Anti Virus | Help

Look at ClamAV (ClamWin for Windows). It is an open source A/V program so you can look at the source, learn from it, and adapt it to your needs. It is used by a lot of A/V appliances for networks.

not understanding that well, was not helpful at all

I want to make a simple and working anti virus software in Heuristic method

Unfortunately, 'simple' and 'working' don't go together in the field of anti-virus software. A working anti-virus program requires tens if not hundreds of thousands of virus signatures, and requires a comparable number of man-hours to produce. It is simply impossible for a single programmer to write one - it would take more than a lifetime to complete it, and anti-virus systems have a working lifespan measured in days or even hours.

Seriously, companies such as Symantec and McAfee are endlessly playing a game of catch-up, and are always behind, even with huge development teams working around the clock. If they can't manage it, what makes you think you can?

In 1500 people could not fly, now we go in other planets. If some people cant do that doesnt mean it is unpossible sir. but still is your opinion, Not sure if people have too much success with those things in their minds.. With the idea if other cant do what makes me think I can do.

Well I'm also developing one but on my spare time, I think the simple way would be to get signatures. First of all you will need these:
1) A software that will be able to give you the files signatures.
2) Virtual Machine.
3) All the targeted Operating Systems.
4) Database.

So you will then have to use VM to create OS instances and firstly don't install any additional software on your instances, and make sure its clean, then you will need to get a file name and its signature, then install the clean (un-infected) third party software's and get their names and signatures. Once done that then you will be set to build your working AV.

All you need to do is write a code that will try getting all the files and for each file compare the file name with the one on your database, if they match then you can get its current signature and compare it with the saved signature, it the files match but signature does not match then that's tells you that the file has been infected.

To be able to detect a new virus or suspicious file you will have to do a lot of research in hex and other possible methods of getting a files behavior, or you could also read it bytes and see if they have been modified or not. A very good example of what I mean here is that of how people hide files inside a file (hide a file/text inside an image) you can google on how to do that and that will give you an idea of how you can check the bytes if they are of original or has been edited.

Making AV is possible but it require a lot of time, strategy planning, and coding.

I personally don't believe in impossible because even the word its self says it "Im possible" if someone has made it, no matter how much time its took, how many people its took, its then possible. Those who did it separated the word "impossible" to "I'm possible" for us, so all we need to do is think, plan, research, and do.

interesting project sir. :) thanks for everything :D