Jump to content
mclawler75

Scan New/Changed Files Only

Recommended Posts

Has anyone played with this setting and gotten it to work? I've tried to use it a couple of times in test groups, but it appears that I'm getting a full scan every time anyway. I understand the first time getting a full scan, but after that I would think that it would change to new/changed files only.

 

If anyone has gotten this to work correctly for them can you let me know what all was done for it. Just looking for ways to shorten my scan times.

Share this post


Link to post
Has anyone played with this setting and gotten it to work? I've tried to use it a couple of times in test groups, but it appears that I'm getting a full scan every time anyway. I understand the first time getting a full scan, but after that I would think that it would change to new/changed files only.

 

If anyone has gotten this to work correctly for them can you let me know what all was done for it. Just looking for ways to shorten my scan times.

 

There are 3 settings within a Scan Task that should be looked at:

 

Scan only new and changed files:

 

This setting will enable or disable the mode of scanning only new files and files that have been modifies since the previous scan. Kaspersky will scan both plain and compressed files.

 

iChecker Technology:

 

iChecker calculates and remembers checksums of scanned files. A checksum is a digital signature of an object (file) which allows identifying its authenticity.

 

Upon any object modification, its checksum will be changed.

 

The iChecker technology puts checksums of objects into a special table and then checks whether the checksums for the scanned objects are different from the previous data.

 

If the checksum is different from the previous value, the object is identified as a modified version and will be rescanned.

 

If the checksum is not different, the object is skipped.

 

iSwift Technology:

 

The iSwift technology is a modification of the iChecker technology but for NTFS file systems.

 

The NTFS file system assigns a special NTFS identifier to each object. iSwift checks NTFS identifiers of scanned objects with previous identifiers of the objects.

 

If the identifier was changed, the object will be rescanned.

 

 

So which are you using? Does enabling different combinations of the above cause the scan to act differently? Or is it all the same no matter what you choose. Please note that this change is in the actual virus scan task - not the policy.

Share this post


Link to post

So, we've tried it with the Scan only new and changed files, with the iChecker and iSwift settings turned on. when that didn't work we turned off the Scan only new and changed files and just left it as a full scan. I have not played with it to much.

Share this post


Link to post

Hello,

 

I understand the first time getting a full scan, but after that I would think that it would change to new/changed files only.

 

Please tell us what make you think that files are scanned once again.

There is a test you can do to check that this option "scan new and changed files only" works as expected.

Right click on any folder and perform a scan, note how long it takes.

Repeat the same action and that should last only few seconds, because of scan optimization.

 

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.