Helping people with computers... one answer at a time.

Many anti-malware products offer both a "quick" and "full" scan. I'll examine the common difference, and outline what I generally suggest you do.

Should I be running a 'Full Scan' or a 'Quick Scan' on my various anti-spyware, anti-malware, anti-virus software? The options, and their differences aren't always clear to me - when would one be more suitable than the other, and what might be the dangers of running the wrong one?

Naturally, the answer changes slightly depending on which program we're talking about, but ultimately the software giving you a pretty basic choice:

Do you want the scan to be quick, and pretty good? Or would you rather it take much longer but also be much more thorough?

Of course it all depends on what I mean by "pretty good" and "much more thorough".

I'll outline what they usually mean, and then which I suggest using and when.

The vast majority of malware - both viruses and spyware - actually affect only certain types of files and only in certain locations. For example, files that your computer would attempt to actually run - like a ".exe" file - are the most likely to be infected. Other file types like plain text files or music and video files are less likely to be infected. A quick scan might restrict itself to only scanning those files that fall into the former category, and ignore the rest. The list of file types it might scan could still be quite long, but it's much quicker than scanning everything.

"'Quick' scans are quick because they don't scan every file."

Similarly, most often files that are infected are in particular locations - like in your Windows folders. A quick scan might restrict itself to scanning files only in folders that fall into this "most likely to be infected" category, and ignore everything else. There might be many locations but it'll be much faster than scanning all locations.

"Quick" scans are quick because they don't scan every file. Instead of scanning every file in every folder on every disk in your machine a quick scan would scan only those files and locations where malware is most likely to be present.

Exactly what is and is not scanned in a quick scan will vary depending on the specific tool you're using.

In general, quick scans are "pretty good" in that they run quickly, don't interfere much and provide a good level of protection.

Full scans are just that: full. They scan every file in every folder on every hard disk that you tell them to. As you can imagine, reading every file can take some time, and that's the drawback. Depending on the tool it can adversely impact the performance of other applications also attempting to use the hard disk for the duration of the scan.

But it is thorough.

Remember I said that infections in some file types aren't likely, but that doesn't mean that they aren't possible. It's rare that a music or video file contain a virus, for example, but it can happen. A full scan stands at least a chance of catching it, whereas a quick scan that didn't even look at these files of course would not.

And that, then, would be what I mean when I say "much more thorough".

So, what to use?

My machines are on 24 hours a day, and I have them run a full scan every night when I'm not around. If you also leave your machines running overnight I suggest doing the same. Coupled with normal safety precautions during the day (i.e. don't open attachments you don't trust, don't click on suspicious links, stay up-to-date, etc.) then you're in a pretty safe spot. You might break out the quick scan if you ever felt like running one manually, but I'm guessing you probably won't need to.

If, on the other hand, you turn your machine off over night, then it might be very prudent to schedule your anti-malware software to do a quick scan - so as not to interfere with your usage much - on login, or at some point during the day. I would then also perform a full scan perhaps once a week, either manually or scheduled when you know you won't be impacted by it.

Article C4218 - March 15, 2010 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

March 16, 2010 8:24 AM

What I like to do is a full scan every so often (I usually run it every second Sunday) and a quick scan other times.

Of course, common sense is one of the best antiviruses. But the only way to never get a virus is to never use a computer. :-)

John S
January 7, 2012 3:54 PM

My own observation using Microsoft Security essentials is that many times the quick scan did not find the malware such as a Trojan or a Java exploit. Maybe these malware creators have mange to work around these quick scans. I agree with you, that the best scan is a complete scan at least once a week.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.