Private void Search ()
{
Try
{
This. listBox1.Items. Add ("");
This. listBox1.Items. Add ("Scan specified directory file ");
RegistryKey scan = Registry. LocalMachine. OpenSubKey ("SOFTWARE \ Honeydogchen \. Dog \ Scan", true );
String strdir = scan. GetValue ("FolderSelect"). ToString ();
If (this. checkBox2.Checked = true)
{
RegistryKey microsoft = Registry. LocalMachine. OpenSubKey ("SOFTWARE \ Microsoft", true );
RegistryKey currentversion1 = microsoft. OpenSubKey ("Windows NT \ CurrentVersion", true );
RegistryKey currentversion2 = microsoft. OpenSubKey ("Windows \ CurrentVersion", true );
Try
{
String system32dir = currentversion1.GetValue ("SystemRoot"). ToString ();
GetSystemFiles (system32dir + "\ SYSTEM32 ");
}
Catch (Exception)
{
}
Try
{
String systemdir = currentversion2.GetValue ("SystemRoot"). ToString ();
GetSystemFiles (systemdir + "\ SYSTEM ");
}
Catch (Exception)
{
}
}
GetCommonFiles (strdir );
This. textBox1.Text = strdir;
This. label1.Enabled = true;
This. label4.Enabled = true;
This. Cursor = System. Windows. Forms. Cursors. Default;
If (a = 0)
{
This. listBox1.Items. Add ("congratulations, no suspicious files are found ");
}
Else
{
This. listBox1.Items. Add ("detected" + a + "suspicious files, please use professional anti-virus software to kill ");
}
This. listBox1.Items. Add ("");
This. listBox1.Items. Add ("scanning is complete," + "A total of" + d + "processes," + B + "Files ");
This. listBox1.Items. Add ("");
This. listBox1.Items. Add ("anti-virus technical support ");
This. listBox1.Items. Add ("Email: honeydogchen@163.com ");
}
Catch (Exception)
{
}
}
Private void GetCommonFiles (string strDir)
{
String path = Application. StartupPath;
Share. Ini ini = new Share. Ini (path + "\ Virus. dat ");
DirectoryInfo dir = new DirectoryInfo (strDir );
Int number = Convert. ToInt16 (ini. IniReadValue ("VirusList", "Number "));
FileInfo [] exefiles = dir. GetFiles ("*. exe ");
Foreach (FileInfo f in exefiles)
{
This. textBox1.Text = f. FullName. ToString ();
This. textBox1.Refresh ();
For (int I = 0; I <number; I ++)
{
String name = Convert. ToString (ini. IniReadValue ("VirusList", "Name" + I ));
If (f. Name. ToLower (). EndsWith (name ))
{
This. listBox1.Items. Add ("Name:" + f. Name. ToString ());
This. listBox1.Items. Add ("Path:" + strDir + "\" + f. Name. ToString ());
A ++;
}
}
B ++;
}
If (this. checkBox3.Checked = true)
{
DirectoryInfo [] dir1List = dir. GetDirectories ();
For (int I = 0; I <dir1List. Length; I ++)
{
GetCommonFiles (strDir + "\" + dir1List [I]. Name );
}
}
}
Private void GetSystemFiles (string strDir)
{
String path = Application. StartupPath;
Share. Ini ini = new Share. Ini (path + "\ Virus. dat ");
DirectoryInfo dir = new DirectoryInfo (strDir );
Int number = Convert. ToInt16 (ini. IniReadValue ("VirusList", "Number "));
FileInfo [] exefiles = dir. GetFiles ("*. exe ");
Foreach (FileInfo f in exefiles)
{
This. textBox1.Text = f. FullName. ToString ();
This. textBox1.Refresh ();
For (int I = 0; I <number; I ++)
{
String name = Convert. ToString (ini. IniReadValue ("VirusList", "Name" + I ));
If (f. Name. ToLower (). EndsWith (name ))
{
This. listBox1.Items. Add ("Name:" + f. Name. ToString ());
This. listBox1.Items. Add ("Path:" + strDir + "\" + f. Name. ToString ());
A ++;
}
}
B ++;
}
}
Private void CheckRegistry ()
{
Int h = 0;
Int I = 0;
Int j = 0;
Int k = 0;
Int l = 0;
Int n = 0;
This. listBox1.Visible = true;
Try
{
This. listBox1.Items. Clear ();
This. listBox1.Items. Add ("Scan Registry Startup item ");
RegistryKey hklm = Registry. LocalMachine;
RegistryKey hkcu = Registry. CurrentUser;
RegistryKey hkcr = Registry. ClassesRoot;
RegistryKey run1 = hklm. OpenSubKey ("SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run ");
Foreach (string sValName1 in run1.GetValueNames ())
{
This. listBox1.Items. Add ("" + sValName1 + ":" + run1.GetValue (sValName1 ));
}
RegistryKey run2 = hkcu. OpenSubKey ("Software \ Microsoft \ Windows \ CurrentVersion \ Run ");
Foreach (string sValName2 in run2.GetValueNames ())
{
This. listBox1.Items. Add ("" + sValName2 + ":" + run2.GetValue (sValName2 ));
}
This. listBox1.Items. Add ("");
This. listBox1.Items. Add ("scan file association status ");
RegistryKey currentversion1 = hklm. OpenSubKey ("SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion", true );
RegistryKey winlogon = currentversion1.OpenSubKey ("Winlogon", true );
RegistryKey windowstoo = currentversion1.OpenSubKey ("Windows", true );
Try
{
RegistryKey currentversion2 = hklm. OpenSubKey ("SOFTWARE \ Microsoft \ Windows \ CurrentVersion", true );
String systemdir = currentversion2.GetValue ("SystemRoot"). ToString ();
