antivirus | 易学教程

Is there any Anti Virus product which provides a .Net (or COM) API?

阅读更多关于 Is there any Anti Virus product which provides a .Net (or COM) API?

问题 We need to send uploaded files from our CMS website to any antivirus product as a POC. Are there any AV products out there that provide a .Net/COM API. 回答1: Clam AntiVirus has an API available under the GNU GPL which you can probably wrap up with SWIG. If for any reason you don't want their code in your process, you can also use their (very simple) socket protocol: open a socket and send it SCAN filename , or send it STREAM and it will send back a port number to which you can then send a byte

Check anti-virus status in C#

阅读更多关于 Check anti-virus status in C#

问题 I need to check a group of servers to see whether the anti virus is up-to-date and running. Tricky thing is that they are spread over Windows 2003 and 2008 servers and I need to be able to check them all. Is there any way of doing this with C# or VB.NET? I have briefly looked around using WMI, but it appears on 2008/win7 computers Microsoft has changed what information they give back to you. In summary, I need the following: AV name AV version AV Up-to-Date AV Enabled/Running Can anyone help?

Use Microsoft AntiVirus API for File Upload Scanning

阅读更多关于 Use Microsoft AntiVirus API for File Upload Scanning

Has anyone here used Microsoft Anti-Virus API to scan file uploads using any anti-virus ? What is your experience. I want to use mcafee, trend or other well known AV to be called programatically. It seems that Microsoft AntiVirus API is not suitable for scanning uploaded files. From http://msdn.microsoft.com/en-us/library/ms537371(VS.85).aspx The Antivirus API enables software vendors to develop applications that scan Microsoft Office 2000 documents before opening them . The API also supports scanning Microsoft Internet Explorer 5 code downloads, such as Microsoft ActiveX Controls or installs.

How does Firefox Version 3 invoke the anti-virus feature on Windows to scan a download?

阅读更多关于 How does Firefox Version 3 invoke the anti-virus feature on Windows to scan a download?

问题 Another question on StackOverflow is asking how this is done, but the general question of how Firefox manages this is even more useful, and would answer that question also. Without reading all the source code to firefox (I haven't time) - is anyone familiar enough with Firefox V3's ability to invoke a scan on any downloaded EXE file to know how it works? I would think any anti-virus program with active protection would hook into windows and be run automatically. Does firefox detect these

how to recompile the bootloader of Pyinstaller

阅读更多关于 how to recompile the bootloader of Pyinstaller

问题 I have an AntiVirus false positive problem of my exe file generated using PyInstaller, by searching i found this answer witch consist of recompiling the bootloader and i just can't get it done. This what i've tried so far: try to install C++ build-tools with choco using "choco install -y vcbuildtools" for some reasons the installation failed. installing visual studio community from here then goes to "cd bootloader" and do python ./waf distclean all got the error can't open file './waf':

How would you programmatically test a file for viruses? [closed]

阅读更多关于 How would you programmatically test a file for viruses? [closed]

问题 Closed . This question needs to be more focused. It is not currently accepting answers. Want to improve this question? Update the question so it focuses on one problem only by editing this post. Closed 2 months ago . I want to programmatically test a file for viruses. I'm aware of this thread, which didn't get a satisfactory answer in my opinion, but I'm not looking for an API here. Any kind of workaround to make it possible to test a file would be fine. Of course, an API would probably be

Aho-Corasick-like algorithm for use in anti-malware code

阅读更多关于 Aho-Corasick-like algorithm for use in anti-malware code

问题 Is there an algorithm like Aho-Corasick, which can match a set of patterns simultaneously and is applicable to be used in anti-malware comparison? Do all known commercial antivirus software use the Aho-Corasick algorithm? What are the advantages of the Aho-Corasick algorithm over Boyer-Moore? 回答1: Boyer-Moore : For searching one string in another target string Aho-Corasick : For searching multiple patterns simultaneously So the advantage being that Aho-Corasick is optimal if you want to

Virus scanners locking and deleting temporary files - best way to cope with them?

阅读更多关于 Virus scanners locking and deleting temporary files - best way to cope with them?

问题 My application deals with e-mails coming from different sources, e.g. Outlook and IMAP mailboxes. Before parsing them, I write them to the temporary directory (keeping them in memory is not an option). While parsing, I might be writing attachments to the temp directory (for example, if they are too large to keep in memory or for full-text extraction). But in the wild, two things happen that seemed very strange in the first place but could all be traced back to virus scanner behaviour: I'm

Virus Scanning Uploaded files from Azure Web/Worker Role

阅读更多关于 Virus Scanning Uploaded files from Azure Web/Worker Role

We are designing an Azure Website which will allow users to Upload content(MP4,Docx...MSOffice Files) which can then be accessed. Some video content we will encode to provide several differing quality formats, before it will be streamed (using Azure Media Services ). We need to add an intermediate step so we can scan uploaded files for potential virus risk. Is there functionality built into azure (or third party) which will allow us to call an API to scan content before processing it? We are ideally looking for an API rather than just a background service on a VM, so we can get feedback

Json parse result from virustotal api

阅读更多关于 Json parse result from virustotal api

I was playing around with the virustotal api today while becoming back the result in this form : { "permalink" : "http://www.virustotal.com/file-scan/report.html?id=7b6b268cbca9d421aabba5f08533d3dcaba50e0f7887b07ef2bd66bf218b35ff-1304089592", "report" : [ "2011-04-29 15:06:32", { "AVG" : "Exploit_c.TVH", "AhnLab-V3" : "PDF/Exploit", "AntiVir" : "EXP/Pidief.UK", "Antiy-AVL" : "Trojan/win32.agent", "Avast" : "JS:Pdfka-gen", "Avast5" : "JS:Pdfka-gen", "BitDefender" : "Exploit.PDF-JS.Gen", "CAT-QuickHeal" : "", "ClamAV" : "", "Comodo" : "Exploit.JS.Pidief.~AWQ", "DrWeb" : "", "Emsisoft" : "Exploit