PureAV Alpha1 Build 105 - Antivirus in PB :D

Inf0Byt3 · Post by **Inf0Byt3** » Tue Mar 28, 2006 9:49 pm

Hi, this is just a small preview of the upcoming PureAV, world's smallest antivirus totally made in PB4.0. Please test it and if you like it and wanna help with the development, PM me.
The engine uses very simple detection algos. I am thinking to LGPL it, as soon it gets bigger - now it's too simple

.

The only detected item for now is Eicar Standard antivirus test file - included in the package. Hope you like it...

Here's the link:
File:1->PureAV_0.1_Alpha1_Build_105.zip

thefool · Post by **thefool** » Tue Mar 28, 2006 9:53 pm

haha

i cant download the file as my current av aborts it.

*pausing it*
i'll be back with a report later

edit:
Works nicely

Looks real good hehe

Inf0Byt3 · Post by **Inf0Byt3** » Tue Mar 28, 2006 10:00 pm

Thanks

.

thefool · Post by **thefool** » Tue Mar 28, 2006 10:05 pm

and by the way: It DOES detect eicar

Now needed: Support for scanning packed files (inside zip files, not 100% needed though as they arent that dangerous when packed

), support for scanning a single file, support for doing a running-processes-and-their-modules only scan (i miss that from av's!), on-access scan (not needed 100% atm), scanning packed and protected files (use a pe-identifyer to see what kind of packer they are using. If they use things like MEW or so thats often used to compress trojans, instead of a virus alert throw in a heuristic warning that it CAN be a trojan. Simply unpack upx packed files to a temp dir, and for other packers try some generic unpackers they might work. Grap a look at programmerstools.org)

Inf0Byt3 · Post by **Inf0Byt3** » Tue Mar 28, 2006 10:13 pm

Yes, they are on the list now

, although I'll need some help. If you find any free time, I hope you can help me with the packed exes? That would be very cool.

thefool · Post by **thefool** » Tue Mar 28, 2006 10:31 pm

Inf0Byt3 wrote:Yes, they are on the list now , although I'll need some help. If you find any free time, I hope you can help me with the packed exes? That would be very cool.

I could probably help you a little. Though it will require use of external tools..!

Inf0Byt3 · Post by **Inf0Byt3** » Tue Mar 28, 2006 10:48 pm

Thanks! External tools , you mean depackers and stuff?

thefool · Post by **thefool** » Tue Mar 28, 2006 10:53 pm

Yup

btw im having a look at that delphi source, and something else a nice guy sent me (about running and injecting pe's in memory)

Inf0Byt3 · Post by **Inf0Byt3** » Tue Mar 28, 2006 10:55 pm

Great! I own you

. I hope it's translateable...

dagcrack · Post by **dagcrack** » Tue Mar 28, 2006 11:51 pm

I think you "owe" him, but, anyway, everyone Owns him

Silly me, I suggested some stuff via PM just to find out thefool suggested the same over here..!

I worked with delphi 4 years ago, wheres the source?

Shannara · Post by **Shannara** » Tue Mar 28, 2006 11:57 pm

Inf0Byt3 wrote:I am thinking to LGPL it, as soon it gets bigger - now it's too simple .

Inf0Byt3 · Post by **Inf0Byt3** » Wed Mar 29, 2006 12:05 pm

@dagcrack:
No problem, you couldn't know thefool said that too

. BTW, here's the link to the code I was trying to find a translation for:
http://www.purebasic.fr/english/viewtopic.php?t=20750
Give it a try if you have any free time

.

@shannara

What's wrong with LGPL

Num3 · Post by **Num3** » Wed Mar 29, 2006 12:21 pm

W

W !!!!

Now i'm impressed !!!

Great work!

Inf0Byt3 · Post by **Inf0Byt3** » Wed Mar 29, 2006 1:37 pm

Thanks Num3! If I suceeded to impress you, which are a good coder, I' m good

.

va!n · Post by **va!n** » Wed Mar 29, 2006 2:25 pm

archive is corrupt! file is everytime 43.102 bytes here

PureBasic Forums - English

PureAV Alpha1 Build 105 - Antivirus in PB :D

PureAV Alpha1 Build 105 - Antivirus in PB :D

Re: PureAV Alpha1 Build 105 - Antivirus in PB :D