返回首页

学习和理解的启发式分析方法的基本原理后,我明白两个最广为人知的重量和规则为基础的方法,但我的问题是,如果我需要支付更多的领域,能够发现病毒,当它涉及到启发式。调用它的清单,如果你愿意...

目前我有:

1。反汇编器来查看ASM语言
2的可疑文件。进程和注册表监视器来跟踪更改计算机文件系统
3。 PE文件头自卸
NBSP
我觉得我还需要病毒的头指示或东西,这将使生活在什么样的使用比较时,什么是病毒,什么是安全的
BR}我如何写标志或条件的启发式检查,然后确定是否应进一步调查可疑文件需要执行的代码
的 ?
的任何信息,感谢您可能有{S0的}

回答

评论会员:游客 时间:2012/02/07
Jayanthi-SE:嗨,codeprelang="vb"spanclass="code-keyword"Private/spanspanclass="code-keyword"Sub/spanbtn_excel_Click(spanclass="code-keyword"ByVal/spansenderspanclass="code-keyword"As/spanSystem.spanclass="code-keyword"Object/span,spanclass="code-keyword"ByVal/spanespanclass="code-keyword"As/spanSystem.EventArgs)spanclass="code-keyword"Handles/spanbtn_excel.Clickspanclass="code-comment"'/spanspanclass="code-comment"ExportDataGridViewtoExcel/spanspanclass="code-keyword"Dim/spanxlappspanclass="code-keyword"As/spanExcel.Applicationspanclass="code-keyword"Dim/spanxlworkbookspanclass="code-keyword"As/spanExcel.Workbookspanclass="code-keyword"Dim/spanxlworksheetspanclass="code-keyword"As/spanExcel.Worksheetspanclass="code-keyword"Dim/spanmisvaluespanclass="code-keyword"As/spanspanclass="code-keyword"Object/span=System.Reflection.Missing.Valuespanclass="code-keyword"Dim/spanispanclass="code-keyword"As/spanspanclass="code-keyword"Integer/spanspanclass="code-keyword"Dim/spanjspanclass="code-keyword"As/spanspanclass="code-keyword"Integer/spanxlapp=spanclass="code-keyword"New/spanExcel.Applicationxlworkbook=xlapp.Workbooks.Add(misvalue)xlworksheet=xlworkbook.Sheets(spanclass="code-string""/spanspanclass="code-string"Sheet1"/span)spanclass="code-keyword"For/spani=spanclass="code-digit"0/spanspanclass="code-keyword"To/spangv.RowCount-spanclass="code-digit"2/spanspanclass="code-keyword"For/spanj=spanclass="code-digit"0/spanspanclass="code-keyword"To/spangv.ColumnCount-spanclass="code-digit"1/spanxlworksheet.Cells(i+spanclass="code-digit"1/span,j+spanclass="code-digit"1/span)=_gv(j,i).Value.ToString()spanclass="code-keyword"Next/spanspanclass="code-keyword"Next/spanspanclass="code-keyword"Dim/spandialogspanclass="code-keyword"As/spanspanclass="code-keyword"New/spanSaveFileDialogspanclass="code-keyword"Dim/spanresultspanclass="code-keyword"As/spanDialogResult=dialog.ShowDialogspanclass="code-keyword"Try/spanxlworksheet.SaveAs(dialog.FileName)spanclass="code-keyword"Catch/spanexerrspanclass="code-keyword"As/spanExceptionspanclass="code-keyword"End/spanspanclass="code-keyword"Try/span xlworkbook.Close()xlapp.Quit() releaseObject(xlapp)releaseObject(xlworkbook)releaseObject(xlworksheet) spanclass="code-keyword"End/spanspanclass="code-keyword"Sub/spanspanclass="code-keyword"Private/spanspanclass="code-keyword"Sub/spanreleaseObject(spanclass="code-keyword"ByVal/spanobjspanclass="code-keyword"As/spanspanclass="code-keyword"Object/span)spanclass="code-keyword"Try/spanSystem.Runtime.InteropServices.Marshal.ReleaseComObject(obj)obj=spanclass="code-keyword"Nothing/spanspanclass="code-keyword"Catch/spanexspanclass="code-keyword"As/spanExceptionobj=spanclass="code-keyword"Nothing/spanspanclass="code-keyword"Finally/spanGC.Collect()spanclass="code-keyword"End/spanspanclass="code-keyword"Try/spanspanclass="code-keyword"End/spanspanclass="code-keyword"Sub/span/pre/code
迈赫迪吴拉姆
评论会员:游客 时间:2012/02/07
转到通过这个imgsrc=http://www.orcode.com/img/ico/smiley_smile.gif{A}]
Jαved:你的代码只需要默认的构造函数,因为你的char * S intialisation参数传递。你需要传递的对象要调用拷贝构造函数和=运算。试试这个:
{C}