108 questions
0
votes
0
answers
62
views
How to send a base64 string or UTF-8 MemoryStream object to Symantec Protection Engine (SPE) in AWS
All the examples I've seen show files being sent to the SPE AWS Virus Scanner api but I have a base64 string or my code has converted this string to a UTF-8 MemoryStream object. The previously ...
0
votes
0
answers
158
views
Can SQLITE database files used for attacking?
I'm implementing a client to a web service that offers multiple download options - CSV, JSON, Parquet and SQLITE ".db". The response data set has a small number of tabular data sets. SQLite ...
- 14.3k
0
votes
0
answers
78
views
auto py to exe output incomplete operation due to file contains a virus or potentially unwanted software
I'm currently converting multiple .py program into one directory exe file using Auto Py to Exe yet the operation keeps on being incomplete due to
error(exception.winerror, exception.function, ...
0
votes
0
answers
55
views
Virus total sending empty response
I wrote this function to retreive the scan result of a Virus Total scan.
async def check_virustotal_result(self, scan_id, message):
url = f"https://www.virustotal.com/api/v3/analyses/{scan_id}...
- 33
0
votes
0
answers
78
views
Is there a way to make the ClamAV server connect for my Antivirus Project so I can use it to scan files for viruses?
I've been having issues with scanning the eicar file by using a library called nClam in my project. I'm programming using C# and I cannot seem to be able to get my program to write in a listBox in my ...
- 1
0
votes
0
answers
101
views
Scanning an eicar.com file to test my AMSI code is breaking the code because of the eicar.com file
I have an implementation of the Windows Anti-Malware Scan Interface (AMSI) which I developed and want to use to scan files and check if they are safe from threats/viruses. I also created an eicar.com ...
-4
votes
1
answer
52
views
Does encrypting a virus / malware renders it inactive? [closed]
Phrased differently, can an encrypted malware still act ? Not encrypted by design, but after the fact.
And can it still be detected by an antivirus when in encrypted form ? (Given it is in decrypted ...
- 463
0
votes
0
answers
15
views
TotalVirus API v3: Scan URL returning "HTTP 400 Bad Request" [duplicate]
I am currently scanning files uploaded to my file management system. To do this I'm using TotalVirus API v3. For files smaller than 32MB, everything is working well and I'm able to upload the file via ...
- 1,472
0
votes
1
answer
364
views
“McAfee Antivirus Detects C Executable as Virus (False Positive)
My VSCode window with the code and error
I'm encountering a false positive detection by McAfee's antivirus for my C program's executable. When I compile my code using MinGW, McAfee flags it as a virus....
2
votes
1
answer
164
views
VirusTotalNet does not work offline in .NET Core 7 [closed]
I use the VirusTotalNet library, but this library works online. If I want it to be offline, what library should I use so that I can get the information daily and then I can find the virus file offline?...
-2
votes
1
answer
1k
views
Virus Total API Endpoint For URL Report Not Working Getting Error
I have started using VirusTotal & trying to generate URL report. The URL that I am using to test the code is "https://xyqhsservice-logg.in/" which has a 503 status code but somehow the ...
1
vote
1
answer
276
views
Avoid false positive detection of our Installer as malware
We're developing an application, which has been around for many years and comes with an Installshield Installer. Recently, virustotal shows that our latest, already released installer is detected by 2 ...
- 4,616
0
votes
1
answer
1k
views
VirusTotal URL Analysis Report API
Using the sample JavaScript code from https://developers.virustotal.com/reference/url-info,
I tried to retrieve information for URL scanning:
1st API run to get the URL analysis id:
const apiKey = {...
0
votes
0
answers
127
views
Do CVEs against netty apply to reactor netty?
My security tool is detecting a reactor netty package and flagging it with a netty CVEs.
Details:
My server has reactor netty v1.0.23 installed (v1.0.23 was released Sep 30, 2022)
My security tool ...
- 41
0
votes
1
answer
714
views
Software Signing and antivirus blocking
I'm a software developer who works as a freelancer, and my question has two parts.
First part:
I was working on a project then out of nowhere while testing on windows 10 VM windows security start ...
- 175
-1
votes
1
answer
554
views
pyarmor exe file is treated as a virus threat by windows defender
I use below command to create a single exe file
pyarmor pack -e " --onefile" final.py
and it works perfectly until windows defender starts to scan for viruses and define this exe file as ...
