How effective is the NIS 2010 quick scan when compared to a full system scan? Does if find almost as much or is there a big difference?
How effective is the NIS 2010 quick scan when compared to a full system scan? Does if find almost as much or is there a big difference?
It's a given that the scans work differently. I'm asking about effectiveness. How much less effective is the quick scan than the full system scan? I'm looking for an answer like: the quick scan will catch XX% of the malware that the full system scan would catch.
Sorry for my misunderstanding.
There were several ways to interpret your question. One was that effectiveness is in effect a relative term in relation to the end result desired. I read you question as to how effective is the scan as regards protecting the PC. Hence a full scan provides greater effectiveness.
What I now understand you are asking is, in effect, in so far as there are common areas being scanned as and between full and quick scan, what is the effectiveness of each in identifying malware of any kind.
AFAIK they are equally effective in the areas that are common to both scans. In other words, as far as I am aware, there is no difference in the quality/depth of the scan between the two, only the areas scanned.
Hi car825,
I copied this from the Norton Help Center for you (you can access the Norton Help Center by opening NIS 2010, going to "Help & Support" and then to "Help"):
Quick Scan is a fast scan of the areas of your computer that the viruses and other security risks often targets. Because this scan does not scan your entire computer, it takes less time to run than a Full System Scan.
Full System Scan performs a deep scan of the system to remove viruses and other security threats. It checks all boot records, files, and running processes to which the user has access. Consequently, when you run a Full System Scan with administrator privileges, it scans more files than when you run it without administrator privileges.
Yaso_Kuuhl wrote:
Quick Scan is a fast scan of the areas of your computer that the viruses and other security risks often targets. Because this scan does not scan your entire computer, it takes less time to run than a Full System Scan.
Full System Scan performs a deep scan of the system to remove viruses and other security threats. It checks all boot records, files, and running processes to which the user has access. Consequently, when you run a Full System Scan with administrator privileges, it scans more files than when you run it without administrator privileges.
As I now understand the OP he is really asking that if you take an area that would be covered by a quick scan (let us say for this purpose c:\windows\system32) will that area be scanned with the same rigour as when it is scanned by a Full System Scan?
The wording in the help file is not entirely clear or maybe it is and I also am under a misapprehension.
Quick scan of limited area will ipso facto be faster than a full scan. But when the help file says a "fast scan of the area.." does it mean that the scan is less in depth than that performed in a full scan?
The corollary is when the help says "performs a deep scan" it implies that the scan is deeper than under a quick scan rather than the scan being simply covering more areas on the hard drive(s).
On the Malwarebytes forum there is an informative thread on the differences between the Malwarebytes quick scan and full scan. It's easy to find by searching for "differences between". That's the kind of information I was looking for.
I am not clear if you are satisfied or not with the responses you have already received. The help provided by Norton is if anything greater than the help provided by Malwarebytes. I guess you are making a request for an application note in the forum headed "Difference between quick scan and full scan" . But as I have said afaik the only difference in the areas scanned.
Perhaps you can suggest some wording that you would like to see.
Look at it this way. NIS is a means to an end which is security. I'm not asking how it works, what areas it scans, etc. I'm asking what level of security a quick scan provides. I understand it's not as thorough as a full system scan. I pointed you to the Malwarebytes forum because they answer that question in some detail, and the answer was not the one I expected.
I am sorry I have no reference point for levels of security. I am not interested in scanning other forums trying to find a reference that you may or may not be referring to and which has no reference to Norton product. I cannot help you further and shall leave others to see if they can assist.
Notwithstanding the foregoing, I did find this forum entry http://forums.malwarebytes.org/index.php?showtopic=10405
entitled Difference between Quick Scan and Full Scan and it seems to be the same in Norton as I already explained, so what point you are seeking to make remains unidentified to me.
Hi car825,
Let's frame the problem another way: Suppose I told you that I had installed a really nasty bit of malware somewhere on your computer but I do not divulge to you its actual location. You are allowed one scan to find it before it executes. Do you run a full scan or a quick scan?
The problem with the question as you are stating it is that it calls for a statistical answer. Statistics are useful when dealing with a population, but are meaningless when you are talking about an individual computer. So sure, maybe Malwarebytes' quick scan will catch 99.9% of all malicious software in the large population of PCs on which the product is installed. I'm sure the same statistic will hold for Norton as well, since the common locations for malware are well known and therefore the quick scans of both products should be nearly identical as far as the areas that are scanned are concerned. But will a quick scan catch 99.9% of the malware that may be present on your PC? It will if the malware is installed in one of the most likely locations. If the malware is in some folder where nobody ever goes however, you will have a 0% chance of finding it with a quick scan.
The point I am making is that statistically, a quick scan is very likely to catch any malware that may be present on your machine. But a 99.9% success rate means that if 100,000 people ran quick scans today, 100 infections went undetected. It is a game of chance. Even though if you toss a coin enough times, heads should come up in half the tosses, it is still entirely possible for the coin to land on tails on ten straight individual flips or more. So your evaluation of quick scanning really needs to be based on how thorough you want to be and how much time you are willing to allow in order to achieve that degree of thoroughness. Running a full scan once in a while seems a sensible thing to do.
Quick Scan scans all files currently loaded in memory and all files that may automatically be loaded by windows. This is done by looking at the OS registration metadata such as registered services, drivers, LSP's, BHO, shell extensions, startup items, etc., as well as for known rootkits by using direct volume and registry access in order to bypass rootkit stealthing.
Full system scan performs a Quick Scan, as well as scans all files on all attached volumes.
A Quick Scan will detect all active threats, a full system scan may detect inactive or dormant threats such as malware that may be on disk or inside archives but not loaded or registered to automatically load.
After virus definitions are updated a Quick Scan is automatically run, this rescans files that have already been loaded in order to detect malware that is already active but detection only added to the new definitions.
Between Quick Scan and Auto Protect the system is protected.
Regards
Pieter