C# Project-AntiVirus

[Saharan1628]

Ram RAm baalkon...wazzupp
Guyz I have been given a project to build an antivirus in C# and I have just started working on it,looking at the theoretical aspects first.If any chora/chora/tau/tai has any help to offer then plz feel free to come forward.Arduous task but one that needs to be done.

Thx in advance

Ram RAm

[vicky84]

Food for thought:

http://securitypilotav.codeplex.com/

http://superav.codeplex.com/

[Saharan1628]

Wazzup baalkon....sry for a late review and thanx atish for those links.....that was quick bro..
Here's something I want to share:-

The first link is just like a skeleton of AV..with nothing at all inside it..So guyz if u are looking to get along with an interface of AV then that link could be of any help.What that guy did in that coding is that he himself gave a single file to be scanned and there is no real scanning of ur computer.Pretty naive and he himself agreed on it.

The second link gives an open source AV source files but the problem I had was that it's written in good level VB lang and since i am a noob when it comes to C#..so I can only interpret a basic VB code to C#...but a great find for VB coders.

[vicky84]

Wazzup baalkon....sry for a late review and thanx atish for those links.....that was quick bro..
Here's something I want to share:-

The first link is just like a skeleton of AV..with nothing at all inside it..So guyz if u are looking to get along with an interface of AV then that link could be of any help.What that guy did in that coding is that he himself gave a single file to be scanned and there is no real scanning of ur computer.Pretty naive and he himself agreed on it.

The second link gives an open source AV source files but the problem I had was that it's written in good level VB lang and since i am a noob when it comes to C#..so I can only interpret a basic VB code to C#...but a great find for VB coders.

There is hardly any difference between VB.NET and C#. If you are not able to translate it, you can use this online tool :

http://www.developerfusion.com/tools.../csharp-to-vb/

The first link was just an idea and second link gives you more in-depth and structured way of approaching this project(More holistic view of looking at things).

[Saharan1628]

Don't know abt the holistic view but definitely more horrified view...many over the top things used..Not able to grasp them.And the link is not converting the code--showing error.And I don't know why the files have .frm extension.

Here's what I have got so far...with the help of vids and forums,I have been to develop a basic AV which is scanning the drives perfectly and has also successfully found out Eicar test virus(Industry standard).My approach(signature-based) :-

Virus are nothing but files having a particular signature(sequence of bytes) which attaches its sign with the file and changes its byte composition.AV(sign-based) maintains a database of those lakhs or maybe crores of viruses signature or MD5 hash of those signs.
During the scanning part,it picks up a file,extracts its byte code and computes its MD5 hash(using MD5CryptoServiceProvider class available in .NET) and matches that hash with the sign hash Database.
On a successful match,it alerts the user and then on command,deletes those viruses.

However,its a basic version,since for faster and better scanning,u got to fragment a file and then does the matching within those fragments.
Secondly,its only sign based...advanced versions also makes use of heuristics to check a particular behavior.Again u got to know loads of heuristics so that there can be a better scanning.
Thirdly,registry based scanning also needs to be provided.In this when an app is run,AV extracts the reg path of that app and instead of running it with its allotted soft,it first makes that app to run through itself,scans it and if no viruses are found,it again changes the reg path so as to make that app run with that soft and blah blah blah

The most difficult of course How to get database of sign of those lakhs of viruses.You can create a virus sign but that too is a very complicated process and I am in no mood at all to spend time on that.

So if anyone want to ask something or wanna tell some vital info regarding the topic..plz feel free.

Atish,bhai maddi si or mehnat karle...manne dikhe h tu AV bna hi dega

[vicky84]

Bhai Yogesh,

I don't know why that link is showing you error. May be you can share the code and then we can try. As far as second codeplex link is concerned, I usually refer codeplex for best pattern and practices. Baaki bhai munnai na banana AV. Main aab .Net mei nahi hoon