Skip to content

cxx/VirusAnalysis.cxx, cxx/ClassSys.*xx, cxx/ClassPortableExecutable.hxx: auto scan of downloads/launches #28

New issue
New issue
Open
Open
cxx/VirusAnalysis.cxx, cxx/ClassSys.*xx, cxx/ClassPortableExecutable.hxx: auto scan of downloads/launches#28
Labels
good first issueGood for newcomersimproveNew feature or requesttodounimplemented (but advertised) part of the tool
Milestone
Auto scan downloads/launches, manual scan whole disk. `cxx/VirusAnalysis.cxx`, `cxx/ClassSys.*xx`, `cxx/ClassPortableExecutable.*xx` shall do
@SwuduSusuwu

Description

@SwuduSusuwu
SwuduSusuwu
opened on Nov 25, 2024

Rationale: some users forget to scan new executables, plus some viruses cause infection without execution.

Background: +classSysKernelSetHook(): for ?virusAnalysisHook gives https://github.com/SwuduSusuwu/SubStack/blob/f69c1ee6bc108bdf5f4647c12303d8a84dfb67a0/cxx/ClassSys.hxx#L54-L72 which is used as https://github.com/SwuduSusuwu/SubStack/blob/f69c1ee6bc108bdf5f4647c12303d8a84dfb67a0/cxx/VirusAnalysis.cxx#L145-L173 ; both have lots todo (classSysKernelSetHook requires kernel code to do this, virusAnalysisHook requires specialization for all the versions of operating system functions which can download or execute).
As those functions require specialized knowledge of operating systems, this is one of the more difficult tasks to finish alone. Wish for pull requests (or suggestions) for this task.

Metadata

Metadata

Assignees

No one assigned

    Labels

    good first issueGood for newcomersimproveNew feature or requesttodounimplemented (but advertised) part of the tool

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions