public static void Initialize(ScanSense sense) { try { ScanSensitivity = sense; EventsManager = new KAVE.BaseEngine.KavprotEvents(); AsyncInvoke inv = new AsyncInvoke(VirusReportService.Initialize); inv.BeginInvoke(null, null); // load scanners AsyncInvoke sinv = new AsyncInvoke(Init); sinv.BeginInvoke(null, null); if (SettingsManager.TurboMode) { AsyncInvoke ssinv = new AsyncInvoke(VDB.Initialize); ssinv.BeginInvoke(null, null); } else { VDB.Initialize(); } } catch (Exception ex) { AntiCrash.LogException(ex); } }
public object ScanM(string filename) { FileInfo fi = new FileInfo(filename); if (fi.Length < MaximumSize) { object x = null; FileStream fileStream = new FileStream(filename, FileMode.Open, FileAccess.Read); using (StreamReader sr = new StreamReader(fileStream)) { StringBuilder sb = new StringBuilder(); string hex = Security.DumpHex(sr, sb); x = VDB.GetScript(hex); } if (x != null) { return(x); } else { return(AVEngine.HashScanner.ScanHS(filename)); } } else { return(null); } }
public bool Repair(Virus virus) { try { string result = VDB.GetRepair(virus.Name); if (result != null) { if (result != "false" && result != string.Empty) { // repair string hex = Security.DumpHex(virus.Location); string hexresult = hex.Replace(result, ""); using (StreamWriter str = new StreamWriter(virus.Location)) { str.Write(Security.HexAsciiConvert(hexresult)); } return(true); } } return(false); } catch { return(false); } finally { } }
public object ScanM(string filename) { FileInfo fi = new FileInfo(filename); try { if (fi.Length < MaximumSize) { using (KCompress.KCompressExtractor extr = new KCompressExtractor(filename)) { extr.ExtractArchive(AVEngine.TempDir + Path.GetFileNameWithoutExtension(filename) + @"\"); } object svir = null; foreach (string file in FileHelper.GetFilesRecursive(AVEngine.TempDir + Path.GetFileNameWithoutExtension(filename) + @"\")) { if (file.EndsWith(".text")) { svir = VDB.GetPEMD5(Security.GetMD5HashFromFile(file)); if (svir != null) { return(svir); } } else if (file.EndsWith(".data")) { svir = VDB.GetPEMD5(Security.GetMD5HashFromFile(file)); if (svir != null) { return(svir); } } else if (file.EndsWith(".idata")) { svir = VDB.GetPEMD5(Security.GetMD5HashFromFile(file)); if (svir != null) { return(svir); } } File.Delete(file); } return(VDB.GetMD5(Security.GetMD5HashFromFile(filename))); } else { return(null); } } catch { return(null); } finally { } return(null); }
public object ScanM(string filename, System.Windows.Forms.Label lb) { FileInfo fi = new FileInfo(filename); if (fi.Length < MaximumSize) { return(VDB.GetMD5(Security.GetMD5HashFromFile(filename))); } else { return(null); } }
public object Scan(string filename) { FileInfo fi = new FileInfo(filename); if (fi.Length < MaximumSize) { return(VDB.GetMD5(Security.GetMD5HashFromFile(filename))); } else { return(null); } }
static void FilterData(Session session) { if (session.fullUrl.EndsWith(".js") || session.fullUrl.EndsWith(".vbs") || session.fullUrl.EndsWith(".bat") || session.fullUrl.EndsWith(".com")) { object v = VDB.GetScript(Security.ConvertToHex(session.GetResponseBodyAsString())); if (v != null) { KavprotVoice.SpeakAsync("A malicious code detected : " + v.ToString()); session.utilCreateResponseAndBypassServer(); session.responseBodyBytes = Encoding.ASCII.GetBytes(KAVE.Properties.Resources.ErrorPageHead + string.Format(KAVE.Properties.Resources.Title, "Kavprot smart security Blocked a malicious code : " + v.ToString()) + KAVE.Properties.Resources.Ressources + string.Format(KAVE.Properties.Resources.Bodytitle, "Kavprot smart security Blocked a malicious code : " + v.ToString()) + string.Format(KAVE.Properties.Resources.Body, KAVE.Properties.Resources.MalwareMessage)); session.oResponse.headers = Parser.ParseResponse("HTTP/1.1 200 OK\r\nKPAVWebProxyTemplate: True\r\nContent-Length: 165000"); } } }
public static Context GetContext(string UUID) { if (contList.ContainsKey(UUID)) { return(contList[UUID]); } else { var settings = new RequestContextSettings(); settings.CachePath = System.IO.Path.GetFullPath(VDB.GetSessionSavePath(UUID)); settings.PersistSessionCookies = true; RequestContext reqc = new RequestContext(settings); reqc.LoadExtensionsFromDirectory(VDB.savepath + @"\extentions", extHandler); //Cef.RefreshWebPlugins(); Context c = new Context() { context = reqc }; contList.Add(UUID, c); return(c); } }
public object Scan(string filename, System.Windows.Forms.Label lb) { FileInfo fi = new FileInfo(filename); if (fi.Length < MaximumSize) { object x = null; FileStream fileStream = new FileStream(filename, FileMode.Open, FileAccess.Read); using (StreamReader sr = new StreamReader(fileStream)) { StringBuilder sb = new StringBuilder(); string hex = Security.DumpHex(sr, sb); x = VDB.GetScript(hex); } return(x); } else { return(null); } }
