Who runs an anti-virus scan these days? Apparently almost nobody

Discussion in 'other anti-virus software' started by Minimalist, Jan 28, 2015.

  1. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    That's why on-access (real-time) scanning was "invented".
     
  2. dansorin

    dansorin Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    236
    Location:
    EU
    exactly. i don't see any real reason to run on-demand scans. if the the real-time engine misses something, then the on-demand is useless anyway.
     
  3. Mortal Raptor

    Mortal Raptor Banned

    Joined:
    Oct 6, 2014
    Posts:
    1,013
    exactly! people who run scans are really paranoid if their system was clean. As you said, if a file was not caught in realtime, then the on demand scan will not magically catch it! it missed it, end of story
     
  4. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,053
    A full system scan may be warranted when the chosen av is first installed on the system but performing a weekly scan maybe is a bit too much because the anti-virus should be preventing any post infection from occurring and if it does not detect the virus at the first instance then it will fail to detect with a system scan.
     
  5. DX2

    DX2 Guest

    Doesn't make sense. There are on demand scanners that catch what AV's don't. That is the purpose for them..
     
  6. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Wrong, depending on what product you use and how you have it set up, an on-demand scan can indeed detect stuff that the RT protection might have missed. And that's all I will say as I am not up for yet another discussion.
     
    Last edited: Feb 1, 2015
  7. Charyb

    Charyb Registered Member

    Joined:
    Jan 16, 2013
    Posts:
    675
    I was under the impression that the article was referring to real-time antivirus protection and using its on-demand scanner and not various other anti-malware scanners.

    I agree that default settings might need to be changed to scan archives and all areas of the disk.

    If on-demand scans are used with programs like Malwarebytes, Herd Protect, Hitman, Zemana, then yes, I agree that there is a greater chance of locating malware if malware does exist on the system. Also, not all of these may have the exact same settings, as already mentioned, so they may not scan all the same areas which may cause results to vary. On-demand scanners don't run these files which could leave out detections based on other technologies.
     
    Last edited: Feb 1, 2015
  8. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    1,292
    Location:
    USA, MICHIGAN
    Wrong is correct!, misleading info from MR yet again, on multiple occasion's I've had it happen where a on demand scan caught it.
     
  9. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Most of my on-demand scans these days are suspicious downloads almost always using VirusTotal.
     
  10. 142395

    142395 Guest

    For friend's PC which I set KIS2015 up, I left sensitivity for real-time scan default as "high" causes performance delay but made scheduled scan "high" with a bit of hope that it may detect what real-time missed.
    Some might argue BB should detect them but since BB and high-heuristic scan use different logic, it's not true. Some AV vendor reserve aggressive definition set for high sensitivity scan. Well, in Kaspersky case it automatically makes aggressive scan on execution according to AV-Comparatives but I don't know exact details of on-exec scan and think "high" for scheduled scan won't cause much problem.
     
  11. Cabville

    Cabville Registered Member

    Joined:
    Feb 19, 2014
    Posts:
    66
    Not true. One example would be infection prior to distribution of a signature file able to detect it. I have seen this many times on client systems. And no, the on access stuff doesn't always catch it later.
     
  12. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,441
    I second that. Real-time protection may not detect malware because: 1, there was no signature / heuristics detection available when malware entered the system, 2, real-time protection doesn't scan inside archives/sfx archives, 3, real-time protection may use different heuristics sensitivity than the on-demand scanner.
     
  13. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    not entirely correct as most AV's these days scan critical areas without users knowledge
     
  14. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,376
    Location:
    Milan and Seoul
    I was under the impression that if the real time protection misses something, it might be caught later by the full scan when the signatures will have been updated… But I've never had a real life situation as such.
     
  15. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    I will give it one more try then, and will report back. But about my question, I wonder what triggered this trend, AV's used to be only 10MB big, did they really make us download 100MB's (or more) of signatures back in the days? I can't remember anymore.
     
    Last edited: Feb 2, 2015
  16. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,053
    Does this not clearly demonstrate the ineffectiveness of signature based anti-virus.?
    That zero-day and virtualisation methods are the only safe way forward for system protection.
     
  17. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    A full In depth scan is recommended at least once a week. Your AV scheduling options should allow for this.
     
  18. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,892
    Location:
    US
    Most people run some kind of antivirus either real time or on demand. Just look at our polls section and keep in mind that those who voted none are also using on demand antivirus. There will be always a place for antivirus to at least remove threats that have been around for awhile.
    The only people that don't seem to use antirivus are those on macs and linux as there is no need for them and this may change soon on macs soon too.
     
  19. 142395

    142395 Guest

    Well, no need is bit too much as there have been already some malware, no more neglectable. Even Mac or Linux user should use AV in some way (e.g. on-demand) unless they're sure they know security and threats well and can cope with (remember, recently more novices have been coming to Ubuntu or such, I guess support-end of XP also accelerated it a bit). Also don't forget mobile OSes, currently iOS is almost safe from malware (I know exceptions well), while Android malware keep rising.
     
  20. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    812
    Location:
    255.255.255.255
    do it on 1st install and then very rarely. dont find much use for me
     
  21. Cabville

    Cabville Registered Member

    Joined:
    Feb 19, 2014
    Posts:
    66
    No, it is an effective layer of security. It's just not wise to depend upon it entirely.
     
  22. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,892
    Location:
    US
    I haven't seen Linux users getting infected, servers yes, single users no. Macs are getting infected, yes I agree. But AVs are not reliable for Macs, at least not yet. There are other ways to secure those 2 operating systems that are similar to windows. For Linux I have been surfing bare bones with no security whatsoever, I just simply don't think there is justifiable amount of malware (except for gov't sponsored). For my new shiny Mac, I employed similar security to Windows (minus the AV) which basically comes down to 1) do not install untrusted software 2) script block. I wouldn't mind using AV if it was light weight enough and not buggy and to my knowledge none like that exists.
     
  23. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,751
    Location:
    Toronto Canada
    Last edited: Feb 3, 2015
  24. 142395

    142395 Guest

    Yep. as long as you keep up-to-date and only install software from official or other trusted repository, the possibility for infection will be very close to 0.
    But I care about those novice users. Unlike ancient days (which actually I don't know), doing sth on Linux became very easier. There're plenty of resources on web about those popular distros so they can solve most things, even for command line just copy & paste quite works.
    Given those, I don't think execute permission and protected root privilege can protect them fairly well. Probably what we firstly emphasize shouldn't be AV, but maybe e.g. installing only from official repository, don't add unknown repository, keep up-to-date, be careful to use su or sudo, etc.
    But I personally think too much emphasize of not needing AV is no more good, as they may think Linux is malware free and do anything they want.
     
  25. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,985
    Location:
    Parallel Universe
    I haven't run an on-demand scan with WSA for a couple of years now. WSA is protecting my system automatically. No need for on-demand scanning. It warns and asks to remove any mawlare when found and scans automatically after removal to make sure no remnant exists.:)
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.