Jump to content
peteyt

Do virus signatures ever get deleted?

Recommended Posts

Hi there

I was just wondering the other day if virus signatures are ever deleted? As definitions are updated daily, I've seen some worry that definitions could become too big. Some due to this prefer whitelisting but it has its flaws. So I was curious if signatures ever get deleted e.g. if a virus is extremely old, possibly designed for a system no longer used or a version of an operating system no longer supported etc. 

From the basics that I do know, some signatures are sometimes merged together e.g. signatures based on the same or similar virus but that's all I know.

Share this post


Link to post
Share on other sites

Yes. Especially trivial detections are replaced with more sophisticated ones that can cover many more variants of the malware.

Share this post


Link to post
Share on other sites
1 hour ago, Marcos said:

Yes. Especially trivial detections are replaced with more sophisticated ones that can cover many more variants of the malware.

What about old malware e.g. something from 10, 20 years ago. Do AVs need to protect against these in the chance someone is infected 

Share this post


Link to post
Share on other sites
6 minutes ago, peteyt said:

What about old malware e.g. something from 10, 20 years ago. Do AVs need to protect against these in the chance someone is infected 

We keep detections even for very old DOS (com) viruses.

Share this post


Link to post
Share on other sites
On 4/19/2019 at 10:44 AM, Marcos said:

We keep detections even for very old DOS (com) viruses.

Nice to know. Hypothetically could a database ever become too large due to the amount of signatures or does the fact that one signature can cover multiple variants prevent this 

Share this post


Link to post
Share on other sites
13 hours ago, peteyt said:

Nice to know. Hypothetically could a database ever become too large due to the amount of signatures or does the fact that one signature can cover multiple variants prevent this 

It would take probably dozens of years for the engine to increase significantly. However, with technical advance and development also the limits change and the standard for hw configurations improves so a 100MB engine in let's say 5-10 years won't be a problem if an average amount of installed memory in office computers reaches 128 GB for instance.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...