dcsimg
Results 1 to 11 of 11

Thread: Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

  1. #1

    Thread Starter
    Member
    Join Date
    Jun 2018
    Posts
    51

    Question Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

    I have an Anti-Virus in VB.Net, which has a real-time protection engine. Here's how it works.


    1. Any process that is opened, it gets scanned.

    2. That process that gets scanned, gets its MD5 hash taken from it, then compared to a string of MD5 hashes.

    3. If the hash from the process is the same, a MessageBox comes up saying
    Code:
    Virus Detected!
    and the program is SUPPOED TO automatically end the process when the MessageBox comes up, but, when I try to end it with code, it gives me an "'Access denied to path 'xxx'" error message.

    This is my code for the function to end the program.



    Code:
    Private Function GetMD5String(ByVal strFilename As String) As String
    
            Dim cMD5 = System.Security.Cryptography.MD5.Create
            Dim bytHash As Byte()
            Dim sb As New System.Text.StringBuilder
            Dim scanbox As New TextBox
            scanbox.Text = My.Computer.FileSystem.ReadAllText("viruslist.txt").ToString
    
            Using cStream As New IO.FileStream(strFilename, IO.FileMode.Open, IO.FileAccess.Read, IO.FileShare.Read)
    
                bytHash = cMD5.ComputeHash(cStream)
            End Using
    
            For Each c In bytHash
                sb.Append(c.ToString("X2"))
            Next
            If scanbox.Text.Contains(sb.ToString) Then
                Detect.Show()
                Detect.BringToFront()
                Me.SendToBack()
                Kill(strFilename)
    
    
            End If
    
            Return sb.ToString
    
    
    
        End Function

    If I insert
    Code:
    Process.Kill(strFilename)
    I get the error:

    Too many arguments to 'Public Overloads Sub Kill()

    I've run this program as administrator, but it still hasn't done anything.

    Any help would be greatly appreciated! Thanks.
    Last edited by Modulus; Jun 15th, 2018 at 06:12 AM. Reason: not mentioning important information in question.

  2. #2
    .NUT jmcilhinney's Avatar
    Join Date
    May 2005
    Location
    Sydney, Australia
    Posts
    103,720

    Re: Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

    This is a perfect example of why you should read the documentation. That Kill method you're calling is for deleting files, not ending a process. You should be calling Process.Kill.

  3. #3

    Thread Starter
    Member
    Join Date
    Jun 2018
    Posts
    51

    Re: Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

    I've already tried this method, and have read the documentation.

    If I insert

    Code:
    Process.Kill(strFilename)
    I get the error:
    Too many arguments to 'Public Overloads Sub Kill()
    I'll insert this into my question.

  4. #4
    PowerPoster JuggaloBrotha's Avatar
    Join Date
    Sep 2005
    Location
    Lansing, MI; USA
    Posts
    4,280

    Re: Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

    Quote Originally Posted by Modulus View Post
    I've already tried this method, and have read the documentation.

    If I insert

    Code:
    Process.Kill(strFilename)
    I get the error:

    I'll insert this into my question.
    If you had read the documentation you would know why that wouldn't work. You get an instance of the process first, then call it's Kill() function (hint there's no arguments passed in there either).

  5. #5
    King of sapila
    Join Date
    Oct 2006
    Location
    Greece
    Posts
    5,602

    Re: Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

    Also this is hardly a anti virus system.
    Any well respected virus will create copies and will not just and with closing the process.
    It may also mutate so the hash will not get it.
    But that is enough info now...
    Slow as hell.

  6. #6

    Thread Starter
    Member
    Join Date
    Jun 2018
    Posts
    51

    Re: Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

    Quote Originally Posted by sapator View Post
    Also this is hardly a anti virus system.
    Any well respected virus will create copies and will not just and with closing the process.
    It may also mutate so the hash will not get it.
    But that is enough info now...
    It's only Alpha, these are just some of the functions. I'm going to add file-encryption, hash tracking, and much more.

  7. #7
    Frenzied Member
    Join Date
    Dec 2014
    Location
    VB6 dinosaur land
    Posts
    1,191

    Re: Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

    I hope you're doing this just for fun rather than as something meant for production.

  8. #8
    Super Moderator Shaggy Hiker's Avatar
    Join Date
    Aug 2002
    Location
    Idaho
    Posts
    34,450

    Re: Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

    It IS an interesting exercise, to be sure, but anti-viruses are a moving target because viruses keep on changing. If you stop A, B, and C, there will surely be created a D, E, and F. Catch those, and new ones will be created. So, it's a large and perpetual problem. It's certainly well worth studying, and this seems like a good start, you just have to realize that for each of you there are hundreds of others figuring out how to get around whatever barriers you throw in their path. Ultimately, it takes teams of people like you, working together, to keep up with the teams of people trying to circumvent anything you do. Not a bad race to be in, but a race that you can never win.
    My usual boring signature: Nothing

  9. #9
    Bad man! ident's Avatar
    Join Date
    Mar 2009
    Location
    Cambridge
    Posts
    5,326

    Re: Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

    If you really want to fight Malware sign up to my old school geekstogo.com, learn how malware works first. I was programming many years before I would even consider writing such a tool. I gained access to hidden documentation for tools such as combofix, JRT and countless anti-rootkit tools. You would be surprised how some of these tools are coded. Learn before you try to attempt such a project. No disrespect but you don't even no a simple class such as something simple as a process class that could easily be found on MSDN.

    There is a reason why combofixs documentation is hidden. It was a powerful tool. Can't say amazingly structured but did what it said. Text found inside.

    :: It's okay if you want to take a peek at the script but ......
    :: please bear in mind that if you have to copy, that means you can't script it on your own.
    :: Copying means you don't understand enough. Also means you're not ready to make tools.
    :: Do yourself & everybody else a favor. Don't release anything that you dont fully understand.
    :: Chances of trashing a machine is high. Bide your time. If you work hard, your time shall come.

    You are struggling to terminate a simple process. Great project to be working on but do not start sending to your friends.

    With the data I have I can currently kill 4000k + items of Malware and flag around 100 known rootkits. I am no where near complete.

    Bide your time and remember. Stop calling It vb.net

  10. #10

    Thread Starter
    Member
    Join Date
    Jun 2018
    Posts
    51

    Re: Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

    I've signed up. Do you have any sample projects that are open source or the link for the combofix documentation?

  11. #11
    Bad man! ident's Avatar
    Join Date
    Mar 2009
    Location
    Cambridge
    Posts
    5,326

    Re: Error: "Access to path 'xxx' is denied" when trying to end process from VB.Net

    The documentation is not public. I don't mean sign up for the site. Sign up to the Malware school. Completion of the course can take between One/Three years realistically. As you advanced you will gain access to more information. Upper graduate is where you will get the private documentation for combofix. The tool, however, is abandoned.

    The world of Malware will be opened up to you after graduation. You can also apply to become a united agasint malware member and gain access to thousands of private documents. With this you will have a better understanding of how to write your tools.

    I would suggest start learning FRST. It's our main diagnostic tool http://www.geekstogo.com/forum/topic...ery-scan-tool/

    That said don't think it will be a walk in the park. Most teachers are retired security ops and have nothing better to do then pick on you & jump on every mistake you make. They mean well.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Featured


Click Here to Expand Forum to Full Width