PDX PHP Tech Virus File Scanning API

Virus File Scanning API

Virus File Scanning API identifies files that contain viruses, malware, trojans, ransomware or spyware & ensures they are quarantined or deleted in subsequent operations. It utilizes millions of virus & malware signatures, multi-threat scanning & stateless in-memory processing for fast performance & strong security.

Adding anti-virus protection to any file processing application is crucial, but the difficulty of coding it into existing systems often poses a barrier. Our Virus File Scanning API makes it easy to integrate virus detection into any JEE application, regardless of the platform or architecture. Detecting infected files upon upload into the system and then encrypting, quarantining or deleting them prevents malicious programs from being released into the enterprise network.

Enhanced Protection: Leveraging the Potential of Virus File Scanning API for Robust Cybersecurity

The Virus File Scanning API works by hooking a critical Windows native API called nt!NtCreateUserProcess. It intercepts the call by modifying a kernel array called the System Services Descriptor Table (SSDT), which stores all of the system services. This allows IMso_VirusScanner to determine the full path name of the executable, then pass it on to VirusTotal for scanning.

After the scan is complete, if it detects any suspicious contents, it notifies Image Controller to send an alert to the user. Otherwise, it will notify Image Controller to give control of the execution to nt!NtCreateUserProcess.

Using the free public version of the VirusTotal API requires an API key, which can be obtained by visiting the VirusTotal website and creating an account. This key can then be stored in an environment variable and used with JavaScript to scan a file or URL for malware.

Leave a Reply

Your email address will not be published. Required fields are marked *