This is my class:
class Program
{
[DllImport("User32", CharSet = CharSet.Auto)]
public static extern int SystemParametersInfo(int uiAction, int uiParam,
string pvParam, uint fWinIni);
static void Main(string[] args)
{
while (true)
{
if (!Directory.Exists("C:/temp"))
{
Directory.CreateDirectory("C:/temp");
}
if (!File.Exists(@"c:\temp\image.png"))
{
using (WebClient client = new WebClient())
{
client.DownloadFile(new Uri("https://i.imgur.com/dhaP3Mu.png"), @"c:\temp\image.png");
}
}
if (!CheckWallpaper(@"c:\temp\image.png"))
{
SystemParametersInfo(0x0014, 0, @"c:\temp\image.png", 0x0001);
}
Thread.Sleep(1000);
}
}
static bool CheckWallpaper(string imagePath)
{
bool isSame = false;
try
{
using (RegistryKey key = Registry.CurrentUser.OpenSubKey(@"Control Panel\Desktop\WallPaper"))
{
if (key != null)
{
Object o = key.GetValue(imagePath);
if (o != null)
{
Version version = new Version(o as String); //"as" because it's REG_SZ...otherwise ToString() might be safe(r)
}
}
}
}
catch (Exception ex) //just for demonstration...it's always best to handle specific exceptions
{
//react appropriately
}
return isSame;
}
}
It's just a little prank, that makes the user impossible to change his wallpaper. But now I couldn't build it, cause eData instantly said that it's a virus of gen "Variant.Razy.587029". I can understand it thinks that it's a virus, so is there a way to improve my code that it doesn't look suspicious? I don't have the problem with Kaspersky. And I cannot change the virus scan settings, as it is not my pc obviously
EDIT: I'm not finished yet, for example the CheckWallpaper() always outputs false, I just wanted to test it.
EDIT2: I now changed the Wallpaper-check from "Looking in Registry" to "Compare %appdata%/Roaming/Microsoft/Windows/Themes/TranscodedWallpaper with my Image.png. I also added a Thread.Sleep(1000), else the program gets detected again"
