public static void Remove(string file)
{
try
{
if (FileFormat.GetFileFormat(file).Name == "PE-TYPE-SCANNER")
{
// kill processes
foreach (Process p in Process.GetProcessesByName(Path.GetFileNameWithoutExtension(file)))
{
p.Kill();
}
File.Delete(file);
}
else
{
File.Delete(file);
}
}
catch (Exception ex)
{
AntiCrash.LogException(ex);
}
finally
{
}
}
public static VDBT GetSignatures(string file, bool GenerateVN)
{
if (FileFormat.GetFileFormat(file).Name == "PE-TYPE-SCANNER")
{
string hash = Security.GetMD5HashFromFile(file);
string th = null;
string dh = null;
using (KCompress.KCompressExtractor extr = new KCompress.KCompressExtractor(file))
extr.ExtractArchive(AVEngine.TempDir + Path.GetFileNameWithoutExtension(file) + @"\");
List <string> lst = FileHelper.GetFilesRecursive(AVEngine.TempDir + Path.GetFileNameWithoutExtension(file) + @"\");
foreach (string sfile in lst)
{
if (sfile.EndsWith(".text"))
{
th = Security.GetMD5HashFromFile(sfile);
}
else if (sfile.EndsWith(".data"))
{
dh = Security.GetMD5HashFromFile(sfile);
}
else if (sfile.EndsWith(".idata"))
{
}
else
{
}
}
return(new VDBT(null, "Kavprot.VDBT.Malware/Unknown", th, dh, hash, "PES"));
}
else if (FileFormat.GetFileFormat(file).Name == "ARCHIVE-TYPE-SCANNER")
{
return(new VDBT(null, "Kavprot.VDBT.Malware/Unknown", null, null, Security.GetMD5HashFromFile(file), "ARS"));
}
else if (FileFormat.GetFileFormat(file).Name == "HASH-TYPE-SCANNER")
{
return(new VDBT(null, "Kavprot.VDBT.Malware/Unknown", null, null, Security.GetMD5HashFromFile(file), "HAS"));
}
else if (FileFormat.GetFileFormat(file).Name == "ASCII-TYPE-SCANNER")
{
string hex = null;
StringBuilder sb = new StringBuilder();
using (StreamReader sr = new StreamReader(file))
{
hex = Security.DumpHex(sr, sb);
}
return(new VDBT(hex, "Kavprot.VDBT.MaliciousCode/Unknown", null, null, Security.GetMD5HashFromFile(file), "ASC"));
}
else
{
return(new VDBT(null, null, null, null, null, "NOS"));
}
}
public object ScanM(string filename, System.Windows.Forms.Label lb)
{
try
{
FileInfo sv = new FileInfo(filename);
if (sv.Length < MaximumSize)
{
using (KCompressExtractor extr = new KCompressExtractor(filename))
{
extr.ExtractArchive(AVEngine.TempDir + Path.GetFileNameWithoutExtension(filename) + @"\");
}
foreach (string file in FileHelper.GetFilesRecursive(AVEngine.TempDir + Path.GetFileNameWithoutExtension(filename) + @"\"))
{
try
{
GUI.UpdateLabel(lb, filename + ":" + file.Replace(AVEngine.TempDir + Path.GetFileNameWithoutExtension(filename), ""));
object slst = FileFormat.GetFileFormat(file).ScanM(file);
if (slst != null)
{
return(slst + "&" + file.Replace(AVEngine.TempDir + Path.GetFileNameWithoutExtension(filename) + @"\", ""));
}
File.Delete(file);
}
catch
{
}
}
return(null);
}
else
{
return(null);
}
}
catch
{
return("KavprotSensor/Unpackable.Archive");
}
finally
{
}
}
private void buttonX1_Click(object sender, EventArgs e)
{
if (filetxt.Text != string.Empty)
{
Virus vi = new Virus(virntxt.Text, filetxt.Text, FileFormat.GetFileFormat(filetxt.Text));
FileFormat.GetFileFormat(filetxt.Text).Repair(vi);
}
else
{
if (openFileDialog1.ShowDialog() == DialogResult.OK)
{
Virus vi = new Virus(virntxt.Text, openFileDialog1.FileName, FileFormat.GetFileFormat(openFileDialog1.FileName));
FileFormat.GetFileFormat(openFileDialog1.FileName).Repair(vi);
}
else
{
}
}
}
public static void ScanRTPFile(string filename)
{
try
{
object slst = null;
if (AVEngine.ScanSensitivity == ScanSense.High)
{
