Solve : Batch Antivirus---is this possible??

1.	Solve : Batch Antivirus---is this possible??
Answer» I had done a little bit of batch programming, and I suddenly thought if it was possible to make an antivirus using batch programming. Is this possible for batch? Thanks for any help You won't make an on-access AV using batch. Batch alone won't work for a file scanner AV either - you'd need to use external tools or VBS/Jscript/Powershell to help. The best you could hope for is to have a virus definition database and then compare the files to look for the definitions and move them to a holding folder, but it would be slow also. McAfee wrote an AV file scanner for Dos back in the dark ages called Scan. Quote from: foxidrive on August 13, 2013, 07:00:39 AM The best you could hope for is to have a virus definition database and then compare the files to look for the definitions You'd need to open the files in binary mode, and you'd need something non-batch for that, and you might as well speed up the database operations with something designed for the job, and you need to download new definitions every so often (another compiled program), so you'd end up with a bunch of compiled programs being co-ordinated by a batch script, at which point it would become much more sensible to ditch the batch script. Oh I see. Thank you for the help. I just enrolled in a C++ online school last week. I might do the AV stuff using C++ in the future...now I'm just learning the basics of C++.Not to scare you away from making an antivirus as a C++ project since maybe you could, but I have been working with C++ for the last 15 years as one of my choice computer languages to program in and I took in college ... Intro to C++, Intermediate C++, and Advanced C++. As a beginner with C++ if you have never worked with programming in any other languages, I would suggest not just doing the course work assigned, but constantly explore and try to stay 1 chapter ahead of wherever the class is at and make small programs even if they are as simple as a conversion program, or text based game of some kind to exercise your mind and strengthen your skills. In C++ as a beginner depending on what development tool you are using, your most likely going to start simple with console programming which is basically programs that when executed they run in a command shell window unless the course is jumping directly into programming for Windows using Visual Studio Express 2010 or 2012 etc. A good suggestion for a project for C++ and not be in way over your head will be to make a video game, unless your skills with C++ are so well that you want something more challenging and want to take the risk of not having the project completed in time for the deadline at the end of the semester. My final project for Intro to C++ was a game called SIC BO which is a gambling game. http://en.wikipedia.org/wiki/Sic_bo I decided to program this game for C++ because it was one of my favorite games at Casino's that host it. And it was more advanced than Blackjack or Poker with all the logic involved to make it work, and at the time there was no video game version of it for free on the internet. For graphics it was all text based and the biggest challenge was squeezing all the information in the limited lines and width of a command shell in ASCII text into the viewable user console shell window, since the Intro C++ course pretty much covered the basics and the most advanced the course had gotten was passing values to arrays and Local and Global Variables as well as the many ways to structure the program within the different loop types since GOTO's will get you scolded as bad programming and myself coming from Basic to C++, I had to break the GOTO habit and force myself to place everything within loops. Areas that were not taught as a part of Intro to C++ but I had to implement in my game were String Compare http://www.cplusplus.com/reference/string/string/compare/ and adding sound with beep function http://stackoverflow.com/questions/4060601/make-sounds-beep-with-c as well as reading and writing the game data to text file so that the game state could be saved and loaded back up vs always having to start the game fresh with these open/close read/write functions as example here: http://www.cplusplus.com/doc/tutorial/files/ Lastly, I would like to state that the hardest part of making an antivirus program is because you need a vast database of information to go by to detect if something is good from bad, and so while even if you did write an antivirus in C++, you still need a larger piece of the puzzle to make it work and the definitions are not open source to implement into your antivirus. The fact of the matter is that probably the closest you can get to making an antivirus at the Intro to C++ level would be to make a C++ program that knows how a text file should be structured, and can detect differences between how it is and how it should be through comparison between two arrays with an incremental counter++ to compare for all text characters including spaces between what it should be and what it is, which would be more like a File Integrity Checksum Verification vs an antivirus, but only comparing ascii characters instead of going as advanced as to implement MD5 or SHA-1 hash values. Quote The File Checksum Integrity Verifier (FCIV) utility can generate MD5 or SHA-1 hash values for files to compare the values against a known good value. FCIV can compare hash values to make sure that the files have not been changed. * I would suggest sticking to easier PROJECTS for the course and work on something like this on the side if your determined to make an antivirus. Once a long time ago I tried to make my own AI using GW-Basic. I thought at 11 years old that it should be not too hard to program the computer to respond just as I would respond to questions. A couple weeks into the project and many many hours into it I soon realized that I could not account for every combination