This project is a Windows-based Hybrid Antivirus Prototype developed in Python. It combines Signature-Based Detection using SHA-256 hashing with Heuristic Analysis to identify malicious or suspicious files.
- ✅ Signature-Based Detection (SHA-256 hash comparison)
- ✅ Heuristic Keyword Analysis
- ✅ File Type Filtering (.py, .exe, .txt, .bat)
- ✅ Automated Quarantine System
- ✅ Timestamp-Based Logging
- ✅ Scan Summary Reporting
- main.py → CLI Interface
- scanner.py → Detection Engine
- hash_utils.py → SHA-256 Hash Generator
- quarantine.py → File Isolation System
- signatures.txt → Malware Signature Database
- The system scans files in a specified folder.
- A SHA-256 hash is generated for each file.
- The hash is compared with a known malware signature database.
- If matched → File is marked INFECTED and moved to quarantine.
- If suspicious keywords are detected → File is marked SUSPICIOUS.
- All results are logged with timestamps.
- A scan summary is displayed.
- Cannot detect unknown zero-day malware fully
- Heuristic detection is keyword-based
- No real-time background scanning
- GUI Interface
- Real-time File Monitoring
- Machine Learning-Based Detection
- Cloud Signature Updates
Prachi Tank