Antivirus is always a good place to start on troubleshooting inexplicable delayshttps://twitter.com/dietrich/status/963470291824357376 …
-
-
This answer is another bunch of nonsense by someone who has no clue how AV works and why it does what it does. All the suggestions given in it are rubbish. There are very good reasons why AV programs don't do that.
-
I'll take that as a compliment I guess, but others might appreciate hearing your reasons.
-
Sigh... It wasn't a compliment, as I'm sure you know perfectly well. Somebody did try to explain in the comments why at least some of it is nonsense, but you didn't listen. OK, let's look at the suggestions one by one.
-
Advice #1: Scan only on transition between writing and reading. Well, sometimes a long time passes between these, you know. User unpacks a malicious archive and forgets about it. A month later he remembers and clicks on something - boom.
-
So, the scanner would have to keep some kind of journal of transactions - sometimes for months, because you can never be sure. How much space is that going to take? How much time to process it?
-
And in many cases most of the efforts to implement this will be wasted anyway. An executable that contains an icon as a resource could be read every time Explorer shows the directory.
-
In the good old times of MS-DOS you could easily hook execute-only - but in Windows, trying to run the file always involves read. And most people appreciate a warning that they are about to copy malware to the thumb drive they're going to give to a friend.
-
Advice #2: Scan once and never again until the file is modified. We've tried that. It doesn't work. It just involves additional unnecessary work to keep track of what was modified when.
- 17 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.