Hi to all!
I have a task to write my own antivirus system (with using of heuristic analysis). The main part is simple: antivirus provides access to virtual files for running application (maybe virus), which works with these files as if they are real. After this antivirus notify what running application attempted to do. I have BoxedApp SDK for emulation of a file system and registry. But antivirus may be more effective and flexible if there are additional tools for recognition of viruses. Who have an idea?
Thank you, sherlynjames! Similar advice I received from colleagues. Now we are trying to implement it. But so far no success. There are some circumstances that make running of antivirus online unacceptable.