BitBaan » BitBaan Windows client docs

The system has a Windows application called BitBaan MALab Windows Client. You can download it from here. Some features of this application include:

  • File Scan.
  • Folder scan.
  • Scanning compressed files.
  • Drag/Drop support.
  • Ability to scan through the right-click in the Explorer window.
  • Managing malware by name. (Antivirus output)
  • Managing malware by detection rate.

Important note: This software uses the API. Therefore, the user must have permission to access the API.

Important note: This software does not support Windows XP and earlier versions of the Windows operating system.

To use this software, you must first install it. To install the software, run MALab_WindowsClient_Setup.exe. You will see a window like the one below. Click “Next” in this window. In the next window, select the software installation path and click the “Next” button. Then click the “Install” button to start software installation. Click “Finish” after completing the installation.

setup

After installation, a shortcut called "BitBaan MALab" is added to your computer desktop. By clicking this shortcut, the login window will appear as shown below. On this page, you must enter API connection information. If you want to store this information forever on your computer and no longer need to enter it, simply click “Do not Ask Again”.

login

After entering this information, click the “Login” button. If your information is correct then the main window of the software will appear like the picture below:

main-windows-software

Note: You can also use the Drag/Drop feature to select a file.

Note: Currently rar, zip, iso, cab, gz, bz2 and 7z compressed files are supported.

Note: If you select the “Include Subdirectories” option, the files in the selected subfolders will also be scanned recursively.

Note: By default, previously scanned files will not be scanned again and only the last scan result will be returned unless the “Rescan” option is selected.

By starting file scan operation, the list of files will be shown in Scan Results. By clicking on the icon you will be able to view the details of each scan.

Finally, if you want to delete the results of the scan, just click on the “Clear Scan Results” button.

Note: You can also perform scan operations by right-clicking a file in the Explorer window and selecting the “Scan with BitBaan MALab” option.

Note: Consider the scan-rate limitations while you perform scanning. For example, if you are allowed to do 60 scans per day. If you select a folder containing 70 files, then the scan of the 10 remaining files will not be done properly due to your scan-rate limitations.

In the Virus Manager section, as in the image below, you can manage your malware according to the information in the system database.

virus-manager

You can manage malware in two ways:

  • Managing by malware name: Suppose you have a folder containing malware and you want to manage them according to the output of a particular antimalware. Then click on the “Get Antiviruses List” option and choose an antimalware from the antimalware list. Then select your input and output folder. (Subfolders of the input folder will not be considered.) In the end, by clicking on the “Start” button the malware managing operation starts.
  • Managing by detection rate: If you have a folder and you want to know which of the internal files is malicious, and which one is clean (Benign), you can use this feature. Just select your input and output folder and then set the benign threshold and malware threshold values. If the detection rate of a file is less than the benign threshold, then that file is considered as benign. Also, if the detection rate is greater than or equal to the malware, then that file is considered as malware. The files with the detection rate between these two values will be copied into folders with the same name as the detection rate.

Note: If the file information is not available in the system database, that file will be placed in the “Unknown” folder. So it's recommended to scan them before managing the malware.

Note: If you check the “Rename Files” option, the file name will be saved in the output folder as {SHA256}.vir.

Note:If you select the “Delete input files” option, the input files will be deleted from the computer after being managed..

In the “About” section of the main window, which is the same as the one below, there is some information about the name and version of the software. In addition, “Logout” and “Help” buttons are available.

about-part