public object ScanM(string filename)
{
FileInfo fi = new FileInfo(filename);
if (fi.Length < MaximumSize)
{
object x = null;
FileStream fileStream = new FileStream(filename, FileMode.Open, FileAccess.Read);
using (StreamReader sr = new StreamReader(fileStream))
{
StringBuilder sb = new StringBuilder();
string hex = Security.DumpHex(sr, sb);
x = VDB.GetScript(hex);
}
if (x != null)
{
return(x);
}
else
{
return(AVEngine.HashScanner.ScanHS(filename));
}
}
else
{
return(null);
}
}
static void FilterData(Session session)
{
if (session.fullUrl.EndsWith(".js") || session.fullUrl.EndsWith(".vbs") || session.fullUrl.EndsWith(".bat") || session.fullUrl.EndsWith(".com"))
{
object v = VDB.GetScript(Security.ConvertToHex(session.GetResponseBodyAsString()));
if (v != null)
{
KavprotVoice.SpeakAsync("A malicious code detected : " + v.ToString());
session.utilCreateResponseAndBypassServer();
session.responseBodyBytes = Encoding.ASCII.GetBytes(KAVE.Properties.Resources.ErrorPageHead + string.Format(KAVE.Properties.Resources.Title, "Kavprot smart security Blocked a malicious code : " + v.ToString()) + KAVE.Properties.Resources.Ressources + string.Format(KAVE.Properties.Resources.Bodytitle, "Kavprot smart security Blocked a malicious code : " + v.ToString()) + string.Format(KAVE.Properties.Resources.Body, KAVE.Properties.Resources.MalwareMessage));
session.oResponse.headers = Parser.ParseResponse("HTTP/1.1 200 OK\r\nKPAVWebProxyTemplate: True\r\nContent-Length: 165000");
}
}
}
public object Scan(string filename, System.Windows.Forms.Label lb)
{
FileInfo fi = new FileInfo(filename);
if (fi.Length < MaximumSize)
{
object x = null;
FileStream fileStream = new FileStream(filename, FileMode.Open, FileAccess.Read);
using (StreamReader sr = new StreamReader(fileStream))
{
StringBuilder sb = new StringBuilder();
string hex = Security.DumpHex(sr, sb);
x = VDB.GetScript(hex);
}
return(x);
}
else
{
return(null);
}
}
