0

It may be irrelevant but anyway: I'm using clamscan to check my system.

The problem is that a full system scan needs far more than one day.
When you plan to do one scan a day, that's not acceptable.
Additionally the scan sometimes consumes a huge amount of CPU - reducing the performance of the rest of the software.

For me there are two possibilities to tackle this:
Don't scan the whole system.
Find a way to reduce the workload but still scan the whole system.

The problem: I have no idea if there is a number of directories, big enough to noticeable solve my problem, which can be safely excluded let alone how to scan the whole system in a more efficient way.

Are there any best practices to scan a system for viruses?

TimSch
  • 101
  • 1
  • You need scan a full sistem always,virus / malware can be inyected in any dir / file, So you need scan all, always, but you can solve your issue and not scan all always You can do a full scan one day per week or month, before make some script to collect ( make a list ) files / dirs with changes and scan only that files. – Skamasle Jun 16 '19 at 11:02
  • 2
    It probably depends on _why_ you're trying to do a full system scan, instead of just scanning the specific directories where your Windows files are. – Michael Hampton Jun 16 '19 at 16:01

1 Answers1

1

You must do a cost benefit analysis of the threats you face in your environment.

Large databases usually are difficult to impossible to malware scan in time. Rather, that cost may be more effectively spent on securing the application, and restore testing backups in case of disaster.

On the other hand, a mail server that sees all your email attachments probably sees a lot of malware, including for Windows targets. That can be worthwhile to scan.

Beware adding malware scanning just to tick a box for some audit. Good security is many layers of controls, usually not just on host threat detection.

John Mahowald
  • 32,050
  • 2
  • 19
  • 34