Solved

Why doesn't full scan scan ALL files on computer?


I just downloaded this product and ran a scan and it only scanned about 60,000 files. McAfee scans over 340,642 files on my computer. Why doesn't the Webroot product scan ALL files?
icon

Best answer by Baldrick 18 April 2014, 23:50

View original

13 replies

Userlevel 7
Hi backyarder1
 
Welcome to the Community Forums.
 
Webroot only scans the files that are possible infection vectors (not all files on your system can deliver a malware payload) as there is no point scanning every file on your system.
 
One of the gurus in the forum, now retired very ably summed it up as follows (and I like his style):
 
"When you decide that you are going to do the dishes in your kitchen, do you check your bed for plates that need to be washed?  What about your back yard?  Garage?  In your CD ROM drive?  Probably not*.  You know that you don't leave dishes in those places  Though if you did sometimes leave dirty dishes there,  you'd probably check them.
 
What old style AV does is about the same as checking everywhere in the entire property for dirty dishes before doing the dishes each time.  In the shower, in the soap container, under the bathroom sink, under your pillow.  Everywhere.  If you tried doing this in real life, you'd be definitely sure that there are absolutely zero dirty dishes on your property, but honestly, if there is a dirty dish in the box in the closet that you are never going to open until you move again, do you really want to worry about it if it won't do anything at all?  Why waste all that time checking those boxes and soap containers and everything else every single time? 
 
The better idea would be to check places like the Kitchen, where you KNOW there will be dirty dishes to take care of, and places where you are likely to have dirty dishes, like the table, or the couch from watching TV.  But what if somebody hides a dirty dish under your pillow?  Well, the moment you try to put your head down, you'll find it, right?  So it didn't affect you because it was taken care of the moment the pillow was used."
 
Thanks @ for an excellent analogy.
 
Hope that helps, backyarder1?  If not then please post any follow up questions you may have as a result.
 
Regards
 
 
 
Baldrick
 
 
I guess I don't totally understand. Is Malware the only thing that can harm a computer and therefore the only thing that needs to be scanned for? Are all viruses malware?
Userlevel 7
Badge +56
Baldrick wrote: 
"When you decide that you are going to do the dishes in your kitchen, do you check your bed for plates that need to be washed?  What about your back yard?  Garage?  
 
You've clearly never met my sister 🙂
I understand the analogy but if someone wanted to HIDE a dirty dish, they certainly wouldn't put it in the kitchen. And most viruses are hidden in the computer, so I don't think they would appear in logical places, right?
Userlevel 7
Hi backyarder1
 
Sorry if I confused you,  A dictionary definition of malware may help here "malicious software, such as a virus, which is specifically designed to disrupt or damage a computer system."
 
So malware is a generic name of all sorts of threats that includes viruses, but also trojans, and other assorted nasties.  I infact remember the time when one only worried about viruses, then came the trojans, and suddently viruses did not seem so bad...hence the invetion of the term 'malware'.
 
Rest assured, WSA, cover viruses, trojans and very much more, to keep you safe.
 
Regards
 
 
Baldrick
 
Userlevel 7
Badge +56
It isn't a perfect analogy 🙂  There are files that are likely to need scanning, like exe and dll files, and there are those that probably aren't, like.jpg and mp3 files.  The latter aren't likely to ever attempt to be executed.  Could malicious code be hidden in them?  Sure, but nobody tries to run a.jpg most of the time.  If that were to happen and it were code hidden behind a fake extension, then Webroot would scan it at the time it became a live process.
Userlevel 7
@ wrote:
I understand the analogy but if someone wanted to HIDE a dirty dish, they certainly wouldn't put it in the kitchen. And most viruses are hidden in the computer, so I don't think they would appear in logical places, right?
Ok, then...perhaps a more technical explanation will clarify...and again I am indebted to @ for such, as I could not have put it better myself:
 
"Old AV checks everything.  Every time.  Even all the old pictures you downloaded from the internet.  Every.  Single.  Time.  All 190 GB.  It has no choice.  It doesn't know how to do anything better.
 
