Need to scanning folders/drives when anti-virus is smart

LMiller7 said:

Modern malware has become very sophisticated. The days when malware was primarily produced by the basement hacker are gone. Todays malware creator is well educated, well equipped, well organized, and well funded. Some governments are funding malware production as a form of terrorism.

In order to fulfill it's mission malware must evade detection. Todays malware author is well aware of how AV software works and has used this knowledge to develop methods of evading detection. One method is to create an army of malware. While each malware soldier is essentially the same infection they are modified so as to have a different signature and look different to AV software. AV software has methods of overcoming this but they are not 100% effective.

Modern AV scanning is smart, but not smart enough to detect all forms of malware. Good security always incorporates multiple layers of protection. Any one layer can be evaded but having multiple layers make this much more difficult.

When doing a file scan the AV product must scan each infectable file because it has no way of knowing which ones might be accessed, or which ones may have been infected since the last scan. Checking the dates of file creation and modification is useless as malware is fully capable of infecting a file while preserving the original date stamps.

Well along with my post LM I can see we are on the same page mate. I was just thinking this morning it is a bit like going into a library and picking up a red covers book called How to make cake, and you open it up to find it is full of nude pics. So you make a note of that and bypass it. Now you may move on and see another book coloured blue and it is How to make cake by the same author and open it up and it is full of nursery rhymes so you make a mental note and avoid thta book . My point is that you gradually build up a list of books that you want to avoid.

Now the books are outwardly ok but the malware the contents are the guts of it and offends you and you recognizing it (the book) the next time you see it (the heuristics), and your memory of that book is the definition base.
Now as you rightly point out new "books" are written everyday and until someone opens them it will never be known if they are bad or not if found bad then added to the database of malware. So it really does depend a lot on how good your heuristics are because it is just like having a look at every book that is titled How to cook cake and if it looks familiar then the system should then go though the book to see what is good or bad. Now again as you say some "books" can be very cleverly disguised and may slip through.
My concern at the moment is not so much that the threat is coming from software based malware more that it is now being discussed re malware being put into hardware devices such as BIOS chips RAM sticks etc etc by the doping processes that are used too manufacture of transistors for example