Computer virus scanning techniques generally include a full scan which scans all items in a computer. During the full scan, in order to achieve the goal of completing the scan as soon as possible, a large portion of the computer hardware resource will typically be occupied.
However, as the computer software and hardware develop, the number of system files in a computer operating system is increasing, so are various software applications. When a conventional computer virus scan technique is deployed to fully scan a computer operating system, the required scan time is increasingly longer.
Furthermore, since the scan process using the existing computer virus scanning techniques occupies the computer hardware resources to a relatively large extent, a user's normal computer operation and use is noticeably affected, thus causing inferior user experience.
The conventional art discloses a scan acceleration method and device, whereby only modified files in the computer are scanned through an enumeration approach, enabling an accurate determination of the modified files. Not only can a scan operation on safe files be skipped, but also the possibility of missing viruses and Trojan horses through a lightweight check is avoided.
The above mentioned scan acceleration technique can only scan the modified files by enumeration. However, computer viruses are not only present in the modified files, but may also be widely present in other parts of the computer. Furthermore, the enumeration approach causes relatively low efficiency and fails to rapidly obtain the content which needs to be scanned in the computer.