Unveiling of Epsilon Anti-Virus

Pages: 123... 10
Hi,

Today I am unveiling my AV I programmed from scratch. It includes User-Mode Scanning, Kernel Mode Scanning and a unique feature present in no AV until this day a MBR scanning module which operates from Boot Record in order to check for Malware alerts, my AV uses heuristics to scan, it has two protection features -

Complete Hook on system from User-mode till MBR
Elevation

These completely deny access to the AV thus protecting the AV. The AV project was programmed for around 10 months, it was programmed in VS2012 Ultimate.

I present to you Epsilon Anti-Virus solution, it is free of cost and it can compete with Commercial AV solutions. In fact it can remove few Malwares even AVG cannot. Apart from that the AV has a fantastic new feature dubbed "Network" which allows a Network Administrators to change AV setting on all Computers with Network feature enabled properly. This means there is no large operation to change AV settings. It is click'n go.
The User Interface is also designed to be beautiful and encourage the user to explore it. It is designed to be used by Computer Newbies till Computer Experts.

Epsilon Anti-Virus solution can also block infamous Malwares like:

[-] ZeuS
[-] Spy Eye
[-] Citadel
[-] Andromeda
[-] And More!

Epsilon Anti-Virus solution starts up before the OS even runs therefore can prevent Malwares which operate and subvert the windows kernel.

I am not going to reveal much of the Screen-Shots but here is the main panel, it is metro theme I will release more screen shots but tell me how you feel about this project:

http://i.imgur.com/h8ML2Zg.png

Tell me about it I will be posting more screen shots through this thread life-time.
Thanks!
Last edited on
MBR scan?
Too risky to be actually tried from someone who knows what MBR means.
closed account (z05DSL3A)
"You can't trust water: Even a straight stick turns crooked in it." W. C. Fields
closed account (S6k9GNh0)
Just what I needed! Another AV program!
Hope it's Linux compatible.
Last edited on
closed account (1yR4jE8b)
MBR scanning
starts up before the OS even runs
Complete Hook on system from User-mode till MBR

Nope, not shady at all.

In fact it can remove few Malwares even AVG cannot.

That's not saying much.

it can compete with Commercial AV solutions

Somehow I doubt that.
Last edited on
Oh well...
http://www.cplusplus.com/forum/windows/109155/
A bit more trust.
Last edited on
@computerquip

Your funny
In my experience... AV programs are as bad as (or worse than) any virus.
Let's see...
Runs on startup
Has access to personal files, cache and cookies
Has access to all running processes
Slows system down

Well kinda :p

But who knows, maybe the bigger AV's have just been poorly made and this one is faster, who knows.
SpaceWorm wrote:
I am creating a MBR based persistence module for AV therefore I can prevent Malware from removing the AV from system, that way if the AV is removed the system will boot up simple persisting back to original state again.

What if the virus is a boot sector virus? Bam, AV is gone.
If, most of you don't believe it fine it is up to you right. Not my problem I am just showing what I am doing besides I am not selling it, next if you don't want it don't comment simple,

Also chrisname, you are right but as I said there are other modes of security back-up, kernel - user-mode, these can remove those type infections aside that we can easily put persistence modules on the MBR. Next there are not many Boot Sector Viruses which work on Windows 7 - till Windows XP although there are lots most of them are Old-School, and only work on MS-DOS which was created about 10+ years ago. I know the MBR remained the same for all those years but for some unknown reason not many MBR level rootkits are hitting the Malware Market except from the few famous one:
Carberp (Which is now public so expect more MBR kits in future)
Sinowal (Again being Decompiled and reversed to get source code)

Next, I am not Black-Hat check my threads, in-fact I am a White-Hat. If someone doubts, it okay it is natural to someone have doubts but my previous thread which EssGeEich posted was trying to protect a file rather than scan it. Apart from that I am not trying to "infect" people because it seems like you all think that. Next everyone seems not be huge fan of AV development, if so does none of you not even have a AV.

Look I am not, here to infect and mess around I am just showing you my creation that's all.
Beside darkestfirhgt are you incapable of research or what, all AV place hooks on the system to protect themselves and help detect Malware on system. Apart from that Mcfee has MBR level protection as well:
http://www.mcafee.com/uk/solutions/mcafee-deepsafe.aspx

So you cannot really complain saying it is crap and not possible.
Last edited on
Look I am not, here to infect and mess around I am just showing you my creation that's all.

Post its source code in an article, to be scrutinized and enjoyed by others. That's why you're here, posting this thread on a programmer forum, right? Otherwise you'd be on a security forum instead.

And I must say, Epsilon is a very nice name, although I've always been partial to Upsilon.
Yeah, true BUT i am proud of it that's all.

Next, I do like Epsilson and now that you introduced me to Upsilon I like it as well becuase both remind me of something futuristic , I know weird right but its me.
I don't always think like this...
But you should avoid posting source codes of such things, who used a lot of your time.
Not right now maybe. You should do it at a second time, when the AV is already running around.
Last edited on
Agreed, any way what do you think of the GUI until now?
closed account (jwkNwA7f)
I like the GUI. It appears easy to use. I think you did a good job w/ the program.
Why not make a video of the program running and post it on youtube?
closed account (jwkNwA7f)
Yeah, I would like to see it work.
EssGeEich wrote:
But you should avoid posting source codes of such things, who used a lot of your time.
Why? All this does is slow down society - there are others who could benefit from reading your source code sooner than later. Unless this is a commercial work, what point does he have to keeping the source private?
@LB: Virus exploits: A virus developer may easily spot a flaw in the antivirus and take advantage of it.

And I didn't say completely private, I said he should "delay releasing".

Tags: Gabe Newell Half Life 3
Pages: 123... 10