Jump to content

Do virus signatures ever get deleted?


peteyt
 Share

Recommended Posts

  • Most Valued Members

Hi there

I was just wondering the other day if virus signatures are ever deleted? As definitions are updated daily, I've seen some worry that definitions could become too big. Some due to this prefer whitelisting but it has its flaws. So I was curious if signatures ever get deleted e.g. if a virus is extremely old, possibly designed for a system no longer used or a version of an operating system no longer supported etc. 

From the basics that I do know, some signatures are sometimes merged together e.g. signatures based on the same or similar virus but that's all I know.

Link to comment
Share on other sites

  • Administrators

Yes. Especially trivial detections are replaced with more sophisticated ones that can cover many more variants of the malware.

Link to comment
Share on other sites

  • Most Valued Members
1 hour ago, Marcos said:

Yes. Especially trivial detections are replaced with more sophisticated ones that can cover many more variants of the malware.

What about old malware e.g. something from 10, 20 years ago. Do AVs need to protect against these in the chance someone is infected 

Link to comment
Share on other sites

  • Administrators
6 minutes ago, peteyt said:

What about old malware e.g. something from 10, 20 years ago. Do AVs need to protect against these in the chance someone is infected 

We keep detections even for very old DOS (com) viruses.

Link to comment
Share on other sites

  • Most Valued Members
On 4/19/2019 at 10:44 AM, Marcos said:

We keep detections even for very old DOS (com) viruses.

Nice to know. Hypothetically could a database ever become too large due to the amount of signatures or does the fact that one signature can cover multiple variants prevent this 

Link to comment
Share on other sites

  • Administrators
13 hours ago, peteyt said:

Nice to know. Hypothetically could a database ever become too large due to the amount of signatures or does the fact that one signature can cover multiple variants prevent this 

It would take probably dozens of years for the engine to increase significantly. However, with technical advance and development also the limits change and the standard for hw configurations improves so a 100MB engine in let's say 5-10 years won't be a problem if an average amount of installed memory in office computers reaches 128 GB for instance.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...