Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C#5
Hi, my name is Nicusor,
I have found this code on the net, first I changed the HKEY_LOCAL_MACHINE to HKEY_CURRENT_USER just to find out that you can't ChangeEvent is not supported for HKEY_CURRENT_USER.
I am trying to add two arguments to this application (consoleapplication16.exe)
so it will sound like : consoleapplication16.exe S-1-5-21-4054269417-2950973813-1693298518-1000 snoop_creep
where S-1-5-21-4054269417-2950973813-1693298518-1000 is the SID and snoop_creep is the yahoo id
I am a beginer in C# I'm still learning.
It will be nice if someone could help me.
I am using Microsoft Visual Studio 2010.
Thank you in advance and sorry for my English.
This is the code:
namespace WmiExample
{
    using System;
    using System.Management;
    using System.Diagnostics;
    using System.ComponentModel;
 
    /// <summary>
    /// </summary>
    public class WmiChangeEventTester
    {
        /// <summary>
        /// Initializes a new instance of the <see cref="WmiChangeEventTester" /> class.
        /// </summary>
        public WmiChangeEventTester()
        {
            try
            {
                // Your query goes below; "KeyPath" is the key in the registry that you
                // want to monitor for changes. Make sure you escape the \ character.
                WqlEventQuery query = new WqlEventQuery(
                     "SELECT * FROM RegistryValueChangeEvent WHERE " +
                     "Hive = 'HKEY_USERS'" +
                     @"AND KeyPath = 'args[1]\\Software\\Yahoo\\pager\\profiles\\args[2]\\Custom Msgs' AND ValueName='1_W'");
 
                ManagementEventWatcher watcher = new ManagementEventWatcher(query);
                Console.WriteLine("Waiting for Yahoo! Messenger to change status...");
 
                // Set up the delegate that will handle the change event.
                watcher.EventArrived += new EventArrivedEventHandler(HandleEvent);
 
                // Start listening for events.
                watcher.Start();
 
                // Do something while waiting for events. In your application,
                // this would just be continuing business as usual.
                System.Threading.Thread.Sleep(100000000);
 
                // Stop listening for events.
                watcher.Stop();
            }
            catch (ManagementException managementException)
            {
                Console.WriteLine("An error occurred: " + managementException.Message);
            }
        }
 
        /// <summary>
        /// </summary>
        /// <param name="sender">
        /// The sender.
        /// </param>
        /// <param name="e">
        /// The e.
        /// </param>
        private void HandleEvent(object sender, EventArrivedEventArgs e)
        {
            Console.WriteLine("Yahoo! Messenger status change detected.");
            Process myProcess = new Process();
            myProcess.StartInfo.UseShellExecute = false;
            myProcess.StartInfo.FileName = "PimpToolStatusExtractor.exe";
            myProcess.StartInfo.CreateNoWindow = false;
            myProcess.Start();
        }
 
        /// <summary>
        /// </summary>
        static void Main(string[] args)
        {
            // In my opinion here is where i have to set the args but will al the respect i don't know how

            WmiChangeEventTester receiveEvent = new WmiChangeEventTester();
        }
    }
}
Posted 8-Sep-11 3:47am
Edited 8-Sep-11 3:48am
v2

1 solution

Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

i got till this point where reg_mon.cfg has 1 line : my Yahoo id
but it is opening and closing fast Frown | :( don;t know why. help please
 
<pre>
// ---------------------------------------------------------------------------------------------------------------------
// <copyright file="Program.cs" company="">
//  
// </copyright>
// <summary>
//   Defines the WmiChangeEventTester type.
// </summary>
// ---------------------------------------------------------------------------------------------------------------------
namespace WmiExample
{
      using System;
      using System.Management;
      using System.Security.Principal;
      using System.IO;
 
      /// <summary>
      /// </summary>
      public class WmiChangeEventTester
      {
            /// <summary>
            /// Initializes a new instance of the <see cref="WmiChangeEventTester"/> class.
            /// </summary>
            public WmiChangeEventTester()
            {
                  try
                  {
                        // Your query goes below; "KeyPath" is the key in the registry that you
                        // want to monitor for changes. Make sure you escape the \ character.
                        string a;
                        string b;
                        a = Environment.UserName;
                        b = Environment.MachineName;
                        WindowsIdentity identity = WindowsIdentity.GetCurrent();
                        string filePath = @"reg_mon.cfg";
                        string line;
                        StreamReader file = null;
                        file = new StreamReader(filePath);
                        line = file.ReadLine();
                        WqlEventQuery query = new WqlEventQuery(
                              "SELECT * FROM RegistryValueChangeEvent WHERE " +
                              "Hive = 'HKEY_USERS'" +
                              @"AND KeyPath = '"+ identity.User +"\\Software\\Yahoo\\pager\\profiles\\"+ line +"\\Custom Msgs' AND ValueName='1_W'");
 
                        ManagementEventWatcher watcher = new ManagementEventWatcher(query);
                        Console.WriteLine("Waiting for an event...");
                        Console.WriteLine("AND KeyPath = '"+ identity.User +"\\Software\\Yahoo\\pager\\profiles\\"+ line +"\\Custom Msgs' AND ValueName='1_W'");
                        // Set up the delegate that will handle the change event.
                        watcher.EventArrived += new EventArrivedEventHandler(HandleEvent);
 
                        // Start listening for events.
                        watcher.Start();
 
                        // Do something while waiting for events. In your application,
                        // this would just be continuing business as usual.
                        System.Threading.Thread.Sleep(100000000);
 
                        // Stop listening for events.
                        watcher.Stop();
                  }
                  catch (ManagementException managementException)
                  {
                        Console.WriteLine("An error occurred: " + managementException.Message);
                  }
            }
 
            /// <summary>
            /// </summary>
            /// <param name="sender">
            /// The sender.
            /// </param>
            /// <param name="e">
            /// The e.
            /// </param>
            private void HandleEvent(object sender, EventArrivedEventArgs e)
            {
                  Console.WriteLine("Received an event.");
                  // RegistryKeyChangeEvent occurs here; do something.
            }
 
            /// <summary>
            /// </summary>
            public static void Main()
            {
                  // Just calls the class above to check for events...
                  WmiChangeEventTester receiveEvent = new WmiChangeEventTester();
            }
      }
}
 

</pre>
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 Kornfeld Eliyahu Peter 275
1 Maciej Los 204
2 Sergey Alexandrovich Kryukov 200
3 King Fisher 185
4 OriginalGriff 183
0 OriginalGriff 6,223
1 DamithSL 4,724
2 Maciej Los 4,196
3 Kornfeld Eliyahu Peter 3,894
4 Sergey Alexandrovich Kryukov 3,496


Advertise | Privacy | Mobile
Web01 | 2.8.141220.1 | Last Updated 9 Sep 2011
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100