[Webinar] Streamline your web hosting managementRegister Today


AntiVirus softwares and the compressed Files

Posted on 2008-02-11
Medium Priority
Last Modified: 2010-04-05
Hi Experts , i'm currently developping my AntiVirus software , and i want to ask the way an antivirus software scans the Compressed files ( *.Zip , *.Rar , Upx ... ). should it decompress them into Memory , or into a predefinded directory ?. Or what should it do to Scan them .

many thanks
Question by:frize
  • 3
  • 2
LVL 28

Expert Comment

ID: 20865985
well, you would normally use a custom stream. you will scan a stream. so you will have one procedure to scan a streamm. you then pass that a tfilesteam for file and a special stream for compressed files.
what this special stream does is provide access to uncompressed data on the fly bu without extracting the whole file into memory. it will only have for example 64 kb of uncompressed data at one given time.
it's like a pipe:
- decompressor decompresses to stream.
- special stream gets that input and makes it available for the scanner
- scanner scans it and asks fro more data
- special stream disregareds that data and reads in the next piece given by the uncompressor

not sure how to explain this better. but pipes is a good "visual" explanation :)

Author Comment

ID: 20868652
Thanks ciuly for ur reply , but could you please provide me some more details .( especially for pipes  ).
So what i should get is :
These Compressed Files are not compressed into a Predefinded directory . is that correct !! ? .

LVL 28

Accepted Solution

2266180 earned 400 total points
ID: 20869503
>> These Compressed Files are not compressed into a Predefinded directory . is that correct !! ? .
>> These Compressed Files are not DECOMPRESSED into a Predefinded directory . is that correct !! ? .
now it's correct. everything is done in memory :)
and they are not decompressed fully in memory either. so it's not that you decompress and after that scan. you scan while decompressing.

how to explain a pipe. hm....

let's say that the bucket with water is compressed data. the water is uncompressed data. to decompress the data you must take it out from the bucket.

scannig is done by taking the water through a water filter.

so what you can do is decompress the water (move it from the bucket to a bottle from example), then pour the water through the filter.

OR, you can start pouring the water from the bucket directly through the filter and let it drip in the toilet for example (because we are not interested in keeping the uncompressed data ;) )

now, if you don't have programming experience, and since you have no idea what a pipe is, I can say that your programming experience is close to 0, then you will not be able to do this job.
don't take it personally, but how can you make an antivirus software, which is a very complex and serious application and not know what a pipe is and how it functions? I seriously tell you to consider re-taking the bascics, from the start. you will definetly need it. I know you can make some applications without sufficient programming knowledge, but there are lot of types of applications that really require good knowledge of programming basics and algorithms and data structures and etc.

I mean, take it for example this way: how are we supposed to explain you in a few sentecnes some stuff that takes months to learn in college?

Author Comment

ID: 20869688
Thank you ciuly Points are yours .
LVL 28

Expert Comment

ID: 20869725
sure, no problem. just don't get too deep into this without covering the basics. you'll just find yourself eventually having to give up on the project. I've seen it many times.

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A lot of questions regard threads in Delphi.   One of the more specific questions is how to show progress of the thread.   Updating a progressbar from inside a thread is a mistake. A solution to this would be to send a synchronized message to the…
This is an update to some code that someone else posted on Experts Exchange. It is an alternate approach, I think a little easier to use, & makes sure that things like the Task Bar will update.
Enter Foreign and Special Characters Enter characters you can't find on a keyboard using its ASCII code ... and learn how to make a handy reference for yourself using Excel ~ Use these codes in any Windows application! ... whether it is a Micr…
There may be issues when you are trying to access Outlook or send & receive emails or due to Outlook crash which leads to corrupt or damaged PST file. To eliminate the corruption from your PST file, you need to repair the corrupt Outlook PST file. U…
Suggested Courses
Course of the Month7 days, 18 hours left to enroll

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question