Jump to content
gates

Progress bar when scaning

Recommended Posts

I hope that you could put progress bar which show how much SAS has scaned. I think that would be nice innovation.

Thanks for the suggestion - unfortunately there is no accurate way to present a progress bar as the number of files and registry entries change each time the computer is scanned.

Share this post


Link to post
Share on other sites

I have noticed than many antimalware applications fake this bar .

They often finish at 70% or long after 100% has been reached .

What if the progress meter measured just what % of the file system has been scanned ?

Share this post


Link to post
Share on other sites

Estimating the amount of the file system still presents the same problem - there is no way to "pre count" the number of files that will be scanned.

The only method we could do to "approximate" the amount of time left is if we saved the scan times for previous scans and used that as the "100%" mark - but in our testing this is not very effective.

Share this post


Link to post
Share on other sites
Estimating the amount of the file system still presents the same problem - there is no way to "pre count" the number of files that will be scanned.

The only method we could do to "approximate" the amount of time left is if we saved the scan times for previous scans and used that as the "100%" mark - but in our testing this is not very effective.

Nothing like highlighting all of the files and folders in the top directory and selecting properties ? I am years out of date when it comes to programming . I know that the file count check does take a while anyways .

I was figuring you would say that . Maybe a % based on file count ? Some files take much longer to scan and they can be grouped together (system32) so the % would be a very rough estimate .

Share this post


Link to post
Share on other sites

What about this . During the memory scan SAS also does a file count and registry entry count . It then uses its progress through the other scans to generate a % complete .

I am just thinking out loud , I do understand the problems with scan progress and accuracy .

Share this post


Link to post
Share on other sites
What about this . During the memory scan SAS also does a file count and registry entry count . It then uses its progress through the other scans to generate a % complete .

I am just thinking out loud , I do understand the problems with scan progress and accuracy .

Unfortunately the memory scan is not tied to the file scan, meaning the memory scan just scans the processes and modules loaded. The only way to determine the number of files to scan is to enumerate the file system and "pre-count" the number of items - this would take several minutes on an average system.

Share this post


Link to post
Share on other sites
What about this . During the memory scan SAS also does a file count and registry entry count . It then uses its progress through the other scans to generate a % complete .

I am just thinking out loud , I do understand the problems with scan progress and accuracy .

Unfortunately the memory scan is not tied to the file scan, meaning the memory scan just scans the processes and modules loaded. The only way to determine the number of files to scan is to enumerate the file system and "pre-count" the number of items - this would take several minutes on an average system.

I know , I was hoping on a long shot .

One method I use to detect rootkits is to check the file count of my test system live and compare it to slaved . The difference is the number of cloaked files . The file count does take forever .

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×