public void Run(ref Report report, List <Dictionary <string, string> > list) { foreach (var directory in directories) { if (!Directory.Exists(directory)) { continue; } foreach (var file in SafeFileEnumerator.EnumerateFiles(directory, "*.exe", SearchOption.AllDirectories)) { if (file.Length > 248) { continue; } var fileDate = FileInspector.GetDate(file); if ((fileDate - DateTime.Now).TotalDays > 14) { continue; } try { list.Add(new Dictionary <string, string> { { "token", "File" }, { "hash", "[" + FileInspector.GetHash(file) }, { "date", fileDate.ToString("MM-dd-yyyy") + "]" }, { "publisher", "(" + FileInspector.GetPublisher(file) + ")" }, { "path", file } }); } catch (IOException) { list.Add(new Dictionary <string, string> { { "token", "File" }, { "date", "[" + fileDate.ToString("MM-dd-yyyy") + "]" }, { "path", file } }); } } } report.Add(list); }
public void Run(ref Report report, List <Dictionary <string, string> > list) { var processes = Process.GetProcesses(); var sortedProcesses = processes.OrderBy(process => process.Id).ToList(); foreach (var process in sortedProcesses) { if (process.Id == 0) { continue; } string path; string publisher = ""; bool error = false; try { path = process.MainModule.FileName; publisher = FileInspector.GetPublisher(path); } catch (Win32Exception) { continue; } catch (InvalidOperationException) { path = ""; error = true; } list.Add(new Dictionary <string, string> { { "token", "Proc" }, { "publisher", !error ? "(" + publisher + ")" : "" }, { "path", !error ? path : "(could not get path)" }, { "pid", "[" + process.Id + "]" }, }); } report.Add(list); }