With a program written in C # .NET Core 3.1, I have to manage the download of EXE or DLL file updates. On the client PC there are some files that must be regularly updated through this program, which downloads the new version of the files. Currently these files are not digitally signed (for now it is not possible to sign them, perhaps in the future) and as a result, the download of these files is often blocked by the antivirus software installed on the machine. To allow files to be downloaded, you need to create a rule to exclude these files from antivirus blocks.
I would like to implement a check that verifies that these file updates can pass the antivirus checks or not, before be downloaded, without actually having to download them (the download is quite a complicated procedure).
For now I have done these tests:
- read the exclusion rules set in the antivirus (perhaps via even software API) to verify that there are those relating to the files to be updated, but given the variety of possible antivirus present on the clients it becomes difficult to create a single solution. Furthermore, there does not seem to be any thing like this in the documentation I found in different of main antivirus product
- Interface through the AMSI Windows API (Windows 10). In this way I am able to exec a scan of the file existing on the machine, but it seems that the same scan rules applied to the files at the time of download are not applied in this kind of scan.
Any ideas to implement such a feature?