1. Manuals
  2. Brands
  3. McAfee Manuals
  4. Software
  5. VCLCDE-AA-DA - VirusScan Command Line Scanner...
  6. Product manual

Using Heuristic Analysis; Producing Reports - McAfee VCLCDE-AA-DA - VirusScan Command Line Scanner Standard Product Manual

Product guide
Hide thumbs
Table of Contents

Advertisement

®
VirusScan
Command Line 5.20.0 Product Guide

Using heuristic analysis

Producing reports

A scanner uses two techniques to detect viruses — signature matching and heuristic
analysis.
A virus signature is simply a binary pattern that is found in a virus-infected file. Using
information in the DAT files, the scanner searches for those patterns. However, this
approach cannot detect a new virus because its signature is not yet known, therefore
the scanner uses another technique — heuristic analysis.
Programs, documents or e-mail messages that carry a virus often have distinctive
features. They might attempt unprompted modification of files, invoke mail clients, or
use other means to replicate themselves. The scanner analyzes the program code to
detect these kinds of computer instructions. The scanner also searches for
"legitimate," non-virus-like behavior, such as prompting the user before taking action,
and thereby avoids raising false alarms.
In an attempt to avoid detection, some viruses are encrypted. Each computer
instruction is simply a binary number, but the computer does not use all the possible
numbers. By searching for unexpected numbers inside a program file, the scanner can
detect an encrypted virus. By using these techniques, the scanner can detect both
known viruses and many new viruses and variants. Options that use heuristic analysis
include
,
/ANALYZE
/MANALYZE,
page
25.
The scanner can report its results in a log file that you create and name. In this example,
the scanner creates its report in a log file called
current working directory.
To create a report:
1 If you do not already have the VirusScan program directory listed in your path
statement, change to the directory where you stored your VirusScan program files.
2 At the command prompt, type:
SCAN /ADN /REPORT WEEK40.TXT
The scanner scans all network drives and generates a text file of the results. The
contents of the report are identical to the text you see on-screen as the scanner is
running.
3 To create a running report of the scanner's actions, use the
any results of the scan to a file. At the command prompt, type:
SCAN /ADN /APPEND /REPORT WEEKLY.TXT
The scanner scans all network drives, and appends the results of the scan to the
existing file,
WEEKLY.TXT
and
. See
Table
/PANALYZE
WEEK40.TXT
.
24
Using the Command-Line Scanner
Using heuristic analysis
3-2,
Scanning options on
, which appears in your
option to add
/APPEND
3

Advertisement

Table of Contents
loading

Related Manuals for McAfee VCLCDE-AA-DA - VirusScan Command Line Scanner Standard

Related Content for McAfee VCLCDE-AA-DA - VirusScan Command Line Scanner Standard

This manual is also suitable for:

Virusscan command line

Table of Contents