rnfolsom
July 22nd, 2009, 07:29 PM
These questions (except for question 5) all pertain to an "On-demand computer scan" using the "In-depth scan" profile's "ThreatSense engine parameter setup."
[Erroneous paragraph deleted by RNF, 27 July 2009.]
1) The Other category includes an option to Run background scans with low priority. The Help explains that "Each scanning sequence consumes a certain amount of system resources. If you work with programs that place a high load on system resources, you can activate low priority background scanning and save resources for your applications."
I'm guessing that a background scan is a scan running while the computer is being actively used for other purposes, such as reading or writing email or some other document, working on a spreadsheet, etc. Correct?
Given that I run On-demand scans only when the computer is not doing anything else (e.g. when I am reading a long paper document or eating or sleeping), does this setting have any effect? For now, I've NOT checked it.
2) The same Other category includes also an Enable Smart optimization option. The Help explains that "With Smart Optimization enabled the most optimal settings are used to ensure the most efficient scanning level, while simultanneously [sic] maintaining the highest scanning speeds. The various protection modules scan intelligently, making use of different scanning methods each, applying them to specific file types. The Smart Optimization is not rigidly defined within the product. Quite on the contrary, the ESET Development Team keeps it flexible implementing new changes continuosly [sic] which get then integrated into the ESET security solution via the regular updates. Is the Smart Optimization [is] disabled, [I]only the user-defined settings in the ThreatSense core of the particular modules are applied when performing a scan.".
I'm guessing that Smart Optimization is a tradeoff between scan speed and thoroughness. Since I don't care how long an On-demand scan takes to complete, and maximum thoroughness is what I want, I have NOT checked this option. For my preferred maximum thoroughness results, is that a good choice?
It's a bad choice if Smart Optimization actually improves thoroughness even while shortening scanning time, and the part of the Help statement that I have put in bold italics makes me worry that I've made a bad choice.
I really do not understand the part of the Help statement that I have put in bold italics.
3) The Limits category includes a Default object settings option, and a Default archive scan settings option, both of which I have left checked. The Default quantities for Maximum object size and for Maximum scan time for object (sec.) [apparently an object within an archive, according to my interpretation of the Help file], and for Archive nesting level and Maximum size of file in archive, all are blank. I think that means that they all are unlimited. Is that correct for all four items? Unlimited is what I want.
The question arises because for the Archive nesting level, the Help says that "We do not recommend changing the default value of 10; under normal circumstances, there should be no reason to modify it. If scanning is prematurely terminated due to the number of nested archives, the archive will remain unchecked." (The User Guide, Rev 20090520-005, section 4.1.7.5, page 19, is identical.) But there's no "10" in the archive nesting level default settings, and "10" and blank appear to me to be contradictory. Which is wrong: the blank default, or the Help file and User Guide?
4) Does this "Archive nesting level" limit apply to MBox email files? A broader question is, are MBox email files ever treated as if they were archives, at least for some purposes?
5) In the log for an On-demand scan, I think I have seen that some files (either archives or MBox email files; unfortunately I don't remember which) were not scanned because of their large size. I want everything to be scanned, regardless of size.
But before I ran another scan to find out what hadn't been scanned, in Tools, Log files, Log Filtering, I checked everything. The resulting log was so huge that it was not practical to search through it to see what files (if any) had not been scanned due to excessive size (or for any other reason).
a) Is it possible to filter an existing log of a past scan, to display only some of its item types, or does "filtering" determine only what gets logged in the first place?
b) What Log filtering items should I check in order to log (or display from a more complete log) only
unscanned files, and
infected files?
Thanks for any help.
Roger Folsom
[Erroneous paragraph deleted by RNF, 27 July 2009.]
1) The Other category includes an option to Run background scans with low priority. The Help explains that "Each scanning sequence consumes a certain amount of system resources. If you work with programs that place a high load on system resources, you can activate low priority background scanning and save resources for your applications."
I'm guessing that a background scan is a scan running while the computer is being actively used for other purposes, such as reading or writing email or some other document, working on a spreadsheet, etc. Correct?
Given that I run On-demand scans only when the computer is not doing anything else (e.g. when I am reading a long paper document or eating or sleeping), does this setting have any effect? For now, I've NOT checked it.
2) The same Other category includes also an Enable Smart optimization option. The Help explains that "With Smart Optimization enabled the most optimal settings are used to ensure the most efficient scanning level, while simultanneously [sic] maintaining the highest scanning speeds. The various protection modules scan intelligently, making use of different scanning methods each, applying them to specific file types. The Smart Optimization is not rigidly defined within the product. Quite on the contrary, the ESET Development Team keeps it flexible implementing new changes continuosly [sic] which get then integrated into the ESET security solution via the regular updates. Is the Smart Optimization [is] disabled, [I]only the user-defined settings in the ThreatSense core of the particular modules are applied when performing a scan.".
I'm guessing that Smart Optimization is a tradeoff between scan speed and thoroughness. Since I don't care how long an On-demand scan takes to complete, and maximum thoroughness is what I want, I have NOT checked this option. For my preferred maximum thoroughness results, is that a good choice?
It's a bad choice if Smart Optimization actually improves thoroughness even while shortening scanning time, and the part of the Help statement that I have put in bold italics makes me worry that I've made a bad choice.
I really do not understand the part of the Help statement that I have put in bold italics.
3) The Limits category includes a Default object settings option, and a Default archive scan settings option, both of which I have left checked. The Default quantities for Maximum object size and for Maximum scan time for object (sec.) [apparently an object within an archive, according to my interpretation of the Help file], and for Archive nesting level and Maximum size of file in archive, all are blank. I think that means that they all are unlimited. Is that correct for all four items? Unlimited is what I want.
The question arises because for the Archive nesting level, the Help says that "We do not recommend changing the default value of 10; under normal circumstances, there should be no reason to modify it. If scanning is prematurely terminated due to the number of nested archives, the archive will remain unchecked." (The User Guide, Rev 20090520-005, section 4.1.7.5, page 19, is identical.) But there's no "10" in the archive nesting level default settings, and "10" and blank appear to me to be contradictory. Which is wrong: the blank default, or the Help file and User Guide?
4) Does this "Archive nesting level" limit apply to MBox email files? A broader question is, are MBox email files ever treated as if they were archives, at least for some purposes?
5) In the log for an On-demand scan, I think I have seen that some files (either archives or MBox email files; unfortunately I don't remember which) were not scanned because of their large size. I want everything to be scanned, regardless of size.
But before I ran another scan to find out what hadn't been scanned, in Tools, Log files, Log Filtering, I checked everything. The resulting log was so huge that it was not practical to search through it to see what files (if any) had not been scanned due to excessive size (or for any other reason).
a) Is it possible to filter an existing log of a past scan, to display only some of its item types, or does "filtering" determine only what gets logged in the first place?
b) What Log filtering items should I check in order to log (or display from a more complete log) only
unscanned files, and
infected files?
Thanks for any help.
Roger Folsom