Scanning mechanism, More in the manual | Unisar 1.24.1867 manual

The scanning mechanism

Description and	03
features

Chapter 3. The scanning mechanism

The central part of BitDefender Antivirus Scanner for Unices consists of the BitDefender architecture-independent scanning engines. These are specialized data analysis routines and malware signature definitions, since many viruses can be identified upon a distinctive code pattern. The BitDefender Antivirus engine database includes over 250000 different malware signatures, at the moment of this writing, and the number constantly increases every few hours.

For identifying the unknown viruses, the engines can perform the heuristic analysis, searching for several features characterizing the viruses.

The objects to be scanned can be directories or regular files, provided as command line parameters. After the object is eventually deployed in a temporary file, the engines are asked to start the scanning process.

Using the powerful engines, the object is unpacked, if needed, and scanned. The scanning result is sent back to bdscan, which will further notify the user and will try to apply the desired action. The action can be one of the following, triggered with --actioncommand line option.

•Disinfect. BitDefender will try to disinfect the object, by removing the infected or suspected part. The action can fail sometimes.

•Quarantine. The object will be moved from its original location to a secured directory, the quarantine.

•Delete. The object will be simply removed from the filesystem.

•Ignore. Even if infected objects are found, BitDefender will just report them and no action will be performed.

By default, bdscan will scan inside archives, inside mail boxes and inside packed programs. If this behavior is not desirable, there are command line options to disable them selectively --no-archive,--no-mail and --no-pack, respectively.

If the scanning path is a directory, bdscan will descend recursively in sub-directories and scan the files found. The recursion depth can be specified in command line or can be entirely disabled.

More in the manual page

You can find more about the supported command line options in bdscan(8) manual page.

25

Image 25

Unisar 1.24.1867 Scanning mechanism, More in the manual

Contents

Users Guide Users Guide As every cat owner knows, nobody owns a cat BitDefender Antivirus Scanner for Unices Table of Contents Configuration file Testing BitDefender UninstallReal life usage BitDefender integration Frequently Asked Questions Support UpdatesProduct registration Best practices BitDefender Antivirus Scanner for Unices Viii End User Software License Agreement End User Software License Agreement End User Software License Agreement Xii Conventions used in this book PrefaceTypographical conventions Admonitions Command Book structure Request for Comments Description and features Description and features Overview Why BitDefender? Data Security Division Softwin Description BitDefender Antivirus Scanner for Unices Product features Key Features More in the manual Scanning mechanism Features Installation Installation System requirements PrerequisitesHardware system requirements Software system requirements Package naming conventionLinux convention Linux requirements FreeBSD convention Installation Test the package for integrity Package installationTest the rpm and deb packages Test the FreeBSD tbz package Test the self-extractable archive Install the rpm package Install the packageInstall the deb package Install the self-extractable archive Additional parameters Install the FreeBSD package Installer Configures the quarantine directory Uninstall the rpm package UninstallUninstall the deb package Uninstall using the self-extractable archive Uninstall a package downloaded locally Uninstall the FreeBSD packageUninstall from the ports collection Using BitDefender Using BitDefender System versus User configuration Configuration file Key Description More about triggered update Regular users and quarantine Using07 BitDefender Product registration Using BitDefender Scan an executable file Testing BitDefenderEicar online resources Scan an archive Command output will be the following Scan a mailbox Tmp/mail.mbox Virus scanning Real life usageScan a regular file Scan a directory Scan the entire system Actions on archives Scan the archives Scan the mailbox Report Using the log file Display the virus list Get more information Display the product version Virus submission BitDefender integration Midnight CommanderDesktop integration KDE Konqueror Different installation pathDo not break the last line Action on file in Konqueror Krusader Krusaders User Actions ROX-Filer Pine Information Center Pine This is how the screen should look like What to do with infected emails Exit Status Interval 1,254 BitDefender pipe bdscanpipe Evolution KMail Filter actions in KMail Server integration MailScanner installation Qmail-Scanner installationMailScanner Change it to the following form Amavisd-new Amavisd-new installation Using Triggered update UpdatesRun the triggered update Regular updates Edit the cron table Http proxy Manual update Order to extract the updates Trial License License for home or personal use Product registrationCheck the expiration date License for commercial use Best practices Best practices Getting help Getting help Frequently Asked Questions Getting help Support department SupportBitDefender Knowledge Base Web addresses Contact informationAddress Softwin GmbH BitDefender LLC Romania Getting help Manual Pages Manual Pages Description SynopsisOptions Manual Pages Actions Files Examples See also Bugs Manual Pages Glossary Cookie Command lineDisk drive Download False positive EventsFilename extension Heuristic Mail client Macro virusNon-heuristic Packed programs Report file PortScript Startup items Virus UpdateVirus definition Worm