How do antivirus programs investigate hundreds of thousands of files so quickly while maintaining good detection rates? Most are able to do this in real-time while not slowing down computer processing rates by very much. How is this done?
Scanning in "real-time" generally involves only a very few files, perhaps only one at a time, e.g., the single one that is currently being accessed in any kind of update mode. Full scans are not done in "real-time" and can take a significant length of time to complete. -- Tom
Most only deal with the active file being accessed like Tom mentioned. The may also monitor for registry changes. That's not a lot of overhead so performance does not take a hit. However, a full scan on a pc/laptop with about 200g of data/files may take hours with some AV programs like AdAware,,Spybot S&D, MWAV, AVG and the like.
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!
Discuss This Question: 2  Replies