The "normal" scan that WSA does is a Deep Scan.  This specifically does deep inspection of all files that are running, definitely will run, or are likely to run.  A threat on disk does absolutely nothing until it is loaded into memory and fed to the CPU as instructions.  Sitting over there in some two-year-old backup?  Not dangerous.  Can't do a thing until it's loaded and executed. 
 
So why waste time looking through your pictures and backups and such when the primary goal is to Protect This Computer?  That file sitting untouched for years isn't endangering it at all. 
 
Oh, wait, you went into that folder and clicked on it to run it!  Great news!  That means that it "definitely will run" now, so WSA interdicts for a fraction of a second to check it.  "Oops.  It's bad!  Kill it!"  And it does.  Same thing if you try to send it via email, or pack it into a zip file, etc.  It's making itself potentially dangerous, so it's scanned.  The end result is that nothing can or does execute without being scanned, and therefore nothing that can or will be a threat will not be subjected to scrutiny.  At the same time, anything that is not a clear and present danger is not scanned by default.
 
When you run a "Scan Now", it runs a Deep Scan by default.  There is another message on the system that explains the difference between a Deep Scan and a Full or Custom Scan.  In summary though, a deep scan is a highly-targeted, full inspection of files as described above:  Things that are running, will definitely run, or are very likely to run.  A Full or Custom scan is an inventory of files against the file list database in the cloud.
 
Chances are when you indicated above that you were running a "full scan", it was a deep scan, and even if it was a full scan, that is an MD5 inventory only, so heuristics are minimal and cloud heuristics are nonexistent.  The fact that the file was found on a right-click scan indicates the former though.  An actual full scan of the computer will both take hours in most cases and is also completely unnecessary for protecting the computer with WSA.
 
So your 90-second scan is not really not-quite-full.  It's deep.  It's not even close to full because doing a full scan like the old stuff does would not improve the protection of the computer and would waste a lot of your time.  It took some intelligence by a lot of people who have worked in the security industry for ages and who were willing to throw out to old "Must find SOMETHING!  Must scan EVERYTHING!" mentality in favor of something that protects the actual computer better and scans less while doing so."
 
I hope that this helps a little more and puts your mind at ease that WSA is there and protects you very well.
 
Regards
 
 
 
Baldrick
Okay. I appreciate all of those explanations. I have a fairly new computer (less than 6 months) and haven't had any problems yet. I decided to download your product rather than renew the free McAfee I got with the computer so I'm hoping I made the right choice.
 
I know I've gotten viruses before with various other virus scan programs so I decided to try yours.
 
Again, I appreciate your REALLY quick and detailed explanations.
 
Betsy
Userlevel 7
Badge +3
You've made a wise choice Betsy...Welcome to the Webroot Community!
Userlevel 7
Hi Betsy
 
No problem...glad to have you join the Webroot Family...and I am sure that you will not regret it.  I have been using WSA for a number of years, and its antecedents, and have never been victim of malware to date.
 
Please feel free to address your questions here or in other threads in the forums...a Community member will always do their best to respond.  PLus there are a number of articles and short videos that explain the WSA philosophy.  IF these may be of interest to you then please let us know and the links can be provided.
 
Have a great Easter weekend.
 
Regards
 
 
Baldrick
Userlevel 7
Badge +56
Hello Betsy and Welcome to the Webroot Community Forums!


 
Welcome to the future and it's here now as everything is done in the Cloud and not on your system so you get to use your computer as it was made for without slowdowns!
 
Cheers,
 
Daniel ;)
 


 
 
Userlevel 7
Hello Betsy. Welcome to the Community. 🙂
Userlevel 2
:D
Hi Backyarder 1
 
Welcome to the community, hope you like here as much as I do.  They will help you in anyway possible, I like them all here. Thank you for your time and have a great night.
 
Thank you
 
little voice

Reply