Who runs an anti-virus scan these days? Apparently almost nobody

That's why on-access (real-time) scanning was "invented".

 

exactly. i don't see any real reason to run on-demand scans. if the the real-time engine misses something, then the on-demand is useless anyway.

 

exactly! people who run scans are really paranoid if their system was clean. As you said, if a file was not caught in realtime, then the on demand scan will not magically catch it! it missed it, end of story

 

A full system scan may be warranted when the chosen av is first installed on the system but performing a weekly scan maybe is a bit too much because the anti-virus should be preventing any post infection from occurring and if it does not detect the virus at the first instance then it will fail to detect with a system scan.

 

Doesn't make sense. There are on demand scanners that catch what AV's don't. That is the purpose for them..

 

Wrong, depending on what product you use and how you have it set up, an on-demand scan can indeed detect stuff that the RT protection might have missed. And that's all I will say as I am not up for yet another discussion.

 

I was under the impression that the article was referring to real-time antivirus protection and using its on-demand scanner and not various other anti-malware scanners.

I agree that default settings might need to be changed to scan archives and all areas of the disk.

If on-demand scans are used with programs like Malwarebytes, Herd Protect, Hitman, Zemana, then yes, I agree that there is a greater chance of locating malware if malware does exist on the system. Also, not all of these may have the exact same settings, as already mentioned, so they may not scan all the same areas which may cause results to vary. On-demand scanners don't run these files which could leave out detections based on other technologies.

 

Wrong is correct!, misleading info from MR yet again, on multiple occasion's I've had it happen where a on demand scan caught it.

 

Most of my on-demand scans these days are suspicious downloads almost always using VirusTotal.

 

For friend's PC which I set KIS2015 up, I left sensitivity for real-time scan default as "high" causes performance delay but made scheduled scan "high" with a bit of hope that it may detect what real-time missed.
Some might argue BB should detect them but since BB and high-heuristic scan use different logic, it's not true. Some AV vendor reserve aggressive definition set for high sensitivity scan. Well, in Kaspersky case it automatically makes aggressive scan on execution according to AV-Comparatives but I don't know exact details of on-exec scan and think "high" for scheduled scan won't cause much problem.

 

Not true. One example would be infection prior to distribution of a signature file able to detect it. I have seen this many times on client systems. And no, the on access stuff doesn't always catch it later.

 

I second that. Real-time protection may not detect malware because: 1, there was no signature / heuristics detection available when malware entered the system, 2, real-time protection doesn't scan inside archives/sfx archives, 3, real-time protection may use different heuristics sensitivity than the on-demand scanner.

 

not entirely correct as most AV's these days scan critical areas without users knowledge

 

I was under the impression that if the real time protection misses something, it might be caught later by the full scan when the signatures will have been updated… But I've never had a real life situation as such.

 

I will give it one more try then, and will report back. But about my question, I wonder what triggered this trend, AV's used to be only 10MB big, did they really make us download 100MB's (or more) of signatures back in the days? I can't remember anymore.

 

Does this not clearly demonstrate the ineffectiveness of signature based anti-virus.?
That zero-day and virtualisation methods are the only safe way forward for system protection.

 

A full In depth scan is recommended at least once a week. Your AV scheduling options should allow for this.

 

Most people run some kind of antivirus either real time or on demand. Just look at our polls section and keep in mind that those who voted none are also using on demand antivirus. There will be always a place for antivirus to at least remove threats that have been around for awhile.
The only people that don't seem to use antirivus are those on macs and linux as there is no need for them and this may change soon on macs soon too.

 

Well, no need is bit too much as there have been already some malware, no more neglectable. Even Mac or Linux user should use AV in some way (e.g. on-demand) unless they're sure they know security and threats well and can cope with (remember, recently more novices have been coming to Ubuntu or such, I guess support-end of XP also accelerated it a bit). Also don't forget mobile OSes, currently iOS is almost safe from malware (I know exceptions well), while Android malware keep rising.

 

do it on 1st install and then very rarely. dont find much use for me

 

No, it is an effective layer of security. It's just not wise to depend upon it entirely.

 

I haven't seen Linux users getting infected, servers yes, single users no. Macs are getting infected, yes I agree. But AVs are not reliable for Macs, at least not yet. There are other ways to secure those 2 operating systems that are similar to windows. For Linux I have been surfing bare bones with no security whatsoever, I just simply don't think there is justifiable amount of malware (except for gov't sponsored). For my new shiny Mac, I employed similar security to Windows (minus the AV) which basically comes down to 1) do not install untrusted software 2) script block. I wouldn't mind using AV if it was light weight enough and not buggy and to my knowledge none like that exists.

 

Picked up this with a full scan today on my netbook. I should clarify that my desktop gets the twice a week treatment and my netbook which is used much less frequently,once a month.http://www.avira.com/en/support-threats-description/tid/4348/tlang/en?dr_fakepic_gen_html=

 

Yep. as long as you keep up-to-date and only install software from official or other trusted repository, the possibility for infection will be very close to 0.
But I care about those novice users. Unlike ancient days (which actually I don't know), doing sth on Linux became very easier. There're plenty of resources on web about those popular distros so they can solve most things, even for command line just copy & paste quite works.
Given those, I don't think execute permission and protected root privilege can protect them fairly well. Probably what we firstly emphasize shouldn't be AV, but maybe e.g. installing only from official repository, don't add unknown repository, keep up-to-date, be careful to use su or sudo, etc.
But I personally think too much emphasize of not needing AV is no more good, as they may think Linux is malware free and do anything they want.

 

I haven't run an on-demand scan with WSA for a couple of years now. WSA is protecting my system automatically. No need for on-demand scanning. It warns and asks to remove any mawlare when found and scans automatically after removal to make sure no remnant exists.