Real Time Antivirus Protection

Just how good is real time antivirus prevention anyway? I have used kaspersky for quite a while now, and i noticed that while usually real time protection did not catch anything, an actual scan did. Are there any tests showing how effective real time protection of various anti-viruses are?

 

Yes.
http://www.av-comparatives.org/
Check the Retrospective/ProActive Test.

 

av-comparatives tests are on-demand. Virus Bulletin is the only one with on-access tests.

tD

 

You can always test for yourself. Download a copy of the eicar test virus and see if it's detected in real time protection mode - it should be

You can also e-mail it to yourself as an attachment and see if it gets blocked or detected.

That should assure you that your protection is working.

Ned

 

There are various reasons why a demand scan is capable of picking things up that the on-access Guard misses. One obvious reason is that you may have the two scanners configured differently; for example your demand scanner may be set to scan 'all files' while the Guard scans 'by extension'. In the case of KAV the Guard will not unpack and examine archives while the demand scanner will. Then again you may have let something entirely new in, before the sig is made available, and you only pick it up 'by demand' later.

More often than not, the item the Guard misses is something that is not an immediate danger, but if it were to become so (eg. malware extracted out of an archive) the Guard would pounce on it. If the demand scanner was incapable of finding things because the Guard got everything, then there would be no need ever to have a demand scan or, indeed, a demand scanner!

To answer your question directly - real time protection from KAV is very good indeed!