On-Demand Scan Questions

On-Demand Scan Questions - Revised

These questions (except for question 5) all pertain to an "On-demand computer scan" using the "In-depth scan" profile's "ThreatSense engine parameter setup."

[Erroneous paragraph deleted by RNF, 27 July 2009.]

1) The Other category includes an option to Run background scans with low priority. The Help explains that "Each scanning sequence consumes a certain amount of system resources. If you work with programs that place a high load on system resources, you can activate low priority background scanning and save resources for your applications."

I'm guessing that a background scan is a scan running while the computer is being actively used for other purposes, such as reading or writing email or some other document, working on a spreadsheet, etc. Correct?

Given that I run On-demand scans only when the computer is not doing anything else (e.g. when I am reading a long paper document or eating or sleeping), does this setting have any effect? For now, I've NOT checked it.

2) The same Other category includes also an Enable Smart optimization option. The Help explains that "With Smart Optimization enabled the most optimal settings are used to ensure the most efficient scanning level, while simultanneously [sic] maintaining the highest scanning speeds. The various protection modules scan intelligently, making use of different scanning methods each, applying them to specific file types. The Smart Optimization is not rigidly defined within the product. Quite on the contrary, the ESET Development Team keeps it flexible implementing new changes continuosly [sic] which get then integrated into the ESET security solution via the regular updates. Is [If] the Smart Optimization [is] disabled, only the user-defined settings in the ThreatSense core of the particular modules are applied when performing a scan.".

I'm guessing that Smart Optimization is a tradeoff between scan speed and thoroughness. Since I don't care how long an On-demand scan takes to complete, and maximum thoroughness is what I want, I have NOT checked this option. For my preferred maximum thoroughness results, is that a good choice?

It's a bad choice if Smart Optimization actually improves thoroughness even while shortening scanning time, and the part of the Help statement that I have put in bold italics makes me worry that I've made a bad choice.

I really do not understand the part of the Help statement that I have put in bold italics.

3) The Limits category includes a Default object settings option, and a Default archive scan settings option, both of which I have left checked. The Default quantities for Maximum object size and for Maximum scan time for object (sec.) [apparently an object within an archive, according to my interpretation of the Help file], and for Archive nesting level and Maximum size of file in archive, all are blank. I think that means that they all are unlimited. Is that correct for all four items? Unlimited is what I want.

The question arises because for the Archive nesting level, the Help says that "We do not recommend changing the default value of 10; under normal circumstances, there should be no reason to modify it. If scanning is prematurely terminated due to the number of nested archives, the archive will remain unchecked." (The User Guide, Rev 20090520-005, section 4.1.7.5, page 19, is identical.) But there's no "10" in the archive nesting level default settings, and "10" and blank appear to me to be contradictory. Which is wrong: the blank default, or the Help file and User Guide?

4) Does this "Archive nesting level" limit apply to MBox email files? A broader question is, are MBox email files ever treated as if they were archives, at least for some purposes?

5) In the log for an On-demand scan, I think I have seen that some files (either archives or MBox email files; unfortunately I don't remember which) were not scanned because of their large size. I want everything to be scanned, regardless of size.
But before I ran another scan to find out what hadn't been scanned, in Tools, Log files, Log Filtering, I checked everything. The resulting log was so huge that it was not practical to search through it to see what files (if any) had not been scanned due to excessive size (or for any other reason).

a) Is it possible to filter an existing log of a past scan, to display only some of its item types, or does "filtering" determine only what gets logged in the first place?

b) What Log filtering items should I check in order to log (or display from a more complete log) only
unscanned files, and
infected files?

Thanks for any help.

Roger Folsom

 

By "under" I assume you are implying it's a branch off of "Web access protection"

If that's what you are meaning, it's my understanding\viewpoint that On-demand computer scan is simply one of seven sections under Antivirus and antispyware protection. In fact the downloadable help pdf's list On-demand computer scan as a separate section.

 

Re: On-Demand Scan Questions - Revised

Bubba:
That's exactly what I meant.

Thanks very much for clearing that up.

I hope that in a future build, the "Entire advanced setup tree" will put "On-demand computer scan" where it apparently belongs --- directly under "Antivirus and antispyware," that is at the same level as "Web access protection" --- instead of under "Web access protection." That current location was very confusing to me.

Roger Folsom

 

Bubba did a great job of clearing up my confusion in my initial post's paragraph 2.

However, I still need answers to the five questions in my initial post. Question 2 now has more detail.

Thanks to anyone who can provide answers to one or more of those questions.

Roger Folsom

 

Re: On-Demand Scan Questions - Revised

Given that the setting is enabled(checked) by default, I'll assume you have un-checked that setting ?

As for Smart Optimization, my understanding has been as they explained in the help section under Optimized scanning....

I did try but it appears by this post you made to the Future Changes to EAV thread that you still feel it's part of Web Access Protection("under")....which it's not and does not appear that way IMHO as mentioned above....."simply one of seven sections under Antivirus and antispyware protection"

I suppose it's how one views sub trees

 

Re: On-Demand Scan Questions - Revised

Bubba:

First and foremost: On the issue of whether On-demand computer scan is "under" Web access protection, you are right and I was completely wrong. In the Entire advanced setup tree outline and in reality, On-demand computer scan is not "under" and is not part of, or controlled or influenced by, Web access protection.

Real-time file system protection, Document Protection, Email client protection, Web access protection, On-demand computer scan, Exclusions, and Protocol filtering, all are on the same "level": directly under Antivirus and antispyware.

I am feeling very stupid. Apparently the lack of a plus sign in front of On-demand computer scan fooled my eyes and brain into not realizing that On-demand computer scan already is on the same "level" as Web access protection. That's a very lame excuse, especially given that other sections (Document protection and Exclusions) have no plus signs, but it's the only excuse I can think of.

I have edited my initial post that started this thread, by deleting its totally wrong second paragraph. And in the Future Changes to EAV thread, I have deleted my post dealing with this issue.

Yes --- but only in the On-demand computer scan section.

I searched the online Help's Index for Optimized scanning, and under Advanced setup came up with the same statement that you quoted, except that mine is a bit longer. I've put the additional material in italics.

All of that makes sense to me --- except that, using the Entire advanced setup tree, at Antivirus and antispyware, Real-time file system protection, Advanced setup, I can't find any Optimized scanning option.

But in any case, I think that Help file quote is irrelevant to my initial post's question 2, which was about the Enable Smart optimization option in On-demand computer scan, and not in Real-time file system protection. But maybe I'm missing some relationship between those two sections.

So I'm still looking for answers to my initial post's five questions.

Thanks for finally convincing me that I was wrong about On-demand computer scan's location in the Entire advanced setup tree. Please accept my apologies for my stupidity having wasted your time about that.

Roger Folsom