A parameter for optimization

Discussion in 'NOD32 version 2 Forum' started by DARMin, Apr 11, 2005.

Thread Status:
Not open for further replies.
  1. DARMin

    DARMin Registered Member

    Jan 29, 2005
    As noted by a Wilder's member in another thread:
    "A/V's should include the option to "Scan my computer" with only the virus definitions that have been downloaded since they last on demand "Scan my computer". Think how much quicker such a scan would run!"

    This could be an option for the on-demand scanner and for the real-time modules as well.

    P.S. I have been most impressed with NOD's recent performance in the bleeding-edge submissions to Jotti, especially in just how effective the heuristics engine has become.
  2. Michaelangelo

    Michaelangelo Registered Member

    Apr 11, 2005
    But surely that would be a very dangerous way to go. Your computer is at risk to all viruses at all times - not just the most recent. Just because I didn' have some one year old virus when I scanned last time doesn't mean I haven't picked it up in the last hour.
  3. DARMinHere

    DARMinHere Guest

    It is supposed to couple the act of not scanning files that have already been scanned. It is an extra measure of protection on this technique.
  4. NAMOR

    NAMOR Registered Member

    May 19, 2004
    St. Louis, MO
    maybe I'm missing something...

    So if NOD32 downloaded todays update the on-demand scan would only include Win32/Mytob.AD (if an "option" is slected to do so)? What happens if you accidently download a file that contains Win32/Mytob.B which was included in a definintion weeks ago (the same day as the new update)?
  5. ShunterAlhena

    ShunterAlhena Registered Member

    Aug 1, 2004
    Szigethalom, Hungary
    As far as I'm concerned he says that Amon somehow flags files that have been scanned and if they're unchanged (thus no modification, no new virus) it doesn't waste resources to scan them again. However if new defs appear, a before-unknown virus could be sighted using these new defs. But why use the old ones again, if they have once found the file clean and it hasn't been modified since?
    A smart idea, I think.

    EDIT: Since the newly downloaded file was NEWLY downloaded it would be scanned with all the sigs. So the virus inside would be catched no matter what updates were released today.
  6. Marcos

    Marcos Eset Staff Account

    Nov 22, 2002
    ShunterAlhena is right. A file would be rescanned even if it has not changed, but an application has attempted to open it for writing.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.