antivirus

we are developing an anti-virus, I'm trying to find out how can we tell the operating system -windows XP in this case- that our software is an anti-virus. I want that the OS recognize our software as an anti-virus and the security center list it. user446034 You have to sign an NDA to get the information. Quoth MSDN forums : To register an antivirus product: Must be a member of the Microsoft Virus Initiative. OR Must meet the following three requirements: Must have a standard NDA with Microsoft. Must be a member of AVPD or a member of EICAR or must sign and adhere to a code of ethics relating

This question is a follow-up to that question . To set the context of this question, consider Null-free programming . This is a technique to masquerade a sequence of instructions (shellcode) as a string. In the C programming language, the byte 0 marks the end of a string, so the instruction sequence must be designed not to contain any such byte, otherwise it would be truncated by the string-manipulation function being abused. The IA32 and x86-64 instruction sets, with their variable-length instructions of no particular alignment, allow instructions for task B to be decoded at an offset within

I want to make a basic antivirus for my free time. Basically I learned about the basic structure of the EXE(windows) file. How do I extract the ASM code from the file and the PE header? You can install Cygwin and use objdump to decompile an exe into asm. Be sure you select the binutils when installing cygwin. After installing cygwin, you can run the following from a bash shell: objdump -Slx yourpgm.exe You can use some free distrubuted disassembler.for example: ollydbg diassembler . note: there is only some MS-DOS stub executeable code in the PE header. 来源： https://stackoverflow.com/questions

I have found this link: Detect Antivirus on Windows using C# However when I try this code in visual c# express edition 2008 it says : Error 1 The type or namespace name 'ManagementObjectSearcher' could not be found (are you missing a using directive or an assembly reference?) C:\Users\Andy\Documents\Visual Studio 2008\Projects\ConsoleApplication1\ConsoleApplication1\Program.cs 15 17 ConsoleApplication1 Amongst other similar errors on the 2 lines which seem important! Looks like the code segment is missing some imports or something? I am using Windows 7... Please help! Andy You are missing a

My boss has come to me and asked how to enure a file uploaded through web page is safe. He wants people to be able to upload pdfs and tiff images (and the like) and his real concern is someone embedding a virus in a pdf that is then viewed/altered (and the virus executed). I just read something on a procedure that could be used to destroy stenographic information emebedded in images by altering least sifnificant bits. Could a similar process be used to enusre that a virus isn't implanted? Does anyone know of any programs that can scrub files? Update: So the team argued about this a little bit,

What are your "Symantec Endpoint" configuration recommendations for a developer PC? We do java development with Eclipse, IntelliJ, Ant and Tomcat. With "Symantec Endpoint" the build and server startup are quite slow. Replacing or removing Symantec is not an option. See also https://stackoverflow.com/questions/111226/least-intrusive-antivirus-software-for-development-pc , http://www.codinghorror.com/blog/archives/000803.html and http://www.theserverside.com/news/thread.tss?thread_id=44775 you can also exclude from scanning java.exe. Make sure you add eclipse.exe too, or make eclipse start as a

I need to scan uploaded files on a windows server through my ASP.NET web app. However, am not aware if anti virus packages come with an "api" sort of a thing using which i can programmatically trigger the scan. If possible i would really want to avoid any kind of windows scheduling to trigger the antivirus and then report the errors. ClamAV offers API support and is free. I am also sure that many other commercial vendors offer the same at a price (generally large). http://www.clamav.net/doc/latest/html/node32.html Note: you will need to access the functionalities through P/Invokes. 来源： https:/

We are using Visual Studio 2008 as our primary development IDE. Our security team has set up McAfee to scan files in our \Local Settings\Temp folder. Unfortunately VS uses this directory during code builds which is slowing the developers down. We've reached an impasse with the security team on this, and wonder if anyone knows of a configuration setting in VS where we could change the folder to where those temporary files are written. Thanks You can write a batch file which overwrites the %TEMP% and %TMP% variables and then launches visual studio. When the batch file overwrites an enviorment

I have seen code samples similar to the following numerous times in my search for an answer: using System; using System.Text; using System.Management; namespace ConsoleApplication1 { class Program { public static bool AntivirusInstalled() { string wmipathstr = @"\\" + Environment.MachineName + @"\root\SecurityCenter"; try { ManagementObjectSearcher searcher = new ManagementObjectSearcher(wmipathstr, "SELECT * FROM AntivirusProduct"); ManagementObjectCollection instances = searcher.Get(); return instances.Count > 0; } catch (Exception e) { Console.WriteLine(e.Message); } return false; } public