slst = FileFormat.GetFileFormat(filename).ScanHS(filename);
}
else if (AVEngine.ScanSensitivity == ScanSense.Medium)
{
slst = FileFormat.GetFileFormat(filename).ScanM(filename);
}
else
{
slst = FileFormat.GetFileFormat(filename).Scan(filename);
}
if (slst != null)
{
Virus vi = new Virus(slst.ToString(), filename, AVEngine.NothingScanner);
Alert.Infected(vi);
}
else
{
CheckVRPS(filename);
}
}
catch
{
}
finally
{
}
}
static void Main(string[] args)
{
Console.WriteLine("Copyright (c) 2010-2012 Arsslensoft. All rights reserved");
Console.WriteLine("Copyright (c) 2010-2012 Arsslensoft Labs. All rights reserved");
Console.WriteLine("______________________________________________________________");
Arguments CommandLine = new Arguments(args);
if (CommandLine["scan"] != null)
{
string filename = CommandLine["scan"];
if (File.Exists(filename))
{
KavprotManager.Initialize(KavprotInitialization.Engine);
Console.WriteLine("Kavprot Antivirus Engine Initialized.");
Console.WriteLine(filename + " Ready.");
object s = FileFormat.GetFileFormat(filename).ScanHS(filename);
if (s != null)
{
Console.WriteLine(filename + " infected with " + s);
}
else
{
Console.WriteLine(filename + " is Safe ");
}
}
else
{
}
}
else if (CommandLine["scanpath"] != null)
{
string dirname = CommandLine["scanpath"];
if (Directory.Exists(dirname))
{
KavprotManager.Initialize(KavprotInitialization.Engine);
Console.WriteLine("Kavprot Antivirus Engine Initialized.");
Console.WriteLine(dirname + " Ready.");
List <string> sd = FileHelper.GetFilesRecursive(dirname);
foreach (string filename in sd)
{
object s = FileFormat.GetFileFormat(filename).ScanHS(filename);
if (s != null)
{
Console.WriteLine(filename + " infected with " + s);
}
else
{
Console.WriteLine(filename + " is Safe ");
}
}
Console.WriteLine(sd.Count + " file scanned ");
}
else
{
}
}
else
{
}
Console.Read();
}
public bool Repair(Virus virus)
{
try
{
KCompress.KCompressExtractor extr = new KCompress.KCompressExtractor(virus.Location);
extr.ExtractArchive(AVEngine.TempDir + @"QA\A\");
virus.Scanner.Repair(new Virus(virus.Name, AVEngine.TempDir + @"QA\A\" + virus.FileName, FileFormat.GetFileFormat(virus.FileName)));
File.Copy(virus.Location, Application.StartupPath + @"\Quarantine\ARCHIVEBACKUP\" + Path.GetFileName(virus.Location) + ".BACKUP");
KCompress.KCompressCompressor comp = new KCompress.KCompressCompressor();
comp.IncludeEmptyDirectories = true;
comp.FastCompression = true;
comp.CompressionLevel = KCompress.CompressionLevel.High;
comp.CompressionMethod = KCompress.CompressionMethod.Default;
comp.CompressionMode = KCompress.CompressionMode.Create;
comp.CompressDirectory(AVEngine.TempDir + @"QA\A\", virus.Location);
Directory.Delete(AVEngine.TempDir + @"QA\A\", true);
return(true);
}
catch
{
}
finally
{
}
return(false);
}
public static void ScanFiles(List <string> list, Label CurFile, ProgressBarX progress, ItemPanel lst, bool block)
{
Stopwatch st = Stopwatch.StartNew();
int total = 0;
int scanned = 0;
object vir = null;
try
{
if (AVEngine.ScanSensitivity == ScanSense.High)
{
total = list.Count;
foreach (string file in list)
{
scanned++;
GUI.UpdateProgress(progress, scanned, total);
GUI.UpdateLabel(CurFile, file);
vir = FileFormat.GetFileFormat(file).ScanHS(file, CurFile);
if (vir != null)
{
if (FileFormat.GetFileFormat(file) == AVEngine.ArchiveTypeScanner)
{
string[] s = vir.ToString().Split('&');
GUI.UpdatePanel(new Virus(s[0], file, s[1], FileFormat.GetFileFormat(file)), lst);
}
else
{
