SHARE
TWEET

Untitled

a guest Jun 16th, 2019 46 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Linq;
  4. using System.Text;
  5. using System.Threading.Tasks;
  6. using System.IO;
  7.  
  8. using System.Runtime.InteropServices;
  9. using System.Security.Permissions;
  10. //create 2 folders
  11.  
  12.  
  13. //transfer data placed in one to the other after checking
  14. //virus status
  15. //check inca connection
  16. //check power connection
  17. //antivirus scan
  18. //create source folder
  19. //check drive capacity
  20.  
  21. namespace Updates
  22. {
  23.     class Program
  24.     {
  25.  
  26.         [DllImport("Amsi.dll", EntryPoint = "AmsiInitialize", CallingConvention = CallingConvention.StdCall)]
  27.         public static extern int AmsiInitialize([MarshalAs(UnmanagedType.LPWStr)]string appName, out IntPtr amsiContext);
  28.  
  29.         [DllImport("Amsi.dll", EntryPoint = "AmsiUninitialize", CallingConvention = CallingConvention.StdCall)]
  30.         public static extern void AmsiUninitialize(IntPtr amsiContext);
  31.  
  32.         [DllImport("Amsi.dll", EntryPoint = "AmsiOpenSession", CallingConvention = CallingConvention.StdCall)]
  33.         public static extern int AmsiOpenSession(IntPtr amsiContext, out IntPtr session);
  34.  
  35.         [DllImport("Amsi.dll", EntryPoint = "AmsiCloseSession", CallingConvention = CallingConvention.StdCall)]
  36.         public static extern void AmsiCloseSession(IntPtr amsiContext, IntPtr session);
  37.  
  38.         [DllImport("Amsi.dll", EntryPoint = "AmsiScanString", CallingConvention = CallingConvention.StdCall)]
  39.         public static extern int AmsiScanString(IntPtr amsiContext, [InAttribute()] [MarshalAsAttribute(UnmanagedType.LPWStr)]string @string, [InAttribute()] [MarshalAsAttribute(UnmanagedType.LPWStr)]string contentName, IntPtr session, out AMSI_RESULT result);
  40.         [DllImport("Amsi.dll", EntryPoint = "AmsiScanBuffer", CallingConvention = CallingConvention.StdCall)]
  41.         public static extern int AmsiScanBuffer(IntPtr amsiContext, byte[] buffer, ulong length, string contentName, IntPtr session, out AMSI_RESULT result);
  42.  
  43.         //This method apparently exists on MSDN but not in AMSI.dll (version 4.9.10586.0)
  44.         [DllImport("Amsi.dll", CharSet = CharSet.Unicode, CallingConvention = CallingConvention.StdCall)]
  45.         public static extern bool AmsiResultIsMalware(AMSI_RESULT result);
  46.  
  47.  
  48.         static void Main(string[] args)
  49.         {
  50.             PaintCar(CarColor.blue);
  51.             bool xxx;
  52.             string sourcePath = @"D:\TestSource";
  53.             string destinationPath = @"D:\TestDestination";
  54.             Find:
  55.             string[] move = Directory.GetFiles(sourcePath, "*.*", SearchOption.AllDirectories);
  56.             if (move.Length != 0)
  57.             {
  58.                 xxx = true;
  59.                 foreach (string file in move)
  60.                 {
  61.                     //check file size
  62.                     //check drive capacity
  63.                     string a = Path.GetFullPath(file);
  64.                    
  65.                     string files = Path.GetFileName(file);
  66.                     string fileContent = File.ReadAllText(file);
  67.  
  68.                     CallAntimalwareScanInterface(fileContent, files);
  69.  
  70.                     string dstfile = Path.Combine(destinationPath, files);
  71.                     if (File.Exists(dstfile))
  72.                     {
  73.                         dstfile = dstfile + "copy";
  74.                         File.Move(a, dstfile);
  75.                         //File.Delete(e.FullPath);    // For example
  76.                     }
  77.                     else
  78.                     {
  79.                         File.Move(a, dstfile);
  80.  
  81.  
  82.                     }
  83.                    
  84.                     Console.WriteLine("{a} is in directory {file}");
  85.  
  86.                 }
  87.  
  88.             }
  89.  
  90.             else
  91.             {
  92.                 xxx = false;
  93.                 Console.WriteLine("Empty");
  94.                 System.Threading.Thread.Sleep(20000);
  95.  
  96.             }
  97.             goto Find;
  98.            
  99.         }
  100.  
  101.         static void CallAntimalwareScanInterface(string fileContent, string fileName)
  102.         {
  103.             IntPtr amsiContext;
  104.             IntPtr session;
  105.             AMSI_RESULT result = 0;
  106.             int returnValue;
  107.  