possible for every question that could have been asked and to populate my programming with every response that I would respond with. I also learned later on when getting into algorithms realized just how complicated AI is! http://en.wikipedia.org/wiki/Artificial_intelligence ... but for me I thought at 11 years old that I could make it happen with many many logic conditions IF this THEN that ELSE something else etc, and I soon realized it was beyond what I could program up myself as well as beyond what my computer could store since the amount of STORAGE needed was infinite to account for every question that could ever be asked and answred and even if I programmed it every second of my life, it still wouldnt be complete to be an exact copy of my mind in an AI form. AND, the other problem was that the more I added in hard coded responses to questions the slower my program executed because later on I learned that FLAT linear logic is VERY SLOW when there are lots of data as for if you had a list of 200 responses to questions and a reponse was # 199 of the 200 that were programmed, it would have to test the input with that of the value of each IF statement before it got to #199 to find a match and THEN print to the display the predefined response. Real AI is best with a Database backbone in which instead of starting at the beginning of the database in search for the response the database such as mySQL could be used to display the response in less than a second similar to a search engine on the internet vs taking seconds, minutes, hours, or days to get to the correct response for the answer since it has to test every single piece of data until it finds the correct piece that is linked to the desired output reponse for the AI. So I gave up a long time ago on making my own AI and I leave it up to IBM with the Watson project http://www-03.ibm.com/innovation/us/watson/ As far as developement tools for C++ go. I have seen TEACHERS using Bloodshed Dev C++ as well as Visual Studio Express edition of C++ to instruct with. I have helped a number of people with C++ recently and this is what the teacher/professor's are using, however you should use whatever the teacher wants you to use to get the best support from the teacher. When I learned C++ for the first time in 1998 the teacher suggested everyone who wanted to program and test there programs at home to buy Microsoft Visual C++ 6.0 Standard for $350. I didnt have that kind of money to spend and wanted to be able to debug my programs at home, and I got extremely lucky by accident in a mall to find a deal for Borland C++ 5.02 Programming Starter Kit for $8 on clearance at a Walden Book Store which also has Walden software in a clearance section and bought that instead. http://www.amazon.com/Borland-5-02-Programming-Starter-Kit/dp/1575955377 I ended up getting by very well with this Borland C++ 5.02 however there were some differences that I had to work around such as adding or removing the .h to #INCLUDE or #INCLUDE to get it to compile and not tell me that I had like 403 errors in the debugger.If one really wants to do a major project, you start at two opposing ends. At one end is the "Top Down Approach" where you identify the scope of the problem and outline. a general specification. The other extreme is the "Bottom Up Approach" where you find the raw details of how hard parts of the problem must be resolved. You an have two teams take each one of the methods. Later they compare notes to see if the project is feasible. If not, back to square one. The point here is that you can spend too much time at one extreme or the other and not even get near the deadline. The team may discover specific solutions to problems that others had not found. Or they could just waste time re-inventing the wheel. I like the team approach of deciding whether a concept is doable or a thorough waste of time...Quote from: DaveLembke on August 14, 2013, 06:11:52 PM the hardest part of making an antivirus program is because you need a vast database of information to go by to detect if something is good from bad, and so while even if you did write an antivirus in C++, you still need a larger piece of the puzzle to make it work and the definitions are not open source to implement into your antivirus. This is going to be the biggie - to create a viable antivirus application you would need to know a great deal about viruses, and the means to create and keep updated an up-to-date database of virus signatures; the coding is the least part of the task. Thanks guys for all the replies. I don't think I'm going to do AV in C++....at least not in ten years . I'm just learning the very basics of C++ now with a book and online lessons. Also Dave thanks for your suggestions. I will take mental notes on your post. Hey guys, I saw something on the internet, and it claims itself to be a batch antivirus. http://sourceforge.net/projects/batchminiav/ Does it actually have the ability to REMOVE viruses? thanks!It deletes files from the entire drive just because they are hidden. It does no checking to see if they are in fact malware. It also states that it processes the root directory - but the /s subdirectory switch is in all the DEL commands. Accordingly the batch file is suspect as an error this large should have been picked up if it was tested at all. A process that should have been over in the blink of an eye would have taken quite a number of minutes, to recurse through the entire drive a number of times. Code: [Select]OPTION6 CLS ECHO [ 6 ]: Delete suspected hidden exe files ECHO This deletes suspected hidden exe files in root directory ECHO. attrib -s -h C:\NTDETECT.COM attrib -s -h C:\autoexec.bat DEL /f /s /ah %_drive%.exe DEL /f /s /ah %_drive%.com DEL /f /s /ah %_drive%.cmd DEL /f /s /ah %_drive%.bat DEL /f /s /ah %_drive%.vbs DEL /f /s /ah %_drive%.pif DEL /f /s /ah %_drive%.vmx DEL /f /s /ah %windir%\autorun.inf DEL /f /s /ah %windir%\system32\autorun.inf Thank you foxidrive, I understand now.

