Skip to content

Latest commit

 

History

History
146 lines (130 loc) · 5.83 KB

病毒.md

File metadata and controls

146 lines (130 loc) · 5.83 KB

病毒

病毒:一个特殊计算机程序.
对于病毒的查杀都是基于特征码的识别.杀毒软件都需要有一个病毒信息的数据库.常用病毒数据库2000万条
杀毒引擎: 一套复杂高效的数据库查询算法.

  1. 提取文件特征码 1秒
  2. 查询特征码是否在数据库里面 8秒
    就是根据文件的特征码去病毒数据库中查询,如果能找到就说明这个文件是一个病毒

病毒的查杀
下面以一个文件的MD5编码后的签名来判断是否是病毒

public class AntiVirusActivity extends Activity {
    private ImageView iv_scan;
    private PackageManager pm;
    private TextView scan_status;
    private ProgressBar pb;
    private LinearLayout ll_container;
    private List<PackageInfo> virusInfos;

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_anti_virus);
        iv_scan = (ImageView) findViewById(R.id.iv_scan);
        RotateAnimation ra = new RotateAnimation(0, 360,
                Animation.RELATIVE_TO_SELF, 1.0f, Animation.RELATIVE_TO_SELF,
                1.0f);
        ra.setDuration(800);
        ra.setRepeatCount(Animation.INFINITE);
        ra.setRepeatMode(Animation.RESTART);
        iv_scan.startAnimation(ra);
        pb = (ProgressBar) findViewById(R.id.progressBar1);
        scan_status = (TextView) findViewById(R.id.scan_status);
        ll_container = (LinearLayout) findViewById(R.id.ll_container);
        pm = getPackageManager();
        virusInfos = new ArrayList<PackageInfo>();
        new AsyncTask<Void, Object, Void>() {

            @Override
            protected Void doInBackground(Void... params) {
                // 检查应用程序的签名 是否在病毒数据库里面.

                try {
                    Thread.sleep(500);
                    List<PackageInfo> infos = pm
                            .getInstalledPackages(PackageManager.GET_UNINSTALLED_PACKAGES
                                    | PackageManager.GET_SIGNATURES);
                    pb.setMax(infos.size());
                    int total = 0;
                    for (PackageInfo info : infos) {
                        Signature[] signatures = info.signatures;
						// 得到应用程序的签名信息, 用签名来判断
                        String sign = signatures[0].toCharsString();
                        String md5 = MD5Utils.encode(sign);
                        String result = VirusDao.findVirsu(md5);
                        if (result != null) {
                            publishProgress(info, true);
                            virusInfos.add(info);
                        } else {
                            publishProgress(info, false);
                        }
                        total++;
                        pb.setProgress(total);
                        Thread.sleep(40);
                    }
                } catch (InterruptedException e) {
                    // TODO Auto-generated catch block
                    e.printStackTrace();
                }
                return null;
            }

            @Override
            protected void onPreExecute() {
                scan_status.setText("正在初始化双核杀毒引擎...");
                super.onPreExecute();
            }

            @Override
            protected void onPostExecute(Void result) {
                scan_status.setText("扫描完毕!");
                iv_scan.clearAnimation();

                if (virusInfos.size() > 0) {
                    AlertDialog.Builder builder = new Builder(
                            AntiVirusActivity.this);
                    builder.setTitle("发现病毒");
                    builder.setMessage("是否立刻清理?");
                    builder.setPositiveButton("确定", new OnClickListener() {

                        @Override
                        public void onClick(DialogInterface dialog, int which) {
                            for (PackageInfo info : virusInfos) {
                                Intent intent = new Intent();
                                intent.setAction(Intent.ACTION_DELETE);
                                intent.setData(Uri.parse("package:"
                                        + info.packageName));
                                startActivity(intent);
                            }
                        }
                    });
                    builder.setNegativeButton("取消", new OnClickListener() {

                        @Override
                        public void onClick(DialogInterface dialog, int which) {
                            // TODO Auto-generated method stub

                        }
                    });
                    builder.show();
                }

                super.onPostExecute(result);
            }

            @Override
            protected void onProgressUpdate(Object... values) {
                PackageInfo packinfo = (PackageInfo) values[0];
                Boolean result = (Boolean) values[1];
                scan_status.setText("正在扫描:"
                        + packinfo.applicationInfo.loadLabel(pm));
                TextView tv = new TextView(getApplicationContext());
                tv.setTextSize(16);
                if (result) {// 发现病毒
                    tv.setTextColor(Color.RED);
                    tv.setText("发现病毒程序:"
                            + packinfo.applicationInfo.loadLabel(pm));
                } else {
                    tv.setTextColor(Color.BLACK);
                    tv.setText("扫描安全:" + packinfo.applicationInfo.loadLabel(pm));
                }
                ll_container.addView(tv, 0);
                super.onProgressUpdate(values);
            }

        }.execute();
    }
}