Posted: Mon Jul 31, 2006 12:30 pm
Thx 
... I think i've kind of forgotten that one... However, here's it is the source:
In fact this script only recognises the type of the file being scanned by it's signature. The actual virus-checking code is in the EngineAPI.pb file. The procedure is called PureAVScanFile.
... I think i've kind of forgotten that one... However, here's it is the source:Code: Select all
;[--------------------------------------------------------
;//PFileTypes.pb
;//File version 0.1 - 27 May 2006
;//(c)2006 Trutia Alexandru - FrostLabs Software
;[--------------------------------------------------------
;//Description: PureAV File Recognition Engine
;[--------------------------------------------------------
#PureAV_FileType_ERR = 0
#PureAV_FileType_UNKNOWN = 1
#PureAV_FileType_EXE = 2
#PureAV_FileType_RAR = 3
#PureAV_FileType_ZIP = 4
ProcedureDLL PureAVRecognizeFile(FilePath.s)
If ReadFile(0,FilePath)
For ReadHeader = 1 To 6
Header.s = Header.s + Chr(ReadCharacter(0))
Next ReadHeader
If Left(Header,2) = "MZ"
ProcedureReturn #PureAV_FileType_EXE
ElseIf Left(Header,4) = "Rar!"
ProcedureReturn #PureAV_FileType_RAR
ElseIf Left(Header,2) = "PK"
ProcedureReturn #PureAV_FileType_ZIP
ElseIf Left(Header,3) = "003"
ProcedureReturn #PureAV_FileType_ZIP
ElseIf Left(Header,2) = "004"
ProcedureReturn #PureAV_FileType_ZIP
ElseIf Header = "PK00PK"
ProcedureReturn #PureAV_FileType_ZIP
Else
ProcedureReturn #PureAV_FileType_UNKNOWN
EndIf
CloseFile(0)
Else
ProcedureReturn #PureAV_FileType_ERR
EndIf
EndProcedure