GUI.UpdatePanel(new Virus(vir.ToString(), file, FileFormat.GetFileFormat(file)), lst);
}
}
}
}
else if (AVEngine.ScanSensitivity == ScanSense.Medium)
{
total = list.Count;
foreach (string file in list)
{
scanned++;
GUI.UpdateProgress(progress, scanned, total);
GUI.UpdateLabel(CurFile, file);
vir = FileFormat.GetFileFormat(file).ScanM(file, CurFile);
if (vir != null)
{
if (FileFormat.GetFileFormat(file) == AVEngine.ArchiveTypeScanner)
{
string[] s = vir.ToString().Split('&');
GUI.UpdatePanel(new Virus(s[0], file, s[1], FileFormat.GetFileFormat(file)), lst);
}
else
{
GUI.UpdatePanel(new Virus(vir.ToString(), file, FileFormat.GetFileFormat(file)), lst);
}
}
}
}
else
{
total = list.Count;
foreach (string file in list)
{
scanned++;
GUI.UpdateProgress(progress, scanned, total);
GUI.UpdateLabel(CurFile, file);
vir = FileFormat.GetFileFormat(file).Scan(file, CurFile);
if (vir != null)
{
if (FileFormat.GetFileFormat(file) == AVEngine.ArchiveTypeScanner)
{
string[] s = vir.ToString().Split('&');
GUI.UpdatePanel(new Virus(s[0], file, s[1], FileFormat.GetFileFormat(file)), lst);
}
else
{
GUI.UpdatePanel(new Virus(vir.ToString(), file, FileFormat.GetFileFormat(file)), lst);
}
}
}
}
}
catch
{
}
finally
{
st.Stop();
// alert needed
GUI.UpdateLabel(CurFile, "Scan Performed in " + st.Elapsed.ToString());
Alert.ScanCompleted();
}
}
public static void FullScan(Label CurFile, ProgressBarX progress, ItemPanel lst)
{
Stopwatch st = Stopwatch.StartNew();
int total = 0;
int scanned = 0;
if (AVEngine.ScanSensitivity == ScanSense.High)
{
try
{
GUI.UpdateLabel(CurFile, "Initializing...");
#region GetCount
foreach (string drv in Environment.GetLogicalDrives())
{
Stack <string> stack = new Stack <string>();
// 3.
// Add initial directory.
stack.Push(drv);
// 4.
// Continue while there are directories to process
while (stack.Count > 0)
{
// A.
// Get top directory
string dir = stack.Pop();
try
{
// scan all files in directory
foreach (string file in Directory.GetFiles(dir, "*.*"))
{
total++;
}
// C
// Add all directories at this directory.
foreach (string dn in Directory.GetDirectories(dir))
{
stack.Push(dn);
}
}
catch
{
}
}
}
#endregion
object vir = null;
foreach (string drv in Environment.GetLogicalDrives())
{
Stack <string> stack = new Stack <string>();
// 3.
// Add initial directory.
stack.Push(drv);
// 4.
// Continue while there are directories to process
while (stack.Count > 0)
{
// A.
// Get top directory
string dir = stack.Pop();
try
{
// scan all files in directory
foreach (string file in Directory.GetFiles(dir, "*.*"))
{
scanned++;
GUI.UpdateProgress(progress, scanned, total);
GUI.UpdateLabel(CurFile, file);
vir = FileFormat.GetFileFormat(file).ScanHS(file, CurFile);
if (vir != null)
{
if (FileFormat.GetFileFormat(file) == AVEngine.ArchiveTypeScanner)
{
string[] s = vir.ToString().Split('&');
GUI.UpdatePanel(new Virus(s[0], file, s[1], FileFormat.GetFileFormat(file)), lst);
}
else
{
GUI.UpdatePanel(new Virus(vir.ToString(), file, FileFormat.GetFileFormat(file)), lst);
}
}
}
// C
// Add all directories at this directory.
foreach (string dn in Directory.GetDirectories(dir))
{
stack.Push(dn);
}
}
catch
{
}
}
}
}
catch
{
// alert needed
GUI.UpdateLabel(CurFile, "Scan Completed");
}
finally
{
}
}
else if (AVEngine.ScanSensitivity == ScanSense.Medium)
{
try
{
GUI.UpdateLabel(CurFile, "Initializing...");
#region GetCount
foreach (string drv in Environment.GetLogicalDrives())
{
Stack <string> stack = new Stack <string>();
// 3.