1
vote
0
answers
186
views
VirusTotal .NET API: sample crashed because disposed Objects
i try to reproduce this code from genbox:
https://github.com/Genbox/VirusTotalNet/blob/master/src/VirusTotalNet.Examples/Program.cs
In Line 31: if i try it with the True-Branch, it works fine. But if ...
- 21
0
votes
0
answers
485
views
C# app flagged in virus total "Contacted IP Addresses" don't know why
I have created an application in C# that is just about ready to hit production, just off the top of my head I thought I had better upload this to virus total to make sure there are no False-Positives, ...
- 21
-1
votes
1
answer
283
views
How Can I Fix a Hacked Wordpress Website?
I have seen lots of critical errors on my WordPress website. I attached a screenshot below that shows some of these issues. Please look at this and provide some suggestions so that I can fix this ...
0
votes
0
answers
361
views
Excel code shows modules but with hidden code
i just recieved an e-mail with a virus embeded in xlsm format. So how i'm curious i wanted to check the code. Enabled everything of security on Excel to avoid events starting and other stuffs after ...
- 247
1
vote
0
answers
2k
views
.net API to the local virus scan engine?
I've searched now for more hours about information on how to scan files in .NET (C#) with the local Windows registered virus scan engine. Found e.g. this (.NET virus scanning API) and some older other ...
- 21
-1
votes
1
answer
1k
views
How to use Clam AV in Angular 11 version
I want to scan the file content and viruses scanning while uploading file to server.I learnt about ClamAV but not getting any clue how to use it or installation in Angular component.Any help is ...
- 49
0
votes
1
answer
2k
views
Virus scan inside docker image
I build a docker image for my customer with my application. The customer wants a virus scan for the image. But how can I scan for virus inside an image? Can I install an antivirus software on my ...
- 56
0
votes
0
answers
338
views
Send attachment by email in C++ vs safety rules
I'm able to correctly send smtp mails with PDF file attached from my C++ application.
All the users can download the PDF attached file from their Mail client if they use their laptop or desktop pc, ...
- 2,103
1
vote
1
answer
816
views
Antirus File Scan real time check & AMSI verification [closed]
I want to scan for malware content directly in memory files and I want to know which is the best way to do it.
I’m in charge with the improvement of the website security policy for our web ...
- 39
0
votes
2
answers
1k
views
How to intentionally trigger a false positive from a virus scan?
I want to test a virus scanner, but I don't want to have actual malware stored on my machine. In the past, I've seen innocuous software marked as a virus by vague "heuristics" from anti-...
- 3
0
votes
0
answers
2k
views
Symantec Scan Engine and Symantec Endpoint Protection
We have a website where users upload different files of type tif, zip, csv and pdf.
What we want is to check every file provided by users for viruses before uploading the file to its final location ...
2
votes
1
answer
68
views
Cannot find a differ supporting object '[object Object]' of type 'object'. --> VirusTotal JSON to Display in a Table
I'm trying to parse data from VirusTotal JSON to Display in a Table.But i'm unable to use ngfor
scan(file) {
this.http.get("api/Scanner/").subscribe(result => {
this.value = result;
...
- 6,470
2
votes
1
answer
1k
views
Is there any way to determine if a program uses a specific Windows API functions?
Ok, it may be a bit difficult to explain:
Suppose someone creates a Windows application (using C# or any other language) that uses the GetDesktopWindow() function on the user32.dll to capture a ...
- 626
2
votes
1
answer
285
views
VirusTotal Uploaded File is Zero Bytes
I'm trying to upload a file to VirusTotal using .Net Core.But the uploaded file size is Zero Bytes.Why does this happen?
[Route("api/[controller]")]
public class ScannerController : Controller
{ [...
- 6,470
1
vote
0
answers
98
views
How to scan virus for Upload docs using Window defender in C# [duplicate]
I want to scan the uploaded document using c#. Currently, I'm using window defender in my Machine
0
votes
2
answers
5k
views
Suspicious PowerShell Command
My anti virus keeps alerting me with below mentioned powershell command. I'm a bit familiar with Powershell but can't understand what does below powershell script does. Also most importantly I want to ...
- 41
0
votes
1
answer
96
views
How can I improve my Program so that eScan doesn't think it's a virus?
This is my class:
class Program
{
[DllImport("User32", CharSet = CharSet.Auto)]
public static extern int SystemParametersInfo(int uiAction, int uiParam,
string pvParam, uint fWinIni);
...
0
votes
1
answer
971
views
XLSM with API calls marked as "virus" when attached to email
I found this solution for copying to the clipboard: Excel 2013 64-bit VBA: Clipboard API doesn't work
I added it to my code and everything worked great. But when I attached it to an email to send ...
