Virus Scanning Date Selection ?

N

News Reader

While viewing the list of files while AVG was running today I got to
thinking: why scan a file that was scanned last week and hasn't
changed since then?

So, is there any freeware virus scanner that allows you to select a
file's date for scanning? Something like 'select files modified
after...' an entered date. I'm thinking that any file scanned today
and not modified after today does not need to be rescanned the next
time I run AVG.

Any flaws in my thinking?
 
N

null

While viewing the list of files while AVG was running today I got to
thinking: why scan a file that was scanned last week and hasn't
changed since then?

So, is there any freeware virus scanner that allows you to select a
file's date for scanning? Something like 'select files modified
after...' an entered date. I'm thinking that any file scanned today
and not modified after today does not need to be rescanned the next
time I run AVG.

Any flaws in my thinking?
Click to expand...

It's a good and reasonable idea, IMO. What comes to mind for starters
is McAfee's command line scanner. It can be set to scan only files in
a list. The list of paths to files to scan would have to be generated
by another program. That program would generate a list of files
written to the drive or modifed after a prescribed date. I know that
list can be generated very quickly since I've been writing programs to
do exactly that lately :) Dunno what the official position of
NAI-McAfee is nowdays on the free use of their command line scanner.
It's freely available for download the last time I looked.

I'll likely put together a prototype since I think it's an idea worth
following up on and playing with.


Art
http://www.epix.net/~artnpeg
 
M

Mikey

??What if a malware replaced scanned files with pre-dated ones???
ex: rid of "explorer.exe" dated July 19th 2004 with one dated June 19th
2004.
 
N

null

??What if a malware replaced scanned files with pre-dated ones???
ex: rid of "explorer.exe" dated July 19th 2004 with one dated June 19th
2004.
Click to expand...

The interrupt service used in my program supplies three dates:

1. File written to disk
2. File last accessed
3. File last modified

It can't be fooled that easily :)


Art
http://www.epix.net/~artnpeg
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

"running virus scan" slowing down Word 3
Avast Anti-Virus 2
STDRT.EXE Virus 1
Showing Next Recurrence Date In List VIew 0
Please Help! Virus? Avast, Firefox, Windows update quit working 4
Trouble with Trojans 3
free antivirus 13
Question about shell32.dll change 7

Top