  108.             //implement for bytes
  109.            
  110.            
  111.             //returnValue = AmsiScanBuffer
  112.  
  113.  
  114.             //implement for stream
  115.             //check data type
  116.  
  117.             returnValue = AmsiInitialize("AliceLocalUpdates", out amsiContext);
  118.             returnValue = AmsiOpenSession(amsiContext, out session);
  119.             //returnValue = AmsiScanString(amsiContext, @"X5O!P % @AP[4\PZX54(P ^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*", "EICAR", session, out result);
  120.             returnValue = AmsiScanString(amsiContext, fileContent, fileName, session, out result);
  121.            // AmsiResultIsMalware(result);
  122.            
  123.             AmsiCloseSession(amsiContext, session);
  124.  
  125.             AmsiUninitialize(amsiContext);
  126.             Console.WriteLine("{0} in {1} has been checked for virus with result: {2} and return value of {3}", fileName, fileContent, result, returnValue);
  127.  
  128.  
  129.         }
  130.         static void moveFiles()
  131.         {
  132.             bool check;
  133.            
  134.         }
  135.         FileSystemWatcher watcher = new FileSystemWatcher();
  136.  
  137.         public enum AMSI_RESULT
  138.         {
  139.             AMSI_RESULT_CLEAN = 0,
  140.             AMSI_RESULT_NOT_DETECTED = 1,
  141.             AMSI_RESULT_DETECTED = 32768
  142.         }
  143.  
  144.        
  145.          
  146.         [PermissionSet(SecurityAction.Demand, Name = "FullTrust")]
  147.         private static void Run()
  148.         {
  149.             //string[] args = Environment.GetCommandLineArgs();
  150.             //if (args.Length != 2)
  151.             //{
  152.             //    Console.WriteLine("Usage: Watcher.exe (directory)");
  153.             //    return;
  154.             //}
  155.  
  156.             using (FileSystemWatcher watcher = new FileSystemWatcher())
  157.             {
  158.                 //watcher.Path = ;
  159.                 watcher.NotifyFilter = NotifyFilters.LastAccess
  160.                     | NotifyFilters.LastWrite
  161.                     | NotifyFilters.FileName
  162.                     | NotifyFilters.DirectoryName;
  163.                 watcher.Filter = "*.*";
  164.  
  165.                 watcher.Changed += OnChanged;
  166.                 watcher.Created += OnChanged;
  167.                 watcher.Deleted += OnChanged;
  168.                // watcher.Renamed += OnRenamed;
  169.  
  170.                 watcher.EnableRaisingEvents = true;
  171.  
  172.                 Console.WriteLine("Press 'q' to quit");
  173.                 while (Console.Read() != 'q') ;
  174.             }
  175.         }
  176.  
  177.         //private static void OnRenamed(object sender, RenamedEventArgs e)
  178.         //{
  179.        
  180.         //}
  181.  
  182.         private static void OnChanged(object sender, FileSystemEventArgs e)
  183.         {
  184.            
  185.         }
  186.  
  187.  
  188.         static void GetSum(int number, out int solution)
  189.         {
  190.             solution = number * 2;
  191.  
  192.         }
  193.         enum CarColor
  194.         {
  195.             Orange = 3,
  196.             blue,
  197.             red = 7,
  198.             green
  199.  
  200.         }
  201.         static void PaintCar(CarColor cc)
  202.         {
  203.             Console.WriteLine("The color {0} has the code {1}", cc, (int)cc);
  204.         }
  205.  
  206.         public static void Swap(ref int num1, ref int num2)
  207.         {
  208.             int temp = num1;
  209.             num1 = num2;
  210.             num2 = temp;
  211.         }
  212.  
  213.         public static double getMore(params double[] nums)
  214.         {
  215.             double sum = 0;
  216.             foreach (int num in nums)
  217.             {
  218.                 sum += num;
  219.             }
  220.             return sum;
  221.         }
  222.  
  223.         public static void PrintInfo(string name, int zipCode)
  224.         {
  225.             Console.WriteLine(name, zipCode);
  226.         }
  227.         //public void CreateFolders(sourceName, destinationFolderName)
  228.         //{
  229.         //    if (!sourceFolderDirectory.Exists())
  230.         //    {
  231.         //        //CreateFolders
  232.  
  233.         //    }
  234.         //}
  235.         //public void MoveFiles(source, destination)
  236.         //{
  237.         //    if (fileAddedToFolder)
  238.         //    {
  239.         //        runVirusScan();
  240.         //        MoveFilesFromSourceToDestination();
  241.         //    }
  242.         //}
  243.  
  244.     }
  245. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top