AntiVirus softwares and the compressed Files

Hi Experts , i'm currently developping my AntiVirus software , and i want to ask the way an antivirus software scans the Compressed files ( *.Zip , *.Rar , Upx ... ). should it decompress them into Memory , or into a predefinded directory ?. Or what should it do to Scan them .

many thanks
LVL 7
frizeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

2266180Commented:
well, you would normally use a custom stream. you will scan a stream. so you will have one procedure to scan a streamm. you then pass that a tfilesteam for file and a special stream for compressed files.
what this special stream does is provide access to uncompressed data on the fly bu without extracting the whole file into memory. it will only have for example 64 kb of uncompressed data at one given time.
it's like a pipe:
- decompressor decompresses to stream.
- special stream gets that input and makes it available for the scanner
- scanner scans it and asks fro more data
- special stream disregareds that data and reads in the next piece given by the uncompressor

not sure how to explain this better. but pipes is a good "visual" explanation :)
0
frizeAuthor Commented:
Thanks ciuly for ur reply , but could you please provide me some more details .( especially for pipes  ).
So what i should get is :
These Compressed Files are not compressed into a Predefinded directory . is that correct !! ? .

Thanks
0
2266180Commented:
>> These Compressed Files are not compressed into a Predefinded directory . is that correct !! ? .
no
>> These Compressed Files are not DECOMPRESSED into a Predefinded directory . is that correct !! ? .
now it's correct. everything is done in memory :)
and they are not decompressed fully in memory either. so it's not that you decompress and after that scan. you scan while decompressing.

how to explain a pipe. hm....

let's say that the bucket with water is compressed data. the water is uncompressed data. to decompress the data you must take it out from the bucket.

scannig is done by taking the water through a water filter.

so what you can do is decompress the water (move it from the bucket to a bottle from example), then pour the water through the filter.

OR, you can start pouring the water from the bucket directly through the filter and let it drip in the toilet for example (because we are not interested in keeping the uncompressed data ;) )

now, if you don't have programming experience, and since you have no idea what a pipe is, I can say that your programming experience is close to 0, then you will not be able to do this job.
don't take it personally, but how can you make an antivirus software, which is a very complex and serious application and not know what a pipe is and how it functions? I seriously tell you to consider re-taking the bascics, from the start. you will definetly need it. I know you can make some applications without sufficient programming knowledge, but there are lot of types of applications that really require good knowledge of programming basics and algorithms and data structures and etc.

I mean, take it for example this way: how are we supposed to explain you in a few sentecnes some stuff that takes months to learn in college?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
frizeAuthor Commented:
Thank you ciuly Points are yours .
0
2266180Commented:
sure, no problem. just don't get too deep into this without covering the basics. you'll just find yourself eventually having to give up on the project. I've seen it many times.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Delphi

From novice to tech pro — start learning today.