Windows Defender Antivirus scan from C# [AccessViolation exception]


we writing code on-demand scan of file c# using windows defender apis.

  [dllimport(@"c:\program files\windows defender\mpclient.dll")]         public static extern int wdstatus(out bool pfenabled);          [dllimport(@"c:\program files\windows defender\mpclient.dll")]         public static extern int mpmanageropen(uint dwreserved, out intptr phmphandle);          [dllimport(@"c:\program files\windows defender\mpclient.dll")]         public static extern int mpscanstart(intptr hmphandle, uint scantype, uint dwscanoptions, intptr pscanresources, intptr pcallbackinfo, out intptr phscanhandle);          [dllimport(@"c:\program files\windows defender\mpclient.dll")]         public static extern int mphandleclose(intptr hmphandle);          private void dodefenderscan_click(object sender, eventargs e)         {             try             {                 bool pfenabled;                 int result = wdstatus(out pfenabled); //returns defender status - it's working properly.                 errorhandler.throwonfailure(result, vsconstants.s_ok);                  intptr phmphandle;                 uint dwreserved = 0;                  intptr phscanhandle;                  mpmanageropen(dwreserved, out phmphandle); //opens defender , returns handle in phmphandle.                   tagmpresource_info mpresourceinfo = new tagmpresource_info();                 mpresourceinfo.path = "eicar.com";                 mpresourceinfo.scheme = "file";                 mpresourceinfo.class = new mpresource_class() { value = unchecked((int)0x0000) };                  tagmpresource_info[] presourcelist = new tagmpresource_info[1];                 presourcelist.setvalue(mpresourceinfo, 0);                  tagmpscan_resources scanresource = new tagmpscan_resources();                 scanresource.dwresourcecount = 1;                 scanresource.presourcelist = presourcelist;                 intptr resourcepointer = structtoptr(scanresource);                  result = mpscanstart(phmphandle, 3, 0, resourcepointer, intptr.zero, out phscanhandle); **//getting access violation exception here**.                  mphandleclose(phmphandle);                 mphandleclose(phscanhandle);                 marshal.freehglobal(resourcepointer);             }             catch (exception)             { }         }

and structure defined here.

[structlayout(layoutkind.sequential, pack = 1)]     public struct tagmpscan_resources     {         public uint dwresourcecount;          [marshalas(unmanagedtype.byvalarray, arraysubtype = unmanagedtype.struct, sizeconst = 1)]         public tagmpresource_info[] presourcelist;     }      [structlayout(layoutkind.sequential, pack = 1)]     public struct tagmpresource_info     {         [marshalas(unmanagedtype.lpwstr)]         public string scheme;          [marshalas(unmanagedtype.lpwstr)]         public string path;           public intptr class;     }      public class mpresource_class     {         public uint value;     }      private static intptr structtoptr(object obj)     {         var ptr = marshal.allochglobal(marshal.sizeof(obj));         marshal.structuretoptr(obj, ptr, false);         return ptr;     }

code written based on documentation available at

https://msdn.microsoft.com/en-us/library/vs/alm/dn920144(v=vs.85).aspx

getting exception.

attempted read or write protected memory. indication other memory corrupt.

problem? format of struct correct?

p.s - no information mpresource_class available in msdn.

i'm not sure, whether line of code correct.

 mpresourceinfo.class = intptr.zero;


midhunlal



p.s - no information mpresource_class available in msdn.

values mpresource_class type can found at :

https://msdn.microsoft.com/pl-pl/goglobal/dn920120



Visual Studio Languages  ,  .NET Framework  >  Visual C#



Comments

Post a Comment

Popular posts from this blog

Azure DocumentDB Owner resource does not exist

having same error microsoft.azure.documents.documentclientexception: message: {"errors":["owner resource not exist"]} , scenario. when deployed webapp azure , try document docdb throws error. docdb exists in azure , contains document looking for. weird local machine(running vs) works fine. i'm using same settings in azure , local. have , idea this. thanks Microsoft Azure  >  Azure Cosmos DB
Read more

BizTalk Server 2013 Azure VM Log Shipping and HA for hosts

hi , background: for our customer, having a  2 biztalk , 1 sql setup of environment. [biztalk server 2013 azure vms provisioned azure gallery, sql server 2012 azure vm ]. in current configuration, there no high availability or disaster recovery plan set. want implement dr , possibly ha configuration on these servers. i have few questions regarding same. please let me know thoughts on same. currently writing log files (log shipping files) mounted/attached drive same sql server. how move these log files across secondary site since shared storage not supported. in case of sql server crash, losing log files since reside on same server. please share options on how can move these periodically between datacenters. for hosts pop3, ftp need host clustering (which requires biztalk machines present on windows cluster traditionally), please let know how achieve in azure scenario thanks , regards, ujjwal devarapalli -ujjwal you can refer article, issue azure vm lo...
Read more

How to Share webservice object to all user

dear all,            how share webservice object user. in pageload i have created webservice object in pages.so performance level go down.            shall create application level mean it's possible share object in user?             if 1 ,it occur deadlock or anyother problem?             or else how share webservice object user.             please me.... advance you. regards, santhosh you can use application object. if updating application object, can use  application.lock(); , then  application.unlock(); thanks, nishanth mohan visit places in london free!!! a large collection of english / hindi / malayalam / tamil sms messages a large collection of english / hindi / malayalam / tamil s...
Read more