If (systemdir! = "")
{
Share. Ini ini = new Share. Ini (systemdir + "\ System. ini ");
String explorer = Convert. ToString (ini. IniReadValue ("boot", "shell "));
If (explorer! = "Assumer.exe" & explorer! = "Assumer.exe ")
{
N ++;
This. listBox1.Items. Add ("Shell =" + explorer + "exception ");
}
Ini = new Share. Ini (systemdir + "\ Win. ini ");
String run = Convert. ToString (ini. IniReadValue ("windows", "run "));
If (run! = "")
{
N ++;
This. listBox1.Items. Add ("run =" + run + "exception ");
}
String load = Convert. ToString (ini. IniReadValue ("windows", "load "));
If (load! = "")
{
N ++;
This. listBox1.Items. Add ("load =" + load + "exception ");
}
}
}
Catch (Exception)
{
}
Try
{
String explorer = winlogon. GetValue ("Shell"). ToString ();
If (explorer! = "Assumer.exe" & explorer! = "Assumer.exe ")
{
N ++;
This. listBox1.Items. Add ("Shell =" + explorer + "exception ");
}
String runtoo = windowstoo. GetValue ("run"). ToString ();
If (runtoo! = "")
{
N ++;
This. listBox1.Items. Add ("run =" + runtoo + "exception ");
}
String loadtoo = windowstoo. GetValue ("load"). ToString ();
If (loadtoo! = "")
{
N ++;
This. listBox1.Items. Add ("load =" + loadtoo + "exception ");
}
}
Catch (Exception)
{
}
RegistryKey command1 = hkcr. OpenSubKey ("txtfile \ shell \ open \ command", true );
Foreach (string txt in command1.GetValueNames ())
{
String txt1 = command1.GetValue (txt). ToString ();
If (txt1! = "NOTEPAD. EXE % 1" & txt1! = "Notepad.exe % 1 ")
{
H ++;
This. listBox1.Items. Add ("txt file association:" + txt1.ToString () + "exception ");
}
}
RegistryKey command2 = hkcr. OpenSubKey ("exefile \ shell \ open \ command", true );
Foreach (string exe in command2.GetValueNames ())
{
String exe1 = command2.GetValue (exe). ToString ();
String exe10 = "\" "+" % 1 "+" \ "" + "% *";
If (exe1! = Exe10)
{
I ++;
This. listBox1.Items. Add ("exe file association:" + exe1 + "exception ");
}
}
RegistryKey command3 = hkcr. OpenSubKey ("regfile \ shell \ open \ command", true );
Foreach (string reg in command3.GetValueNames ())
{
String reg1 = command3.GetValue (reg). ToString ();
String reg10 = "regedit.exe" + "\" "+" % 1 "+ "\"";
If (reg1! = Reg10)
{
J ++;
This. listBox1.Items. Add ("reg file association:" + reg1 + "exception ");
}
}
RegistryKey command4 = hkcr. OpenSubKey ("comfile \ shell \ open \ command", true );
Foreach (string com in command4.GetValueNames ())
{
String com1 = command4.GetValue (com). ToString ();
String com10 = "\" "+" % 1 "+" \ "" + "% *";
If (com1! = Com10)
{
K ++;
This. listBox1.Items. Add ("com file association:" + com1 + "exception ");
}
}
RegistryKey command5 = hkcr. OpenSubKey ("batfile \ shell \ open \ command", true );
Foreach (string bat in command5.GetValueNames ())
{
String bat1 = command5.GetValue (bat). ToString ();
String bat10 = "\" "+" % 1 "+" \ "" + "% *";
If (bat1! = Bat10)
{
L ++;
This. listBox1.Items. Add ("bat file association:" + bat1 + "exception ");
}
}
}
Catch (Exception)
{
}
If (n = 0)
This. listBox1.Items. Add ("assumer.exe, Win. ini, and System. ini are normal ");
If (h = 0)
This. listBox1.Items. Add ("txt file association is normal ");
If (I = 0)
This. listBox1.Items. Add ("the exe file is associated normally ");
If (j = 0)
This. listBox1.Items. Add ("reg file association is normal ");
If (k = 0)
This. listBox1.Items. Add ("com file association is normal ");
If (l = 0)
This. listBox1.Items. Add ("bat file association is normal ");
}
Private void CheckProcess ()
{
Try
{
This. listBox1.Items. Add ("");
This. listBox1.Items. Add ("scan the current system process ");
Process [] procList = new System. Diagnostics. Process [50];
ProcList = Process. GetProcesses ();
D = procList. GetLength (0 );
String path = Application. StartupPath;
Share. Ini ini = new Share. Ini (path + "\ Virus. dat ");
Int number = Convert. ToInt16 (ini. IniReadValue ("VirusList", "Number "));
For (int I = 0; I <procList. GetLength (0); I ++)
{
String strProcName = procList [I]. ProcessName + ". exe ";
This. textBox1.Text = "ProcName:" + strProcName;
This. textBox1.Refresh ();
Thread. Sleep (50 );
Activate ();
For (int j = 0; j <number; j ++)
{
String name = Convert. ToString (ini. IniReadValue ("VirusList", "Name" + j ));
If (strProcName. ToLower () = name)
{
This. listBox1.Items. Add ("name:" + strProcName );
This. listBox1.Items. Add ("Path:" + procList [I]. MainModule. FileName );
C ++;
}
}
}
}
Catch (Exception)
{
}
If (c = 0)
{
This. listBox1.Items. Add ("congratulations, no suspicious processes are found ");
}
Else
{
This. listBox1.Items. Add ("detected" + c + "suspicious processes. Please use professional anti-virus software to kill ");
}
}