Click here to Skip to main content

Submit your article

Anti-virus

anti-virus

Great Reads

Application Crashes without a Trace / No Dumpfile

by Bruno van Dooren

Symantec can cause valid applications to crash and be gone without a trace

Automated PE32 Threat Classification using Import Table and Deep Neural Networks

by Visweswaran N

In this research, we are going to prove that Import Address Table is very helpful in classifying a malware.

Latest Articles

Application Crashes without a Trace / No Dumpfile

by Bruno van Dooren

Symantec can cause valid applications to crash and be gone without a trace

Automated PE32 Threat Classification using Import Table and Deep Neural Networks

by Visweswaran N

In this research, we are going to prove that Import Address Table is very helpful in classifying a malware.

All Articles

Anti-virus

How to delete a file thats open in another program VB.NET

11 Aug 2017 by OriginalGriff

There are ways to force this, but it's a bad idea - you will probably cause more damage by forcing the handle to close prematurely than you will save by lettign the user know and close the application manually. But ... you say "its saying its open in my program" which implies you have opened...

Application Crashes without a Trace / No Dumpfile

7 Sep 2022 by Bruno van Dooren

Symantec can cause valid applications to crash and be gone without a trace

application control (how implement)

21 Nov 2013 by Richard MacCutchan

Look at some of these links[^]. There are many ways of restricting your systems by the security policies in Windows.

How do I monitor the exact activity of a process

23 Jul 2016 by Richard MacCutchan

If you are very inexperienced then it is unlikely you will be able to succeed with such a project. Antivirus Monitors and similar applications are quite complex, and you would need to have a very good understanding of the internal workings of the Operating System (Windows, Linux etc.) that you...

How to quarantine a file in VB.NET

11 Aug 2017 by Patrice T

Quote: which would quarantine the file in the path in a textbox how could I quarantine the file to make it non harmful? There is not such standard concept. A quarantine zone is only your design as AV creator. It is a place in your HDD that you create for your AV and that name 'Quarantine' and...

How to quarantine a file in VB.NET

11 Aug 2017 by Maciej Los

I'd strongly recommend to read past answers[^]. This is not an easy job.

How to move file VB.NET

20 Aug 2017 by OriginalGriff

When you move a file, you need to specify a whole destination file name, not just a folder. For example: File.Move(label1.Text, Path.Combine(quarantinePath, Path.GetFileName(label1.Text))) Always use Path.Combine instead of concatenation - it sorts out trailing backslashes for you. But ... the...

How can I quarantine a virus file in VB.NET

20 Aug 2017 by OriginalGriff

For goodness sake. Listen to what people tell you: How to move file VB.NET[^] Don't concatenate strings to for your path: use Path.Combine without "&". Don't store files you believe contain malicious code under your app path. The more I read of your questions, the less likely I am to ever use...

How can I quarantine a virus file in VB.NET

20 Aug 2017 by Patrice T

You are continuously asking questions around quarantine, you are just changing the details. Quote: how i could make a quarantine and quarantine the file in vb.net any techniques. You have already been told that a quarantine is your design, you put it where you want, what you do with the files...

How to make a virus database? For VB.NET

3 Nov 2017 by OriginalGriff

Um. You don't. There are problems here, and the first one is the assumption that "a list of virus sha1 hashes" is going to be useful to you - it isn't. SHA1 Hashes - like all other hashes - are a number which is generated from a block of data, and you can't identify a virus by using an SHA1 hash...

Example of using yara rule in C++

11 Oct 2020 by Richard MacCutchan

Complete information on using this library in C/C++ are provided at The C API — yara 4.0.2 documentation[^]. If you have a specific issue with your code then you need to provide the code and the details of the problem.

Which Anti-Malware Can I Get ?

6 Mar 2014 by Sergey Alexandrovich Kryukov

This is off-topic. A literate user of system does not need anti-malware.—SA

How do I unlock a BitDefender locked PC that won't let me enter my PIN?

9 Mar 2014 by OriginalGriff

If the caps and numlock lights are flashing repeatedly, that is often an indicator that some testing has failed - it may be as simple as a duff battery, or as complex as a CPU failure. Start with your hardware manufacturers site and see what they say: quite often the "blink rate" spells out the...

What is the best solution for trace a running process?

10 Jun 2014 by hassan_sayfi69

I want to monitor all of the behavior of a running process, such as all API call that request from the OS.

My Pendrive Showing Data But Not Able To Open It, For Eg If I Try To Open An Image It Tells That The File Might Be Damaged

4 Aug 2014 by Kapilkp

My pendrive showing data but not able to open it, for eg if i try to open an image it tells that the file might be damaged and i deleted a movie of 900 MB the movie is deleted but the space is the same when there was the deleted movie please help me

How Do I Update My Mcaffee?

3 Sep 2014 by thatraja

Member 10965809 wrote:my antivirus subscription is active...but when i put any pendrive in my lap windows 8.1it shows no action required within a fraction of seconds....im worried that this might be a problem...can somebody tell whether i can update mcaffee for free of cost...Contact...

