
Wend

Thanks for the help. Like many things in this life there is a way that it works and there is an elegant way

Share this post


Link to post
Share on other sites

Its part of a system I am working on that manages a home security surveillance system. If an unauthorised person gets access and attempts to close the surveillance software then this monitor will restart it and keep it running and recording video of the intruders.

What happens when they turn the computer off ? Does it restart the computer too ?

Agreement is not necessary - thinking for one's self is!

My-Colors.jpg

cuniform2.gif

Share this post


Link to post
Share on other sites

What happens when they turn the computer off ? Does it restart the computer too ?

Share this post


Link to post
Share on other sites

System runs on a wireless networked stand-alone-computer box supported by a UPS installed in a locked and not obvious facility. Network Router and Wireless Internet Modem also supported by UPS. Loss of mains power to either system will trigger an immediate SMS alert to a user nominated GSM/CDMA mobile phone. Email with photo attachments are also triggered to a user nominated off site email address.

If access to the computer is gained and switched off or disconnected from the power supply well no more surveillance. But with hidden camera's covering all approaches and the surveillance system not on display I think I have got a better than even chance of getting footage that the police would find useful and also as proof to the insurance company that the property was broken into.

Your comments are valid as it forces one to think of all likely events

Cheers Ant

Share this post


Link to post
Share on other sites

Your #NoTrayIcon always takes effect. It doesn't matter if you put it in the If block. Use the Opt code for hiding the icon instead.

Why is there so much security?

Share this post


Link to post
Share on other sites

Why is there so much security?

???

Its part of a system I am working on that manages a home security surveillance system. If an unauthorised person gets access and attempts to close the surveillance software then this monitor will restart it and keep it running and recording video of the intruders.

???

System runs on a wireless networked stand-alone-computer box supported by a UPS installed in a locked and not obvious facility. Network Router and Wireless Internet Modem also supported by UPS. Loss of mains power to either system will trigger an immediate SMS alert to a user nominated GSM/CDMA mobile phone. Email with photo attachments are also triggered to a user nominated off site email address.

If access to the computer is gained and switched off or disconnected from the power supply well no more surveillance. But with hidden camera's covering all approaches and the surveillance system not on display I think I have got a better than even chance of getting footage that the police would find useful and also as proof to the insurance company that the property was broken into.

Your comments are valid as it forces one to think of all likely events

Cheers Ant

If you are worried about them gaining access to this computer to turn off a process that is running on a locked computer then you might want to get a firewall and turn off everything - that way unless they get into the room - where I am sure the computer will be locked in a server rack and the computer password protected - you might want to put in a door contact or PIR on the inside of the door to notify of entry and tie it into the pager part.

All by me:

"Sometimes you have to go back to where you started, to get to where you want to go." 

"Everybody catches up with everyone, eventually" 

"As you teach others, you are really teaching yourself."

From my dad

"Do not worry about yesterday, as the only thing that you can control is tomorrow."

 

WindowsError.gif

WIKI | Tabs; | Arrays; | Strings | Wiki Arrays | How to ask a Question | Forum Search | FAQ | Tutorials | Original FAQ | ONLINE HELP | UDF's Wiki | AutoIt PDF

AutoIt Snippets | Multple Guis | Interrupting a running function | Another Send

StringRegExp | StringRegExp Help | RegEXTester | REG TUTOR | Reg TUTOT 2

AutoItSetOption | Macros | AutoIt Snippets | Wrapper | Autoit  Docs

SCITE | SciteJump | BB | MyTopics | Programming | UDFs | AutoIt 123 | UDFs Form | UDF

Learning to script | Tutorials | Documentation | IE.AU3 | Games? | FreeSoftware | Path_Online | Core Language

Programming Tips

Excel Changes

ControlHover.UDF

GDI_Plus

Draw_On_Screen

GDI Basics

GDI_More_Basics

GDI Rotate

GDI Graph

GDI  CheckExistingItems

GDI Trajectory

Replace $ghGDIPDll with $__g_hGDIPDll

DLL 101?

Array via Object

GDI Swimlane

GDI Plus French 101 Site

GDI Examples UEZ

GDI Basic Clock

GDI Detection

Ternary operator

Share this post


Link to post
Share on other sites

???

???

If you are worried about them gaining access to this computer to turn off a process that is running on a locked computer then you might want to get a firewall and turn off everything - that way unless they get into the room - where I am sure the computer will be locked in a server rack and the computer password protected - you might want to put in a door contact or PIR on the inside of the door to notify of entry and tie it into the pager part.

Already run a firewall on the router as well as the computer and thanks for the door contact suggestion

Cheers Ant

Share this post


Link to post
Share on other sites

???

???

If you are worried about them gaining access to this computer to turn off a process that is running on a locked computer then you might want to get a firewall and turn off everything - that way unless they get into the room - where I am sure the computer will be locked in a server rack and the computer password protected - you might want to put in a door contact or PIR on the inside of the door to notify of entry and tie it into the pager part.

Why so much security, well have you ever been burgled and then made a claim on an insurance company that wants evidence, more evidence and more evidence before they will consider the claim. Have you checked lately what a stand-a-lone security costs to install and monitor (in Australia that is).

And whats more important since I have retired all I like a challenge.

Share this post


Link to post
Share on other sites

Why so much security, well have you ever been burgled and then made a claim on an insurance company that wants evidence, more evidence and more evidence before they will consider the claim. Have you checked lately what a stand-a-lone security costs to install and monitor (in Australia that is).

And whats more important since I have retired all I like a challenge.

I've done security in the past with server rooms and private offices and one of the easiest ways to 'trap' an intruder is to leave 'bait' easily accessible.

Example: Set up a cheap computer with cheap surveillance and leave it in plain site, or in a somewhat obvious location, leaving the true security hidden. The intruder will discover the 'obvious' security and disable it and then proceed under the impression that they have defeated the security system, thus giving you much more evidence.

Sending the video directly to a server on the internet is a good way to ensure they can't delete the evidence.

Low tech ideas - dogs, motion sensor lights, noise makers like bells or wind chimes on doors and windows.


Agreement is not necessary - thinking for one's self is!

My-Colors.jpg

cuniform2.gif

Share this post


Link to post
Share on other sites

I've done security in the past with server rooms and private offices and one of the easiest ways to 'trap' an intruder is to leave 'bait' easily accessible.

Example: Set up a cheap computer with cheap surveillance and leave it in plain site, or in a somewhat obvious location, leaving the true security hidden. The intruder will discover the 'obvious' security and disable it and then proceed under the impression that they have defeated the security system, thus giving you much more evidence.

Sending the video directly to a server on the internet is a good way to ensure they can't delete the evidence.

Low tech ideas - dogs, motion sensor lights, noise makers like bells or wind chimes on doors and windows.

Low tech ideas do work according to a friend of mine who suggested that a very hungry Rotweiller was a good security option, which begs the question as to what then would be the bait? Sending the videos to the internet is all part of my strategy and a good idea.

Share this post


Link to post
Share on other sites

did you know that WMI can manage processes ?

you can tell him to make events with them

just take a look on scriptcenter at MSDN


-- Arck System _ Soon -- Ideas make everything

"La critique est facile, l'art est difficile"

Projects :

[list] [*]Au3Service : Run your exe as service V3 / Updated 29/07/2013 Get it Here [/list]

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0