Answer»

I had done a little bit of batch programming, and I suddenly thought if it was possible to make an antivirus using batch programming. Is this possible for batch?
Thanks for any help You won't make an on-access AV using batch.
Batch alone won't work for a file scanner AV either - you'd need to use external tools or VBS/Jscript/Powershell to help.

The best you could hope for is to have a virus definition database and then compare the files to look for the definitions and move them to a holding folder, but it would be slow also.

McAfee wrote an AV file scanner for Dos back in the dark ages called Scan.

Quote from: foxidrive on August 13, 2013, 07:00:39 AM

The best you could hope for is to have a virus definition database and then compare the files to look for the definitions

You'd need to open the files in binary mode, and you'd need something non-batch for that, and you might as well speed up the database operations with something designed for the job, and you need to download new definitions every so often (another compiled program), so you'd end up with a bunch of compiled programs being co-ordinated by a batch script, at which point it would become much more sensible to ditch the batch script.
Oh I see. Thank you for the help. I just enrolled in a C++ online school last week. I might do the AV stuff using C++ in the future...now I'm just learning the basics of C++.Not to scare you away from making an antivirus as a C++ project since maybe you could, but I have been working with C++ for the last 15 years as one of my choice computer languages to program in and I took in college ... Intro to C++, Intermediate C++, and Advanced C++.

As a beginner with C++ if you have never worked with programming in any other languages, I would suggest not just doing the course work assigned, but constantly explore and try to stay 1 chapter ahead of wherever the class is at and make small programs even if they are as simple as a conversion program, or text based game of some kind to exercise your mind and strengthen your skills.

In C++ as a beginner depending on what development tool you are using, your most likely going to start simple with console programming which is basically programs that when executed they run in a command shell window unless the course is jumping directly into programming for Windows using Visual Studio Express 2010 or 2012 etc.

A good suggestion for a project for C++ and not be in way over your head will be to make a video game, unless your skills with C++ are so well that you want something more challenging and want to take the risk of not having the project completed in time for the deadline at the end of the semester.

My final project for Intro to C++ was a game called SIC BO which is a gambling game. http://en.wikipedia.org/wiki/Sic_bo I decided to program this game for C++ because it was one of my favorite games at Casino's that host it. And it was more advanced than Blackjack or Poker with all the logic involved to make it work, and at the time there was no video game version of it for free on the internet.

For graphics it was all text based and the biggest challenge was squeezing all the information in the limited lines and width of a command shell in ASCII text into the viewable user console shell window, since the Intro C++ course pretty much covered the basics and the most advanced the course had gotten was passing values to arrays and Local and Global Variables as well as the many ways to structure the program within the different loop types since GOTO's will get you scolded as bad programming and myself coming from Basic to C++, I had to break the GOTO habit and force myself to place everything within loops.

Areas that were not taught as a part of Intro to C++ but I had to implement in my game were String Compare http://www.cplusplus.com/reference/string/string/compare/ and adding sound with beep function http://stackoverflow.com/questions/4060601/make-sounds-beep-with-c as well as reading and writing the game data to text file so that the game state could be saved and loaded back up vs always having to start the game fresh with these open/close read/write functions as example here: http://www.cplusplus.com/doc/tutorial/files/

Lastly, I would like to state that the hardest part of making an antivirus program is because you need a vast database of information to go by to detect if something is good from bad, and so while even if you did write an antivirus in C++, you still need a larger piece of the puzzle to make it work and the definitions are not open source to implement into your antivirus.

The fact of the matter is that probably the closest you can get to making an antivirus at the Intro to C++ level would be to make a C++ program that knows how a text file should be structured, and can detect differences between how it is and how it should be through comparison between two arrays with an incremental counter++ to compare for all text characters including spaces between what it should be and what it is, which would be more like a File Integrity Checksum Verification vs an antivirus, but only comparing ascii characters instead of going as advanced as to implement MD5 or SHA-1 hash values.

Quote

The File Checksum Integrity Verifier (FCIV) utility can generate MD5 or SHA-1 hash values for files to compare the values against a known good value. FCIV can compare hash values to make sure that the files have not been changed.

* I would suggest sticking to easier PROJECTS for the course and work on something like this on the side if your determined to make an antivirus.