Antivirus deleting my client application

16 Nov 2014 by Bond487

I am developing Server Based application using C#. Its name is Travrays.exe. Still now I don't have aware of antivirus blocking. Now I went to release stage. Now my application spreading to clients one by one. When my client install Travrays.exe(setup.exe) application file gets deleted by...

Antivirus deleting my client application

16 Nov 2014 by OriginalGriff

If all else fails, talk to the AV manufacturers - explain your problem and they might help you.But it's very likely that you app is doing something naughty, that the AV software is considering as "virus like behaviour". What, we can't tell.

Anybody know how antivirus programs implement access control to files?

8 Feb 2015 by thorssig

Antivirus programs such as Comodo Internet Security have extremely cool access control to files based on program access.I'm particularly interested in how they interrupt access to files, provide a pop-up asking the user to confirm and then allow/deny access to files based on his reply.Any...

Anybody know how antivirus programs implement access control to files?

8 Feb 2015 by Frankie-C

AV software make use many different systems, some of system hooks, rootkits (i.e. kaspersky) and AV API's form MS for office products.If you want take a closer look check clamwin that is an open source AV under GNU license.About hooking there are some excellent articles here like EasyHook.

ClamAV OpenSSl Dependecny

6 Apr 2015 by RajneeshSaysHello

i have not thoroughly studied the clamAV source code, while doing so i found that openssl dependecny has been introduced in clamAV, i would like to know what does that mean in contrast to clamav software and any other software that says so.Does that mean that clamav code is encrypted in some...

Do you know any harmless virus or exe file...

4 Nov 2015 by Member 12114427

Hello, I have a project where I have to erase a virus from an exe file but i don't know how to do a file that copies itself o inserts itself into another file.Could help to do it? or do you have a harmless file that can do that so I can test my project?

Do you know any harmless virus or exe file...

4 Nov 2015 by Patrice T

I fear the answer is definitely NO.You are unlikely to find a course for Hacker 101 here, but I may be wrong.You know that even AV companies are accused to release new viruses in the wild from time to time just to maintain their business. And god know that they are also reputed for their...

How do I monitor the exact activity of a process

23 Jul 2016 by Member 12649871

I wanted to make an anti-adware. I have a very good idea on how is it going to work but I'm having some problems monitoring what another process is doing. I want to know if something is injecting a thread (and know exactly which process it is injecting into) and if it is doing something to the...

Make anti virus program for windos

12 Feb 2017 by Patrice T

First of all, the question is so large that an answer don't fit here, the answer would need books.The simple fact that you have to ask this way, tells us that you don't have the skills yet. Note that companies making AV are using hundred of fully skilled engineers.Quote:i have no knowledge...

How to make a quarantine and quarantine a file in VB.NET

16 Aug 2017 by Patrice T

Quote: How to make a quarantine and quarantine a file in VB.NET Quarantine do not exist, it is only your naming, your design. So 'quarantine a file' is only 'move a file' to the place you have chosen. Quote: Ive tried the file.encrypt method ect but i want a better method that will cover all...

Whats wrong with my filesystem watcher code VB.NET

19 Aug 2017 by RickZeeland

You probably need to use Invoke, as it is not permitted to change the UI controls from another thread, see: Control.Invoke Method (Delegate, Object[]) (System.Windows.Forms)[^] And the answer here: invoke in other class[^] Here is an example, for a function without parameters, and also for a...

How to make a virus database? For VB.NET

3 Nov 2017 by OfficalCodexPH

Hi everyone i was wondering how i can make a virus database all i need to know is how to make a virus database with one virus and i can figure out the rest.(i have a list of virus sha1 hashes and names (e.g.Trojen horse)) So how do i make this sort of db and also how do i connect it to vb.net,...

How can I trigger a script to perform a virus scan after checking out files into the working copy of a git repository?

11 Jul 2018 by Dar Brett

The context here is that we have some very large code bases split into thousands of files, the default setup is that real time virus scanning is enforced on all systems. The real time scanning easily balloons out builds to take several minutes in some cases rather than less than a minute when...

Firewall security / proxy server.

4 Dec 2019 by Richard MacCutchan

You need to complain to the people who sold you those products. But this is really not the right place for your question. Google will find you better commercial products which you can evaluate for yourself.

Example of using yara rule in C++

11 Oct 2020 by Member 14961343

I've been reading the documentation and another one documentation2, but I am still find it is hard to implement a code that scans a file with exisiting yara rule in C++. The documentation doesn't show any good example of it. What I have tried: ...

How do I find out why MS defender finds a virus signature in my compiled exe

14 Sep 2021 by OriginalGriff

We can't say, and wouldn't if we could - and probably MS won;t either, as that could help virus writers to bypass the checks. However if you talk to them, they may be able to accept a sample project and EXE file from you and do more advanced...

How do I find out why MS defender finds a virus signature in my compiled exe

14 Sep 2021 by steveb

Some windowless apps, which are not services, are thrown into this category. Quiet easy to determine: Has WinMain entry but does not have CreateWindow() calls.

How do I execute a systemctl command to start clamav from a Python script from inside a docker container.

5 Apr 2023 by Apurva Kunkulol

Description: I have a simple Python script that tries to check whether ClamAV is "inactive" in the container and if it is then it attempts to start it using import os os.popen("systemctl start...

Automated PE32 Threat Classification using Import Table and Deep Neural Networks

13 Feb 2020 by Visweswaran N

In this research, we are going to prove that Import Address Table is very helpful in classifying a malware.

artificial-intelligence

application control (how implement)

21 Nov 2013 by ali64iust

hello dearsour team want to implement an application control.i have some question.we have some white list that if an application was in thatlist can run in a system and other application should not run anywhere.our goal is to prevent application to create process. for example...

Signature based scanner requirements for an antivirus

27 Jun 2015 by Frankie-C

I think that it is a good starting point :)Unfortunately every day there is a something new...I suggest you to have a look to Clam Antivirus[^], it is an open source multiplatform antivirus project.Then google and read security news (i.e. you may want look this[^]).

How to release a file from open file dialog VB.NET

18 Aug 2017 by User 11060979

I'm very sorry for this but.... Quote: am making an anti virus with realtime protection ... then releasing a file resp. handling it in the right way should be very Basic stuff for you.

How do I unlock a BitDefender locked PC that won't let me enter my PIN?

9 Mar 2014 by Wags

Restoring from the latest Restore point got rid of it.There's nothing wrong with the laptop......apart from the battery being knackered. Perhaps it is failing a POST failure(?) Thanks for the suggestion OriginalGriff.This problem BitDefender problem appears to be quite common (from a...

Signature based scanner requirements for an antivirus

26 Jun 2015 by Shahzad Mirza

I am making an antivirus by using the signature based malware analysis technique. There are some points which I am going to include in my signature based scanner that how this scanner will work. I am going to write this program in C#.NET.1. The scanner will scan by hashing the file and...

Whats wrong with my filesystem watcher code VB.NET

5 Jun 2018 by Helpmecodeplz

when my file system watcher detects a virus a dialog shows but when i click the delete file option it says its open in my program but in the filesystem watcher when i add the openfiledialog.Dispose function it doesnt show my dialog so heres the code can somone provide a fix? code below. ...

How to release a file from open file dialog VB.NET

18 Aug 2017 by Helpmecodeplz

i am making an anti virus with realtime protection and it has an open file dialog and a form that opens when a virus found by a file system watcher is found and when it opens the dialog when i click the delete button it says file is open in this program e.g in the open file dialog so how do i...

How to move file VB.NET

20 Aug 2017 by Helpmecodeplz

im making a antivirus and with real time scanning a dialog shows when a virus is found but when i click quarantine its suppost to move the file to a folder ect but System.IO.File.Move(Label1.Text, Application.StartupPath & "\Quarantine\") isnt working and the directory does exist btw nothing...

How can I quarantine a virus file in VB.NET

20 Aug 2017 by Helpmecodeplz

Hello I'm making an antivirus tool in vb.net and i was wondering if anyone had any code or could talk me through how i could make a quarantine and quarantine the file in vb.net any techniques. ive tried moving the file from one destination to another but not sure what i should do from then. ...

How do I unlock a BitDefender locked PC that won't let me enter my PIN?

9 Mar 2014 by Wags

I have BitDefender 2013 running on a Windows 7 64-bit laptop.When I reboot I just get a prompt for my PIN but I typing the PIN has no effect (i.w.no characters appear and pressing enter produces no response).The keyboard is built-in - not wireless. (BitDefender warns that there could be...

How Do I Update My Mcaffee?

24 Jul 2014 by Member 10965809

my antivirus subscription is active...but when i put any pendrive in my lap windows 8.1it shows no action required within a fraction of seconds....im worried that this might be a problem...can somebody tell whether i can update mcaffee for free of cost...suggest sum good antivirus...

How can I limit a programs access to memory? (For a final)

25 Apr 2015 by Adam Katav

Hello, I need to start thinking about a final project for school. It basically can be any program complicated enough.I thought about making an antivirus (a lame one) so I need to know what will I need to know in order to make it.And I think I should start with a sandbox. So, how can I limit...

How to make the exe as reliable for Antivirus

3 Sep 2015 by KUMPREK

I am having a exe which is doing nothing but performing some data validation checks from some DB. But when I hosted the exe on a central VM on IIS and used the http link to download, antivirus (Symantec) blocks and deletes the file saying "the file is not allowed because it is used by too few...

How to delete a file thats open in another program VB.NET

11 Aug 2017 by Brandon Williams

Im trying to make an anti virus program and it has real time protection when it detects a virus a dialog pops up and in a label it shows the virus file path and i want to delete the file but when i try using the file.delete method but i get this message: this file is open in another program (its...

How do I find out why MS defender finds a virus signature in my compiled exe

14 Sep 2021 by Jan Heckman

Twice in a short time I got a false alarm, which costs me (down)time. Once I could deduce that a dropbox link (containing the string eqh9vf7y23mta2w) was the cause, in the other case I have no idea at all. The threats were deemed severe, so the...