Merge remote-tracking branch 'origin/master'

Update README

Program.cs

@@ -1,6 +1,7 @@
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
+using System.Globalization;
 using System.IO;
 using System.Linq;
 using System.Threading;
@@ -83,11 +84,34 @@ namespace ame_integrity_check
                             if (parentPath.Contains("*")) throw new ArgumentException("Parent directories to a given file filter cannot contain wildcards.");
                             var filter = item.Substring(lastToken + 1);
 
-                            foundItem = Directory.GetDirectories(parentPath, filter).Any();
-                            break;
+                            var foundDirs = Directory.GetDirectories(parentPath, filter);
+                            
+                            foreach (var foundDir in foundDirs)
+                            {
+                                foreach (var file in Directory.GetFiles(foundDir, "*", SearchOption.AllDirectories))
+                                {
+                                    if (!file.ToLower().EndsWith(".mui") && !file.ToLower().EndsWith(".pri") && !file.ToLower().EndsWith(".res"))
+                                    {
+                                        foundItem = true;
+                                    }
+                                }
+                            }
                         }
-                        
-                        foundItem = Directory.Exists(item);
+                        else
+                        {
+
+                            if (Directory.Exists(item))
+                            {
+                                foreach (var file in Directory.GetFiles(item, "*", SearchOption.AllDirectories))
+                                {
+                                    if (!file.ToLower().EndsWith(".mui") && !file.ToLower().EndsWith(".pri") && !file.ToLower().EndsWith(".res"))
+                                    {
+                                        foundItem = true;
+                                    }
+                                }
+                            }
+                        }
+
                         break;
                     case Type.Process:
                         foundItem = Process.GetProcessesByName(item).Any();
@@ -100,7 +124,14 @@ namespace ame_integrity_check
                         break;
                 }
             } catch (Exception e) {
-                errorOverride = true;
+                if (e.GetType().ToString() == "System.UnauthorizedAccessException" || e.GetType().ToString() == "System.Security.SecurityException")
+                {
+                    foundItem = true;
+                }
+                else
+                {
+                    errorOverride = true;
+                }
             }
 
             if (foundItem) found = true;
@@ -152,7 +183,7 @@ namespace ame_integrity_check
         public static int PreviousSizeHeight;
         public static int PreviousSizeWidth;
 
-        public const double Ver = 0.9;
+        public const string Ver = "1.0";
         
         public static void Main(string[] args)
         {
@@ -161,9 +192,15 @@ namespace ame_integrity_check
             PreviousBufferHeight = Console.BufferHeight;
             PreviousBufferWidth = Console.BufferWidth;
 
-            Console.SetWindowSize(80, 26);
-            Console.SetBufferSize(80, 26);
-            Console.SetWindowSize(80, 26);
+            try
+            {
+                Console.SetWindowSize(80, 26);
+                Console.SetBufferSize(80, 26);
+                Console.SetWindowSize(80, 26);
+            } catch (Exception e)
+            {
+
+            }
             
             Console.Clear();
 
@@ -243,7 +280,7 @@ namespace ame_integrity_check
                 scanner.Query(Type.File, "%WINDIR%\\System32\\wuapi.dll", true);
                 
                 scanner.displayTask = scanner.DisplayQuery("Checking Microsoft Edge...", 200);
-                scanner.Query(Type.Directory, "%ProgramFiles(x86)%\\Microsoft\\EdgeCore");
+                scanner.Query(Type.Directory, "%ProgramFiles(x86)%\\Microsoft\\Edge");
                 scanner.Query(Type.Directory, "%WINDIR%\\SystemApps\\*MicrosoftEdge*", true);
                 
                 scanner.displayTask = scanner.DisplayQuery("Checking for Microsoft Store activity...", 200);
@@ -279,11 +316,11 @@ namespace ame_integrity_check
             var posCacheLeft = Console.CursorLeft;
 
             while (Console.KeyAvailable) {
-                Console.ReadKey(false);
+                Console.ReadKey(true);
             }
-            Console.SetCursorPosition(posCacheLeft, posCacheTop);
-            Console.Write("".PadLeft(Console.WindowHeight, ' '));
-            Console.SetCursorPosition(posCacheLeft, posCacheTop);
+            //Console.SetCursorPosition(posCacheLeft, posCacheTop);
+            //Console.Write("".PadLeft(Console.WindowHeight, ' '));
+            //Console.SetCursorPosition(posCacheLeft, posCacheTop);
         }
         private static void Exit(object sender, ConsoleCancelEventArgs args)
         {
@@ -302,9 +339,15 @@ namespace ame_integrity_check
             Console.CursorVisible = true;
             Console.Clear();
             Console.Title = PreviousTitle;
-            
-            Console.SetWindowSize(PreviousSizeWidth, PreviousSizeHeight);
-            Console.SetBufferSize(PreviousBufferWidth, PreviousBufferHeight);
+
+            try
+            {
+                Console.SetWindowSize(PreviousSizeWidth, PreviousSizeHeight);
+                Console.SetBufferSize(PreviousBufferWidth, PreviousBufferHeight);
+            } catch (Exception e)
+            {
+
+            }
         }
     }
 

README.md

@@ -1,24 +1,40 @@
 # AME Integrity Check (ameck)
 
-Program for checking the integrity of an AME installation.
+Tool for checking the integrity of an AME installation.
 
 ![AME Integrity Check Screenshot](screenshot.png)
 
 ## Usage
 
-You can download the script by going to the [latest release](https://git.ameliorated.info/Joe/ameck/releases/latest) and selecting `ameck.exe` from the **Downloads** section. Once downloaded, simply run `ameck.exe`.
+You can download the tool by going to the [latest release](https://git.ameliorated.info/Styris/ameck/releases) and selecting `ameck.exe` from the **Downloads** section.
+
+Once downloaded, simply run `ameck.exe`.
+
+## Summary
+
+While AME installations are generally very resilient, certain user actions can trigger Windows to perform the self-healing process, causing previously removed programs like Microsoft Edge or Windows Update to appear, such as:
+
+- running `/sfc` commands
+
+- installing certain pirated software
+
+- installing software that have significant privileges over a system, such as Microsoft Edge or antiviruses
+
+To find out more about potential causes for self-healing, take a look at the [AME Self-Healing Report](https://wiki.ameliorated.info/lib/exe/fetch.php?media=ame-heal_2_.pdf).
+
+In the event that you suspect an AME installation has been compromised, this tool can be used for checking the integrity of an AME installation.
 
 ## Compilation
 
 Requirements:
 
-* Visual Studio or relevent IDE with .NET desktop development
+* Visual Studio or relevant IDE with .NET desktop development
 
 Steps:
 
 1. Clone the repository:
    ```
-   git clone https://git.ameliorated.info/Joe/ameck.git
+   git clone https://git.ameliorated.info/Styris/ameck.git
    ```
 2. Open `ameck.sln`
 

ameck.csproj

@@ -12,6 +12,7 @@
         <TargetFrameworkVersion>v4.7.2</TargetFrameworkVersion>
         <FileAlignment>512</FileAlignment>
         <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
+        <ApplicationIcon>console.ico</ApplicationIcon>
     </PropertyGroup>
     <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
         <PlatformTarget>x64</PlatformTarget>
@@ -113,6 +114,9 @@
       <PackageReference Include="System.Xml.ReaderWriter" Version="4.3.0" />
       <PackageReference Include="System.Xml.XDocument" Version="4.3.0" />
     </ItemGroup>
+    <ItemGroup>
+      <None Include="console.ico" />
+    </ItemGroup>
     <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
     <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
          Other similar extension points exist, see Microsoft.Common.targets.