[Resolved] Rootkit setting?

[Para-Noid]

I have learned, from experience, that setting the rootkit to full causes a "threat detected" when there is no threat.
I have ran a boot scan, and found nothing. I am wondering why there is even a "rootkit full scan" setting at all? Is there a need for a "full" scan for rootkits? If nothing else I am curious. This has nothing to do with a recent scan!

[Lisandro]

Well, if you want to scan for hidden malware (a.k.a. rootkits), you can run a specialized scanning called "rootkit full scan". Why not?

[Para-Noid]

If finding "hidden" rootkits is important why is the default setting at "quick" and not "full"?

[Gargamel360]

If finding "hidden" rootkits is important why is the default setting at "quick" and not "full"?

Maybe because...

I have learned, from experience, that setting the rootkit to full causes a "threat detected" when there is no threat.

and the default settings are for average users, who do not want to be chasing around FP's.

[Lisandro]

If finding "hidden" rootkits is important why is the default setting at "quick" and not "full"?

Because quick is quick, full is full, everything.

[Para-Noid]

If finding "hidden" rootkits is important why is the default setting at "quick" and not "full"?

Maybe because...

I have learned, from experience, that setting the rootkit to full causes a "threat detected" when there is no threat.

and the default settings are for average users, who do not want to be chasing around FP's.

I think you are right...concerning false positives. A full scan for rootkits could find a lot of FP's.

[nweissma]

i don't see how to configure a boot-scan for rootkits (avast pro 6.0.1289).

but i see from these posts that a boot scan may not be the best strategy for detecting a rootkit -- so what is the most efficient strategy -- where will i most likely find rootkits -- there's no point wading through entire gigabytes of paths where rootkits are never to be found -- barking up the wrong tree.