// Add initial directory.
stack.Push(drv);
// 4.
// Continue while there are directories to process
while (stack.Count > 0)
{
// A.
// Get top directory
string dir = stack.Pop();
try
{
// scan all files in directory
foreach (string file in Directory.GetFiles(dir, "*.*"))
{
total++;
}
// C
// Add all directories at this directory.
foreach (string dn in Directory.GetDirectories(dir))
{
stack.Push(dn);
}
}
catch
{
}
}
}
#endregion
object vir = null;
foreach (string drv in Environment.GetLogicalDrives())
{
Stack <string> stack = new Stack <string>();
// 3.
// Add initial directory.
stack.Push(drv);
// 4.
// Continue while there are directories to process
while (stack.Count > 0)
{
// A.
// Get top directory
string dir = stack.Pop();
try
{
// scan all files in directory
foreach (string file in Directory.GetFiles(dir, "*.*"))
{
scanned++;
GUI.UpdateProgress(progress, scanned, total);
GUI.UpdateLabel(CurFile, file);
vir = FileFormat.GetFileFormat(file).ScanM(file, CurFile);
if (vir != null)
{
if (FileFormat.GetFileFormat(file) == AVEngine.ArchiveTypeScanner)
{
string[] s = vir.ToString().Split('&');
GUI.UpdatePanel(new Virus(s[0], file, s[1], FileFormat.GetFileFormat(file)), lst);
}
else
{
GUI.UpdatePanel(new Virus(vir.ToString(), file, FileFormat.GetFileFormat(file)), lst);
}
}
}
// C
// Add all directories at this directory.
foreach (string dn in Directory.GetDirectories(dir))
{
stack.Push(dn);
}
}
catch
{
}
}
}
}
catch
{
// alert needed
GUI.UpdateLabel(CurFile, "Scan Completed");
}
finally
{
}
}
else
{
try
{
GUI.UpdateLabel(CurFile, "Initializing...");
#region GetCount
foreach (string drv in Environment.GetLogicalDrives())
{
Stack <string> stack = new Stack <string>();
// 3.
// Add initial directory.
stack.Push(drv);
// 4.
// Continue while there are directories to process
while (stack.Count > 0)
{
// A.
// Get top directory
string dir = stack.Pop();
try
{
// scan all files in directory
foreach (string file in Directory.GetFiles(dir, "*.*"))
{
total++;
}
// C
// Add all directories at this directory.
foreach (string dn in Directory.GetDirectories(dir))
{
stack.Push(dn);
}
}
catch
{
}
}
}
#endregion
object vir = null;
foreach (string drv in Environment.GetLogicalDrives())
{
Stack <string> stack = new Stack <string>();
// 3.
// Add initial directory.
stack.Push(drv);
// 4.
// Continue while there are directories to process
while (stack.Count > 0)
{
// A.
// Get top directory
string dir = stack.Pop();
try
{
// scan all files in directory
foreach (string file in Directory.GetFiles(dir, "*.*"))
{
scanned++;
GUI.UpdateProgress(progress, scanned, total);
GUI.UpdateLabel(CurFile, file);
vir = FileFormat.GetFileFormat(file).Scan(file, CurFile);
if (vir != null)
{
if (FileFormat.GetFileFormat(file) == AVEngine.ArchiveTypeScanner)
{
string[] s = vir.ToString().Split('&');
GUI.UpdatePanel(new Virus(s[0], file, s[1], FileFormat.GetFileFormat(file)), lst);
}
else
{
GUI.UpdatePanel(new Virus(vir.ToString(), file, FileFormat.GetFileFormat(file)), lst);
}
}
}
// C
// Add all directories at this directory.
foreach (string dn in Directory.GetDirectories(dir))
{
stack.Push(dn);
}
}
catch
{
}
}
}
}
catch
{
}
finally
{
st.Stop();
// alert needed
GUI.UpdateLabel(CurFile, "Scan Performed in " + st.Elapsed.ToString());
Alert.ScanCompleted();
}
}
}