Saturday, April 20, 2013

Why You Don’t Need to Run Manual Antivirus Scans (And When You Do)

Filled under:


mse-pc-is-potentially-unprotected
Do you regularly open your antivirus program and run scans? Microsoft Security Essentials and other antivirus programs think you need to, warning you that your computer may be at risk if you haven’t done so in a while.
In reality, these manual scans aren’t all they’re cracked up to be. You can generally ignore your antivirus and it will do its job in the background without any help from you, only alerting you when it finds a problem.

Why Manual Antivirus Scans Are Unnecessary

Your antivirus is always running in the background. It’s monitoring the processes running on your system, ensuring that no malicious processes are running. Whenever you download a new file or open a program, your antivirus quickly steps in, examining the file and comparing it to viruses before allowing it to run. If you download a virus, your antivirus will notice without you needing to scan anything. For example, try downloading the EICAR test file — your antivirus will leap into action and deal with the file without any manual scans needed.
This feature is generally known as background scanning, real-time protection, resident protection, on-demand scanning, or something like that
In other words, you don’t need to run manual scans because your antivirus has already checked every file for malware as it arrived. It’s also aware of all the software running on your system. Your antivirus program doesn’t need you to click a button — it’s already doing the work.
Your antivirus probably already runs its own manual scans, anyway. Antiviruses generally run system scans in the background once a week without interrupting you.
Microsoft Security Essentials’ message is particularly silly. If MSE really thinks a manual scan is necessary, MSE has the ability to perform the scan in the background instead of scaring its users into clicking a button.

When You Should Run Manual Scans

Manual scans are still useful in some cases, but you don’t need to regularly open your antivirus program and initiate them:
  • When You Install an Antivirus: When you first install an antivirus, it will perform a full-system scan immediately. This allows the antivirus to ensure your computer is in a clean state and that you don’t have viruses lurking in unopened files on your hard drive. After performing this scan, your antivirus can trust that your system is secure. However, it will still scan files for malware when you open them.
  • Check For Dormant Malware it Missed Earlier: Antiviruses use “definition files,” which are updated regularly. These files basically contain a catalogue of identified malware, and your antivirus compares programs you run to the catalogue to check whether they match. It’s possible that there’s a dormant virus lurking in an executable file deep on your hard drive that your antivirus missed during its first manual scan. If a virus definition has been added for that type a malware — or the antivirus’ heuristics have improved — it will only catch the dormant virus when you perform a manual scan. However, the virus will be caught if you try to run the file containing the virus or during a regularly scheduled full-system scan.
  • Get a Second Opinion: You should only have one antivirus program running at once, as multiple background-scanning antivirus programs can interfere with each other and cause problems with your computer. If you want to scan your computer with multiple antivirus programs, you’ll need to perform a manual scan with the second antivirus programinstead of using its background-scanning feature.

Why Background Protection is Better Than Manual Scans

You can optionally disable background scanning in some antivirus programs and just perform manual scans, but you shouldn’t.
Think of your computer as your house, and your antivirus’s background scanning protection as a security guard standing at your front door and frisking everyone who tries to enter your house. A manual scan is the equivalent of having the security guard search every inch of your house for intruders.
If you’ve already checking everyone who enters your house, you don’t need to search every nook and cranny of your house for malicious people. In fact, it’s much better to guard your door because so you can catch threats before they’re allowed in — if you catch someone lurking in a dark corner of your house or PC, who knows what they’ve been doing in the time between when they were allowed in and when you caught them. Once the software is running on your computer, it also has the potential to hide itself and prevent the antivirus program — and even the Windows Task Manager — from seeing that it’s running. Software that does this is generally known as a rootkit.
You want to catch the malware before the virus starts running on (and infects) your computer, so stick with automatic background scanning instead of manual scans. Even if you scan every program you download manually before running it, you should use automatic scans to get maximum protection against zero-day attacks and other security threats.

Some security suites may remove cookies when you perform a manual scan, referring to them as “threats.” This is a great way for the security suite to pretend it’s doing something valuable and justify its price tag. But you don’t need a full security suite, anyway — and you can always have your browser automatically clear cookies if you want to get rid of them.

0 comments:

Post a Comment