The Scan Engine is central to our antivirus software. This article provides a high-level description of its function, where to download it, and instructions on how to verify its
DigiCert certificate.
The Scan Engine consists of a single file (
mcscan32.dll or
mscan64a.dll) that contains the program logic to perform the following:
-
Scan files at particular points
-
Process and pattern-match virus definitions with data that it finds within scanned files
-
Decrypt and run virus code in an emulated environment
-
Apply heuristic techniques to recognize new viruses
-
Remove infectious code from legitimate files
The Scan Engine uses information contained in the DAT files to identify and act against viruses. It's updated frequently to implement new advances in antivirus technology and to provide the greatest level of protection against virus threats.
You can download the latest Scan Engine from the Engines tab on the Security Updates site.
DigiCert certificate
The Windows Scan Engine is digitally signed with a public key certificate issued by DigiCert. This key allows managed products to verify the origin and integrity of the Scan Engine using standard Win32 Application Programming Interface calls. Only Windows 32-bit and 64-bit DLL files are signed with the DigiCert certificate.
To verify the Engine's digital signature, perform the steps below:
- Use Windows Explorer to locate mcscan32.dll or mscan64a.dll.
- Right-click the file, and select Properties, Digital Signatures.
- Select the entry that begins with Musarubra US LLC from the Signature List.
- Click Details, and then verify that the Digital Signature Information section states This digital signature is OK.
- In the Signer information section, verify that the Name field contains the text Musarubra US LLC.
- In the Countersignatures section, click Details, and then verify that the Name of signer field contains DigiCert Timestamp 2022 - 2.
- Click OK, and then close the Properties screen.