03-13-2010 06:05 PM
Let's frame the problem another way: Suppose I told you that I had installed a really nasty bit of malware somewhere on your computer but I do not divulge to you its actual location. You are allowed one scan to find it before it executes. Do you run a full scan or a quick scan?
The problem with the question as you are stating it is that it calls for a statistical answer. Statistics are useful when dealing with a population, but are meaningless when you are talking about an individual computer. So sure, maybe Malwarebytes' quick scan will catch 99.9% of all malicious software in the large population of PCs on which the product is installed. I'm sure the same statistic will hold for Norton as well, since the common locations for malware are well known and therefore the quick scans of both products should be nearly identical as far as the areas that are scanned are concerned. But will a quick scan catch 99.9% of the malware that may be present on your PC? It will if the malware is installed in one of the most likely locations. If the malware is in some folder where nobody ever goes however, you will have a 0% chance of finding it with a quick scan.
The point I am making is that statistically, a quick scan is very likely to catch any malware that may be present on your machine. But a 99.9% success rate means that if 100,000 people ran quick scans today, 100 infections went undetected. It is a game of chance. Even though if you toss a coin enough times, heads should come up in half the tosses, it is still entirely possible for the coin to land on tails on ten straight individual flips or more. So your evaluation of quick scanning really needs to be based on how thorough you want to be and how much time you are willing to allow in order to achieve that degree of thoroughness. Running a full scan once in a while seems a sensible thing to do.
03-13-2010 06:52 PM
Quick Scan scans all files currently loaded in memory and all files that may automatically be loaded by windows. This is done by looking at the OS registration metadata such as registered services, drivers, LSP's, BHO, shell extensions, startup items, etc., as well as for known rootkits by using direct volume and registry access in order to bypass rootkit stealthing.
Full system scan performs a Quick Scan, as well as scans all files on all attached volumes.
A Quick Scan will detect all active threats, a full system scan may detect inactive or dormant threats such as malware that may be on disk or inside archives but not loaded or registered to automatically load.
After virus definitions are updated a Quick Scan is automatically run, this rescans files that have already been loaded in order to detect malware that is already active but detection only added to the new definitions.
Between Quick Scan and Auto Protect the system is protected.