- 308
0
votes
1
answer
264
views
Can we do virus scan on a file what gets uploaded via a portal in IBM Cloud(Bluemix)
Can we do virus scan on a file that gets uploaded via a portal in IBM Cloud(Bluemix). If so in there a feature provided by Docker or any other component.
The Devops team is not able to figure out any ...
- 493
0
votes
1
answer
59
views
dhcpsapi.exe File keep running in task manager
I have a file with description "Подключаемый модуль пересылки событий WS-Management" and name dhcpsapi.exe running in task manager. It seems like a virus to me.Whenever i tried to delete or open its ...
1
vote
4
answers
7k
views
Scan files in AWS S3 bucket for virus using lambda
We've a requirement to scan the files uploaded by the user and check if it has virus and then tag it as infected. I checked few blogs and other stackoverflow answers and got to know that we can use ...
- 785
0
votes
1
answer
601
views
CONSUME ANTIMALWARE SCAN INTERFACE (AMSI) FROM C# in windows 2008 R2 or 2016
I am working with (AMSI) in Dotnet core API to scan the virus-infected file and it is working fine with windows 10 But on production, We have windows 2008r2 and it does not provide the (AMSI).
So is ...
- 387
0
votes
1
answer
357
views
How to fix this md5 scanner not removing infected malware files?
I'm doing a QC check on my finished md5 malware scanner using a Hyper-V VM running Windows 10. The scanner didn't remove the malware samples supplied from https://virusshare.com which hashes were ...
- 93
3
votes
1
answer
332
views
Windows Antimalware Scan Interface thread safety
The Windows Antimalware scan Interface (AMSI) contains abstractions which can be used to call the currently active virus scanner in Windows:
https://learn.microsoft.com/en-us/windows/desktop/amsi/...
- 121
0
votes
1
answer
303
views
FileStorage files seems empty after virus-scanning
I used flask and flask-restplus to generate an upload api endpoint for my application. All seems working fine, but files data received are empty and then the saved file is empty.
Here is my code
...
- 389
3
votes
1
answer
2k
views
How can I find whether a file is infected by virus using VirusTotal.NET library in C#?
I am currently using VirusTotal.NET nuget package in my C# MVC project to scan uploaded files. I am using the same example given here https://github.com/Genbox/VirusTotal.NET
VirusTotal virusTotal = ...
user10606387
2
votes
0
answers
242
views
JavaScript Malware Scanning Detected BitCoin Mining on flatmap-stream v0.1.1
Not sure if this is related to this forum, please try to assist.
I have a website running in production. The customer run a virus scanning using VirusTotal and found a Virus on flatmap-stream NodeJS ...
- 6,352
2
votes
0
answers
100
views
As a file hosting provider, how do you prevent phishing?
We develop a service much like Dropbox or Google Drive or S3 where our customers can host their files and get direct links to them with our domain, e.g. www.ourservice.com/customer_site/path/to/file.
...
- 9,715
0
votes
1
answer
165
views
Disk defragmentation and Virus Scan command using PowerShell for 32bit
I know the command for 64bit in PowerShell but the same when I was trying remotely for another computer having 32bit that PowerShell command is not working which are given below. Can anyone post the ...
- 103
0
votes
1
answer
93
views
Email link to launch executable. Will my email get blocked as spam or dangerous?
Just wondering if anyone has experience in sending an email with a link in it to launch an executable.
We have clients that require a license key of sorts to be emailed to them, I had an idea to ...
- 701
1
vote
0
answers
1k
views
Download Malware samples by searching hash values
I am conducting a research to download ransomware samples, in order to analyze them. The challenge lies in downloading the ransomware binaries.
I have gone through carious websites, as virusign, ...
- 11
-3
votes
1
answer
180
views
Is this Artificial Intelligence [Logo] a virus?
I was having trouble with my WiFi driver so I ran one command SFC/scannow. It showed it has found some errors and fixed those after that I'm having this AI problem. I found nothing on the internet. ...
- 423
0
votes
0
answers
4k
views
How to remove open actions and javascript from pdf
Is there a way to quickly remove open actions and javascript from pdfs (without damaging/affecting the contents)?
I download pdfs regularly and often see messages like this:
when scanning the pdf ...
- 4,139
6
votes
1
answer
3k
views
disabling virus scan on google chrome inside python script for downloads
I am downloading some excel files from a website via python script, via Google Chrome. For some reason, some of the downloaded files fail the virus scan and get deleted immediately without any prompt. ...
