A parameter for optimization

As noted by a Wilder's member in another thread:
"A/V's should include the option to "Scan my computer" with only the virus definitions that have been downloaded since they last on demand "Scan my computer". Think how much quicker such a scan would run!"

This could be an option for the on-demand scanner and for the real-time modules as well.

P.S. I have been most impressed with NOD's recent performance in the bleeding-edge submissions to Jotti, especially in just how effective the heuristics engine has become.

 

But surely that would be a very dangerous way to go. Your computer is at risk to all viruses at all times - not just the most recent. Just because I didn' have some one year old virus when I scanned last time doesn't mean I haven't picked it up in the last hour.

 

It is supposed to couple the act of not scanning files that have already been scanned. It is an extra measure of protection on this technique.

 

maybe I'm missing something...

So if NOD32 downloaded todays update the on-demand scan would only include Win32/Mytob.AD (if an "option" is slected to do so)? What happens if you accidently download a file that contains Win32/Mytob.B which was included in a definintion weeks ago (the same day as the new update)?

 

As far as I'm concerned he says that Amon somehow flags files that have been scanned and if they're unchanged (thus no modification, no new virus) it doesn't waste resources to scan them again. However if new defs appear, a before-unknown virus could be sighted using these new defs. But why use the old ones again, if they have once found the file clean and it hasn't been modified since?
A smart idea, I think.

EDIT: Since the newly downloaded file was NEWLY downloaded it would be scanned with all the sigs. So the virus inside would be catched no matter what updates were released today.

 

ShunterAlhena is right. A file would be rescanned even if it has not changed, but an application has attempted to open it for writing.