As mention here already, new definitions might change the status of a file previously not detected therefore new virus definitions imply the need to scan each file again.
Manual full scan will also use as much resources as possible.
So during successive(meaning without update in between) scans, second scan should be faster time-wise regardless of the scanning option. The settings should affect the overall speed of the scan.
Thank you for your feedback on the knowledge base article. We'll look into improving it with the content team.
Thank you Ben for verifying this!
Additional info about Manual vs Scheduled scan:
I just did a scheduled scan and it actually skipped more files than the manual. It still skipped pagefile and windows logs but is also couldn't access my files encrypted with EFS(cause it now wasn't ME scanning the files).
CPU usage was still 100% almost all of the time. So I will definetively continue to do all my scans manually.
Yet looking at this article in the knowledge base, more potential malware may be found in a scheduled scan, compared to a manual scan; http://community.f-secure.com/t5/Security-for-PC/Fewer-viruses-found-in-manual/ta-p/18176
This is because a scheduled scan uses a Local System account which can scan additional folders such as System Restore.
Thanks guys, great info!
I did a manual full scan and compared it to my scheduled from yesterday(new virus and spyware def):
They took just as long to do, only differed seconds
4447 less files scanned in manual (probably System Restore files)
58 more files not scanned in scheduled (due to my EFS files)
And I noticed that the not scanned windows logs are completely different files between the manual and scheduled scan.
So to be extra sure then you probably should do both a manual AND scheduled scan, that's my conclusion. This seems confusing and I agree with @Simon on that point.
Normally though you don't have do to manual scans as long as you have real-time scanning: http://community.f-secure.com/t5/Security-for-PC/Should-I-manually-scan-my-hard/ta-p/15412
In that KB it also says: "If you want, you can scan manually for viruses by using scheduled scanning". That statement makes you think manual and scheduled are the same which it's clearly not.
I do manual scans as a extra safety. Just like I sometimes scan with other products as a second opinion.
If my machine is clean, when installing a new version of an AV/a new AV, I carry out a quick on-demand scan and then that's it for on-demand scans.
For scanning, I rely on my real-time Guard and a regular weekly scan with Malwarebytes. I have never carried out a FULL scan with an AV for years.
So I do not rely on an AV for my sole primary defense but generally run one with an AE/Sandbox and a good imaging program as part of a layered defense.
Overall, the information found in this thread should add to an interesting knowledge-based article on Scanning with F-Secure.
Want to point out that by not scanning System restore, you skip the most frequently used hiding place for malware.
Would be nice to have a commandline icon, that does a (Local System Account) scan with the parameters set by the manual scan option.
Has anyone done that yet?
The only stuff we need to know is the exact syntax to paste in the 2 lines (Target: and start In: ).
- Tried it and it works, 1 example -
1) Create a CMD line shortcut.
Paste (or type) the path to the fsav.exe file in the: "Start in" line. - JUST the path! embedded in quotes ( " " ) -
in my case:
Then in the target line, AFTER the cmd.exe part it should look like this (cmd.exe included):
%SystemRoot%\system32\cmd.exe /K fsav.exe /system
The /K fsav.exe is the important part,
/All /hard /system /rootkit /spyware /archive /beep ( /disinf /quar /rename )
and so forth you can add to your own insight and needs, some switches need extra info like /policy.
(Couldn't find the Heuristics switch at all)
Have a nice one
Great! But note that it'll probably only work on old Windows versions, it was changed in Vista I think. Type whoami and check.
PStools has a PSexec utility that let's you launch as Local System Account if you want. Example:
C:\PsExec.exe -i -s -d %SystemRoot%\system32\cmd.exe /K "C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\fsav.exe" c:\ /policy /report=c:\scanreport.txt
Now typing whoami responds: "nt authority\system".
And when you use /policy your manual scan settings will be used. This is from the report file for the above command to verify what /policy does:
Target: C:\ + system + rootkits
Scan all files
Viruses: Disinfect infected files
Spyware: Quarantine and delete
Scan inside archives: on
Note: You have to run this schortcut as Administrator to give PSexec authority to do this (PSexec -s parameter = run as System Account)
As for heuristics flag missing, it's also missing from the scanning reports both manual and scheduled, if heuristics was on or off.
I asked our Internet Security product expert @Cale to review the KB article. He has now revised it after having checked the functionality again. Many thanks for bringing this up, and thanks for everyone how has contributed to this discussion, your feedback is very valuable for us. It helps us improving the knowledge base.
IMHO the heading of the KB article does not reflect the content.
Would it not be better to title it something like"Factors affecting Speed of second/subsequent on-demand scans"
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support and get answers to your questions