Register and join over 40,000 other developers!
Recent Topics
-
Tekken 7
IsrealJones - Mar 22 2021 07:21 AM
-
The Game You Are Waiting For?
WendellHarper - Dec 06 2020 01:21 PM
-
Quora and Reddit Backlinks
WendellHarper - Dec 06 2020 01:14 PM
-
Delete account
pindo - Jul 23 2020 01:33 AM
-
New to the community
iwinx - Jul 17 2020 12:02 PM
Recent Blog Entries
Recent Status Updates
Popular Tags
- networking
- Managed C++
- stream
- console
- database
- authentication
- Visual Basic 4 / 5 / 6
- session
- Connection
- asp.net
- import
- syntax
- hardware
- html5
- array
- mysql
- java
- php
- c++
- string
- C#
- html
- loop
- timer
- jquery
- ajax
- javascript
- programming
- android
- css
- assembly
- c
- form
- vb.net
- xml
- linked list
- login
- encryption
- pseudocode
- calculator
- sql
- python
- setup
- help
- game
- combobox
- binary
- hello world
- grid
- innerHTML

17 replies to this topic
#1
Posted 18 April 2012 - 02:22 PM
I have a MD5 code for creating signatures for some user input but what I want is to search local disk or full computer for viruses with MD5 to compare those signatures with signatures in txt database...How can I do that search? Is there any tutorial or can someone give me a code?
Microsoft Student Partner, Microsoft Certified Professional
#2
Posted 18 April 2012 - 02:28 PM
That sounds like a really bad idea. Let me explain my reasoning:
Let's say your signatures is 12345. If you have a 2Mb file, you have to hash 5 characters around 2 million times, rather than just looking for the five characters. Which do you think will be more efficient?
Let's say your signatures is 12345. If you have a 2Mb file, you have to hash 5 characters around 2 million times, rather than just looking for the five characters. Which do you think will be more efficient?
Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog
My MineCraft server site: http://banishedwings.enjin.com/
#3
Posted 18 April 2012 - 03:07 PM
and what do you suggest? which type of alghoritm will be good
Microsoft Student Partner, Microsoft Certified Professional
#4
Posted 18 April 2012 - 09:00 PM
I don't think you can use MD5 hash to find virii signatures. Virii signatures are not the same with file signatures. Virus signature is there so the virus code can avoid reinfect already infected file.
Virii can place themselves in arbitrary location in infected file. Therefore if you want to find virii using MD5 hash, you have to MD5 hash the file multiple times, perhaps as many as the file size minus the size of the virus. Very ineffective and time consuming. Not too mention that the longer you hold a file, the more the possibility you will collide with another process/activity that need access to the file.
For this, the good algorithm is by directly searching the virus signature in the examined file.
Virii can place themselves in arbitrary location in infected file. Therefore if you want to find virii using MD5 hash, you have to MD5 hash the file multiple times, perhaps as many as the file size minus the size of the virus. Very ineffective and time consuming. Not too mention that the longer you hold a file, the more the possibility you will collide with another process/activity that need access to the file.
For this, the good algorithm is by directly searching the virus signature in the examined file.
#5
Posted 18 April 2012 - 11:42 PM
and with wich algorithm I can do that?
Microsoft Student Partner, Microsoft Certified Professional
#6
Posted 19 April 2012 - 12:03 AM
You don't need fancy algorithm for this. Open the file as stream of bytes, then inspect the bytes to see if any virii signatures found within it. Similar like you would to find a certain substring from a larger string of characters.
#7
Posted 19 April 2012 - 04:41 AM
finding viruses using the file signatures or the MD5 of it was the old method used by anti virus to find and detect viruses.. they call it "Signature-Base Detection" You can use this method in creating a simple and lightweight antivirus if you wish so, however there are several new viruses that doesn't have signature yet or not yet known.. Why not try to research about Heuristics Analysis?
Life has no CTRL+Z
Never Forget To HIT "LIKE" If I Helped
Never Forget To HIT "LIKE" If I Helped
#8
Posted 19 April 2012 - 07:29 AM
http://msdn.microsoft.com/en-us/library/ms228630%28v=VS.80%29.aspxand what do you suggest? which type of alghoritm will be good
Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog
My MineCraft server site: http://banishedwings.enjin.com/
#9
Posted 19 April 2012 - 11:50 AM
finding viruses using the file signatures or the MD5 of it was the old method used by anti virus to find and detect viruses.. they call it "Signature-Base Detection" You can use this method in creating a simple and lightweight antivirus if you wish so, however there are several new viruses that doesn't have signature yet or not yet known.. Why not try to research about Heuristics Analysis?
I was trying with Heuristic Algorithms but I was not able to find any code example in any language. Neither C/C++ nor .NET. I'm searching for that algorithm for about half a year :/
Microsoft Student Partner, Microsoft Certified Professional
#10
Posted 19 April 2012 - 01:52 PM
is this book good for beggining http://www.cs.nott.a...pdf/cag-phd.pdf
Microsoft Student Partner, Microsoft Certified Professional
#11
Posted 19 April 2012 - 02:20 PM
is this book good for beggining http://www.cs.nott.a...pdf/cag-phd.pdf
yes try to read that ebook I think it would be a good book as I scan it.. for heuristic analysis.. you must have something like a "Virtual Machine" to run a program and analyze what it does..

Life has no CTRL+Z
Never Forget To HIT "LIKE" If I Helped
Never Forget To HIT "LIKE" If I Helped
#12
Posted 19 April 2012 - 02:36 PM
it's fascinating for me that whenever i want to find something on google i can't find and when i search something randomly then i find what i was trying to find before

Microsoft Student Partner, Microsoft Certified Professional
Also tagged with one or more of these keywords: md5
Language Forums →
Python →
md5 hash/digest and sprintfStarted by kimbo, 09 Jan 2013 ![]() |
|
![]() |
||
Language Forums →
C# →
[C#] Password + Md5 Generator.Started by MuStA, 10 Jun 2012 ![]() |
|
![]() |
||
Language Forums →
PHP →
Password variable not working with md5Started by alex1, 23 May 2012 ![]() |
|
![]() |
||
Tutorial Forums →
C# Tutorials →
Using .NET Framework, to Generate MD5 HashesStarted by sam_coder, 13 Dec 2010 ![]() |
|
![]() |
||
General Forums →
General Programming →
md5 and filesStarted by baldgrapeape, 20 Oct 2010 ![]() |
|
![]() |
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download