Once a long time ago I tried to make my own AI using GW-Basic. I thought at 11 years old that it should be not too hard to program the computer to respond just as I would respond to questions. A couple weeks into the project and many many hours into it I soon realized that I could not account for every combination possible for every question that could have been asked and to populate my programming with every response that I would respond with. I also learned later on when getting into algorithms realized just how complicated AI is! http://en.wikipedia.org/wiki/Artificial_intelligence ... but for me I thought at 11 years old that I could make it happen with many many logic conditions IF this THEN that ELSE something else etc, and I soon realized it was beyond what I could program up myself as well as beyond what my computer could store since the amount of STORAGE needed was infinite to account for every question that could ever be asked and answred and even if I programmed it every second of my life, it still wouldnt be complete to be an exact copy of my mind in an AI form. *AND, the other problem was that the more I added in hard coded responses to questions the slower my program executed because later on I learned that FLAT linear logic is VERY SLOW when there are lots of data as for if you had a list of 200 responses to questions and a reponse was # 199 of the 200 that were programmed, it would have to test the input with that of the value of each IF statement before it got to #199 to find a match and THEN print to the display the predefined response. Real AI is best with a Database backbone in which instead of starting at the beginning of the database in search for the response the database such as mySQL could be used to display the response in less than a second similar to a search engine on the internet vs taking seconds, minutes, hours, or days to get to the correct response for the answer since it has to test every single piece of data until it finds the correct piece that is linked to the desired output reponse for the AI. So I gave up a long time ago on making my own AI and I leave it up to IBM with the Watson project http://www-03.ibm.com/innovation/us/watson/

As far as developement tools for C++ go. I have seen TEACHERS using Bloodshed Dev C++ as well as Visual Studio Express edition of C++ to instruct with. I have helped a number of people with C++ recently and this is what the teacher/professor's are using, however you should use whatever the teacher wants you to use to get the best support from the teacher.

When I learned C++ for the first time in 1998 the teacher suggested everyone who wanted to program and test there programs at home to buy Microsoft Visual C++ 6.0 Standard for $350. I didnt have that kind of money to spend and wanted to be able to debug my programs at home, and I got extremely lucky by accident in a mall to find a deal for Borland C++ 5.02 Programming Starter Kit for $8 on clearance at a Walden Book Store which also has Walden software in a clearance section and bought that instead. http://www.amazon.com/Borland-5-02-Programming-Starter-Kit/dp/1575955377

I ended up getting by very well with this Borland C++ 5.02 however there were some differences that I had to work around such as adding or removing the .h to #INCLUDE or #INCLUDE to get it to compile and not tell me that I had like 403 errors in the debugger.If one really wants to do a major project, you start at two opposing ends.

At one end is the "Top Down Approach" where you identify the scope of the problem and outline. a general specification. The other extreme is the "Bottom Up Approach" where you find the raw details of how hard parts of the problem must be resolved.
You an have two teams take each one of the methods. Later they compare notes to see if the project is feasible. If not, back to square one.

The point here is that you can spend too much time at one extreme or the other and not even get near the deadline. The team may discover specific solutions to problems that others had not found. Or they could just waste time re-inventing the wheel.
I like the team approach of deciding whether a concept is doable or a thorough waste of time...Quote from: DaveLembke on August 14, 2013, 06:11:52 PM

the hardest part of making an antivirus program is because you need a vast database of information to go by to detect if something is good from bad, and so while even if you did write an antivirus in C++, you still need a larger piece of the puzzle to make it work and the definitions are not open source to implement into your antivirus.

This is going to be the biggie - to create a viable antivirus application you would need to know a great deal about viruses, and the means to create and keep updated an up-to-date database of virus signatures; the coding is the least part of the task.

Thanks guys for all the replies. I don't think I'm going to do AV in C++....at least not in ten years . I'm just learning the very basics of C++ now with a book and online lessons. Also Dave thanks for your suggestions. I will take mental notes on your post.
Hey guys, I saw something on the internet, and it claims itself to be a batch antivirus.
http://sourceforge.net/projects/batchminiav/
Does it actually have the ability to REMOVE viruses?
thanks!It deletes files from the entire drive just because they are hidden. It does no checking to see if they are in fact malware.
It also states that it processes the root directory - but the /s subdirectory switch is in all the DEL commands.

Accordingly the batch file is suspect as an error this large should have been picked up if it was tested at all.
A process that should have been over in the blink of an eye would have taken quite a number of minutes, to recurse through the entire drive a number of times.

Code: [Select]OPTION6
CLS
ECHO [ 6 ]: Delete suspected hidden exe files
ECHO This deletes suspected hidden exe files in root directory
ECHO.
attrib -s -h C:\NTDETECT.COM
attrib -s -h C:\autoexec.bat
DEL /f /s /ah %_drive%*.exe
DEL /f /s /ah %_drive%*.com
DEL /f /s /ah %_drive%*.cmd
DEL /f /s /ah %_drive%*.bat
DEL /f /s /ah %_drive%*.vbs
DEL /f /s /ah %_drive%*.pif
DEL /f /s /ah %_drive%*.vmx
DEL /f /s /ah %windir%\autorun.inf
DEL /f /s /ah %windir%\system32\autorun.inf
Thank you foxidrive, I understand now.

Solve : Batch Antivirus---is this possible??

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment