private void button2_Click_1(object sender, EventArgs e) { VirusTotal virusTotal = new VirusTotal(System.Configuration.ConfigurationManager.AppSettings["ApiKey"]); //Use HTTPS instead of HTTP virusTotal.UseTLS = true; string chosenfile = listView1.FocusedItem.SubItems[2].Text;; FileInfo fileInfo = new FileInfo(chosenfile); // File.WriteAllText(fileInfo.FullName, @"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"); string hashreport1 = String.Empty; //Check if the file has been scanned before. VirusTotalNET.Objects.Report fileReport = virusTotal.GetFileReport(fileInfo); bool hasFileBeenScannedBefore = fileReport.ResponseCode == ReportResponseCode.Present; DialogResult dialogresult = MessageBox.Show("File has been scan before: ", " hasFileBeenScannedBefore", MessageBoxButtons.YesNo); //If the file has been scanned before, the results are embedded inside the report. if (dialogresult == DialogResult.Yes) { PrintScan(fileReport); string str = Convert.ToString(fileReport.Positives); //string[] splitedStrings = str.Split('-'); //string requestedValue = splitedStrings[0]; //textBox4.Text = str; foreach (ScanEngine scan in fileReport.Scans) { //string[] row1 = { scan.Name, Convert.ToString(scan.Detected) }; //listView1.Items.Add("Detect:").SubItems.AddRange(row1); MessageBox.Show(scan.Result); } } else { VirusTotalNET.Objects.ScanResult fileResult = virusTotal.ScanFile(fileInfo); PrintScan(fileResult); string str = Convert.ToString(fileReport.Positives); //string[] splitedStrings = str.Split('-'); // string requestedValue = splitedStrings[0]; //textBox4.Text = str; //textBox4.Text = str; foreach (ScanEngine scan in fileReport.Scans) { //string[] row1 = { scan.Name, Convert.ToString(scan.Detected) }; //listView1.Items.Add("Detect:").SubItems.AddRange(row1); MessageBox.Show(scan.Result); } } }
private static void PrintScan(ScanResult scanResult) { Console.WriteLine("Scan ID: " + scanResult.ScanId); Console.WriteLine("Message: " + scanResult.VerboseMsg); Console.WriteLine(); }
private void button1_Click(object sender, EventArgs e) { VirusTotal virusTotal = new VirusTotal(System.Configuration.ConfigurationManager.AppSettings["ApiKey"]); //Use HTTPS instead of HTTP virusTotal.UseTLS = true; //Create the EICAR test virus. See http://www.eicar.org/86-0-Intended-use.html string chosenfile = ""; openFileDialog1.InitialDirectory = "C:"; openFileDialog1.Title = "insert file"; openFileDialog1.FileName = ""; openFileDialog1.ShowDialog(); chosenfile = openFileDialog1.FileName; textBox1.Text = chosenfile; FileInfo fileInfo = new FileInfo(textBox1.Text); File.WriteAllText(fileInfo.FullName, @"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"); //Check if the file has been scanned before. VirusTotalNET.Objects.Report fileReport = virusTotal.GetFileReport(fileInfo); bool hasFileBeenScannedBefore = fileReport.ResponseCode == ReportResponseCode.Present; Console.WriteLine("File has been scanned before: " + (hasFileBeenScannedBefore ? "Yes" : "No")); //If the file has been scanned before, the results are embedded inside the report. if (hasFileBeenScannedBefore) { PrintScan(fileReport); } else { VirusTotalNET.Objects.ScanResult fileResult = virusTotal.ScanFile(fileInfo); PrintScan(fileResult); } Console.WriteLine(); Report urlReport = virusTotal.GetUrlReport(ScanUrl); bool hasUrlBeenScannedBefore = urlReport.ResponseCode == ReportResponseCode.Present; Console.WriteLine("URL has been scanned before: " + (hasUrlBeenScannedBefore ? "Yes" : "No")); //If the url has been scanned before, the results are embedded inside the report. if (hasUrlBeenScannedBefore) { PrintScan(urlReport); } else { ScanResult urlResult = virusTotal.ScanUrl(ScanUrl); PrintScan(urlResult); } Console.WriteLine("Press a key to continue"); Console.ReadLine(); }
private static void PrintScan(VirusTotalNET.Objects.ScanResult scanResult) { Console.WriteLine("Scan ID: " + scanResult.ScanId + "\n"); Console.WriteLine("Message: " + scanResult.VerboseMsg + "\n"); }
private void virusTotalScan(string PID) { try { FileInfo file = new FileInfo("EICAR.txt"); //File.WriteAllText(file.FullName, @"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"); File.WriteAllText(file.FullName, @"Hello World"); Process p = Process.GetProcessById(Int32.Parse(PID)); string filename = p.MainModule.FileName; //Find if the file has been already scanned DataTable processes = new DataTable(); DatabaseFactory.connectToDatabase(); string query = "select filename from malicious where filename = '" + Path.GetFileName(filename) + "'"; NpgsqlCommand objCommand = new NpgsqlCommand(query, DatabaseFactory.getCurrentConnection()); NpgsqlDataReader dr = objCommand.ExecuteReader(); DatabaseFactory.closeConnection(); if (!dr.HasRows) { byte[] resource; using (var md5 = MD5.Create()) { using (var stream = File.OpenRead(filename)) { resource = md5.ComputeHash(Encoding.UTF8.GetBytes(stream.ToString())); } } StringBuilder sBuilder = new StringBuilder(); // Loop through each byte of the hashed data // and format each one as a hexadecimal string. for (int i = 0; i < resource.Length; i++) { sBuilder.Append(resource[i].ToString("x2")); } string r = sBuilder.ToString(); Report fileReport = virusTotal.GetFileReport(file); bool hasFileBeenScannedBefore = fileReport.ResponseCode == ReportResponseCode.Present; //If the file has been scanned before, the results are embedded inside the report. if (hasFileBeenScannedBefore) { PrintScan(fileReport, Path.GetFileName(filename)); } else { FileInfo fileInfo = new FileInfo(filename); VirusTotalNET.Objects.ScanResult fileResult = virusTotal.ScanFile(fileInfo); PrintScan(fileResult); } } } catch (ArgumentException e) { //Process removed } catch (InvalidOperationException e) { //Process removed } catch (Win32Exception e) { //cannot scan system files } }
// if there isn't an active scan report already on the file // we want to go a head and grab the ScanID from it // and apply it to our Scan URL textbox. // this way we can either A: re-scan and get the updated // detections list or click VT Button and visit the site // directly. private void PrintScan(ScanResult scanResult) { iTalk_TextBox_Small3.Text = scanResult.ScanId; }