Len-Stevens/Python-Antivirus

Use an .exe instead of a .py

Closed this issue · 4 comments

Rieidi commented

It would be better because the file will be independent of the modules to be installed this can be done with this command:
python.exe -m PyInstaller --onefile filename.py After that the file will be in the dist
And a full disk check can be done with this code:
You will have to put the file instead of the written hashes inside the code and translate it
I am also trying to develop my antivirus in python...
`import os
import hashlib
from pyuac import main_requires_admin

virus_data = {
"viruses": [
{
"name": "MEMEZ",
"hashes": {
"SHA256": "3ff64f10603f0330fa2386ff99471ca789391ace969bd0ec1c1b8ce1b4a6db42"
},
"description": "Memz é um vírus de computador fictício conhecido por disseminar memes maliciosos."
},
{
"name": "LOVEYOU.VBS",
"hashes": {
"SHA256": "5d8c6cc0a479db4ab427dbd68fc4e2096ab4a570ebe4f730b22ca18bee81c773"
},
"description": "Vírus LOVEYOU.VBS, também conhecido como ILOVEYOU, é um vírus de computador de email malicioso."
}
]
}

def check_for_virus(file_path, virus_data):
try:
# Verifica se o arquivo tem extensão .exe, .dll, .bat, ou .vbs
if file_path.lower().endswith((".exe", ".dll", ".bat", ".vbs")):
# Calcula o SHA256 do arquivo
arquivo_sha256 = hashlib.sha256()
with open(file_path, "rb") as f:
for pedaco in iter(lambda: f.read(4096), b""):
arquivo_sha256.update(pedaco)

        # Verifica se o SHA256 está na lista de hashes de vírus conhecidos
        for virus in virus_data["viruses"]:
            if arquivo_sha256.hexdigest() in virus["hashes"].values():
                return True
except OSError:
    # Ignorar arquivos ou pastas protegidos que não podem ser abertos
    pass

return False

def scan_drive(drive_path, virus_data):
print(f"Verificando arquivos no disco {drive_path}...")
arquivos_limpos = []
arquivos_infectados = []

for root, _, files in os.walk(drive_path):
    for file in files:
        file_path = os.path.join(root, file)
        if check_for_virus(file_path, virus_data):
            arquivos_infectados.append(file_path)
            try:
                os.remove(file_path)
                print(f"Arquivo infectado removido: {file_path}")
            except OSError as e:
                print(f"Erro ao remover o arquivo {file_path}: {e}")
        else:
            arquivos_limpos.append(file_path)

if arquivos_limpos:
    print("Arquivos limpos:")
    for arquivo in arquivos_limpos:
        print(arquivo, "está limpo.")
else:
    print("Nenhum arquivo limpo foi encontrado.")

@main_requires_admin
def main():
scan_drive("C:\", virus_data) # Varre o disco C:

if name == "main":
main()
`

I think a even better way and what I wanted to do for the last weeks is to scan files using shared c (.so) I already tested it on a side project and for large/many files it´s really fast where talking 10sec. raw py to 0-1sec. reading time here sadly I wasnt able to implement it jet since I had no time.

Rieidi commented

I think a even better way and what I wanted to do for the last weeks is to scan files using shared c (.so) I already tested it on a side project and for large/many files it´s really fast where talking 10sec. raw py to 0-1sec. reading time here sadly I wasnt able to implement it jet since I had no time.

unfortunately yes C is faster than python because python is an interpreted language there are ways to compile the code to make it faster, but I'll stick with pure python.
The code I sent you doesn't take long because it scans specified files, but if they were all it might take a while.

I think a even better way and what I wanted to do for the last weeks is to scan files using shared c (.so) I already tested it on a side project and for large/many files it´s really fast where talking 10sec. raw py to 0-1sec. reading time here sadly I wasnt able to implement it jet since I had no time.

unfortunately yes C is faster than python because python is an interpreted language there are ways to compile the code to make it faster, but I'll stick with pure python. The code I sent you doesn't take long because it scans specified files, but if they were all it might take a while.

I´m done, the project witch uses C to scan is finally ready. Here if you want to try it.

Good, now you need a dynamic hash update.