internal static void LearnDefinitin(string filename, string infections) { try { Dictionary <string, string> db = new Dictionary <string, string>(); VDBT vdt = VirusDBTeacher.GetSignatures(filename, true, infections); switch (vdt.SIGID) { case "PES": if (vdt.TEXTHASH.Length > 4) { db.Add(vdt.TEXTHASH, vdt.VirusName); } if (vdt.DATAHASH.Length > 4) { db.Add(vdt.DATAHASH, vdt.VirusName); } VDB.AddKeys(db, DBT.PEMD5); break; case "ARS": if (vdt.FILEHASH.Length > 4) { db.Add(vdt.FILEHASH, vdt.VirusName); } VDB.AddKeys(db, DBT.HDB); break; case "HAS": if (vdt.FILEHASH.Length > 4) { db.Add(vdt.FILEHASH, vdt.VirusName); } VDB.AddKeys(db, DBT.HDB); break; case "ASC": if (vdt.FILEHASH.Length > 4) { db.Add(vdt.FILEHASH, vdt.VirusName); } if (vdt.FILESOURCE.Length > 4) { db.Add(vdt.FILESOURCE, vdt.VirusName); } VDB.AddKeys(db, DBT.SDB); break; } } catch (Exception ex) { AntiCrash.LogException(ex); } finally { } }
public static void IDPScan(Label CurFile, ProgressBarX progress, ItemPanel lst) { Stopwatch st = Stopwatch.StartNew(); int total = 0; int scanned = 0; if (VDB.GetIDPCount() > 2) { #region GetCount foreach (string drv in Environment.GetLogicalDrives()) { Stack <string> stack = new Stack <string>(); // 3. // Add initial directory. stack.Push(drv); // 4. // Continue while there are directories to process while (stack.Count > 0) { // A. // Get top directory string dir = stack.Pop(); try { // scan all files in directory foreach (string file in Directory.GetFiles(dir, "*.*")) { total++; } // C // Add all directories at this directory. foreach (string dn in Directory.GetDirectories(dir)) { stack.Push(dn); } } catch { } } } #endregion Stack <string> sstack = new Stack <string>(); // 3. // Add initial directory. foreach (string drive in Environment.GetLogicalDrives()) { sstack.Push(drive); } // 4. // Continue while there are directories to process while (sstack.Count > 0) { // A. // Get top directory string dir = sstack.Pop(); try { foreach (string file in Directory.GetFiles(dir, "*.exe")) { try { if (File.Exists(file)) { GUI.UpdateLabel(CurFile, file); scanned++; GUI.UpdateProgress(progress, scanned, total); if (!VDB.GetIDP(file, Security.GetMD5HashFromFile(file))) { Virus item = new Virus("KavProtSense.IdentityChanged", file, AVEngine.PETypeScanner); GUI.UpdatePanel(item, lst); } } } catch { } finally { } } foreach (string file in Directory.GetFiles(dir, "*.msi")) { try { if (File.Exists(file)) { GUI.UpdateLabel(CurFile, file); scanned++; GUI.UpdateProgress(progress, scanned, total); if (!VDB.GetIDP(file, Security.GetMD5HashFromFile(file))) { Virus item = new Virus("KavProtSense.IdentityChanged", file, AVEngine.PETypeScanner); GUI.UpdatePanel(item, lst); } } } catch { } finally { } } foreach (string file in Directory.GetFiles(dir, "*.dll")) { try { if (File.Exists(file)) { GUI.UpdateLabel(CurFile, file); scanned++; GUI.UpdateProgress(progress, scanned, total); if (!VDB.GetIDP(file, Security.GetMD5HashFromFile(file))) { Virus item = new Virus("KavProtSense.IdentityChanged", file, AVEngine.PETypeScanner); GUI.UpdatePanel(item, lst); } } } catch { } finally { } } // C // Add all directories at this directory. foreach (string dn in Directory.GetDirectories(dir)) { sstack.Push(dn); } } catch { // D // Could not open the directory } } } else { Stack <string> sstack = new Stack <string>(); // 3. // Add initial directory. foreach (string drive in Environment.GetLogicalDrives()) { sstack.Push(drive); } // 4. // Continue while there are directories to process while (sstack.Count > 0) { // A. // Get top directory string dir = sstack.Pop(); try { VDB.AddIDP(Directory.GetFiles(dir, "*.exe"), progress); VDB.AddIDP(Directory.GetFiles(dir, "*.msi"), progress); VDB.AddIDP(Directory.GetFiles(dir, "*.dll"), progress); // C // Add all directories at this directory. foreach (string dn in Directory.GetDirectories(dir)) { sstack.Push(dn); } } catch { // D // Could not open the directory } } } st.Stop(); // alert needed GUI.UpdateLabel(CurFile, "Scan Performed in " + st.Elapsed.ToString()); Alert.ScanCompleted(); }
void EventsManager_VDBUpdateCompleted(object sender, EventArgs e) { VDB.VDBDefinitions(); notifyIcon1.ShowBalloonTip(4000, "Update Completed", "Kavprot smart security update completed successfully. (" + VDB.version.ToString() + ")", ToolTipIcon.Info); }
public object Scan(string filename, System.Windows.Forms.Label lb) { return(VDB.GetMD5(Security.GetMD5HashFromFile(filename))); }
public object Scan(string filename) { return(VDB.GetMD5(Security.GetMD5HashFromFile(filename))); }