Launching multiple antimalware app scans
in [Windows Viruses]
|
From: Frank on 8 May 2010 15:01 I want to run the following on c-drive hard disk, and e & f drives (usb stick): MalwareBytes, SpybotS&D, Symantec AV. What are some thoughts on the trade-offs of launching all at once? My initial thoughts are: They will compete for CPU, which will drag the total scan time out. No big deal if I'm away all that time, though it does wear the disk a bit. However, the disk head will probably be jumping around all over the place because the different scans will be requesting files from everywhere almost at the same time. This will drag the scans out probably a lot more, and wear the disk way more. There are likely ways to schedule these scans (or even more sensibly, to queue them). But if there's a cheap and lazy way to scan without figuring that out, I'll take it (with a bit of due diligence in the questions above). I will do this routine on both user and administrator accounts.
From: David H. Lipman on 8 May 2010 15:12 From: "Frank" <franklin.macintosh(a)gmail.com> | I want to run the following on c-drive hard disk, and e & f drives | (usb stick): | MalwareBytes, SpybotS&D, Symantec AV. | What are some thoughts on the trade-offs of launching all at once? My | initial thoughts are: | They will compete for CPU, which will drag the total scan time out. | No big deal if I'm away all that time, though it does wear the disk a | bit. However, the disk head will probably be jumping around all over | the place because the different scans will be requesting files from | everywhere almost at the same time. This will drag the scans out | probably a lot more, and wear the disk way more. | There are likely ways to schedule these scans (or even more sensibly, | to queue them). But if there's a cheap and lazy way to scan without | figuring that out, I'll take it (with a bit of due diligence in the | questions above). I will do this routine on both user and | administrator accounts. Never run "at the same time". Each should be run sequentially. They bog each other down and get get in each others way. However you note you have Symantec AV (not the best out there) which will be performing On Access scanning whenever a file is written or read from media. Therefore if you perform a scan with an On Demand scanner such as SbyBot S&D, as SpyBot S&D scans the disk Symantec will also be scanning the files. Thus when completeed, before running the next On Demand scanner such as Malwarebytes (MBAM), you can turn off the On Access scanner of Symantec. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Frank on 8 May 2010 23:06 On May 8, 3:12 pm, "David H. Lipman" <DLipman~nosp...(a)Verizon.Net> wrote: > From: "Frank" <franklin.macint...(a)gmail.com> > > | I want to run the following on c-drive hard disk, and e & f drives > | (usb stick): > | MalwareBytes, SpybotS&D, Symantec AV. > > | What are some thoughts on the trade-offs of launching all at once? My > | initial thoughts are: > > | They will compete for CPU, which will drag the total scan time out. > | No big deal if I'm away all that time, though it does wear the disk a > | bit. However, the disk head will probably be jumping around all over > | the place because the different scans will be requesting files from > | everywhere almost at the same time. This will drag the scans out > | probably a lot more, and wear the disk way more. > > | There are likely ways to schedule these scans (or even more sensibly, > | to queue them). But if there's a cheap and lazy way to scan without > | figuring that out, I'll take it (with a bit of due diligence in the > | questions above). I will do this routine on both user and > | administrator accounts. > > Never run "at the same time". Each should be run sequentially. They bog each other down > and get get in each others way. > > However you note you have Symantec AV (not the best out there) which will be performing On > Access scanning whenever a file is written or read from media. Therefore if you perform a > scan with an On Demand scanner such as SbyBot S&D, as SpyBot S&D scans the disk Symantec > will also be scanning the files. Thus when completeed, before running the next On Demand > scanner such as Malwarebytes (MBAM), you can turn off the On Access scanner of Symantec. OK, sequential it is. Looks like I can't just launch them all and take off (I'd have to figure out how to queue to do that, if I want to spend the time). I realize that Symantec is not the most well regarded, but that's what I have to use (else I'd use Avast or Grisoft). I'm confused about the "On Demand" scanner such as SpybotS&D or Malwarebytes. Doesn't "On Demand" mean that an AV scans files for malware as those files are used/accessed? On the other hand, it almost sounds to me that you mean scans that are invoked by the user rather than scheduled. I'm not sure if SpybotS&D or MalwareBytes are "On Demand" -- I haven't researched how one might schedule or queue their scans, whether this is scheduling/queueing can be set up within the app, or whether I have to figure out scheduling/queueing in Windows and possibly invoke those apps by text commands and command- line options. I'm guessing (correct me if I'm wrong) then your last paragraphs says that I should turn off On Access before doing scans with Spybot or MalwareBytes. Is this right? Because it could also mean that I should keep it on for the first of those two scans, then turn it off for the second one (which also makes sense). I have concerns about turning off On Access...I am constantly using the machine during these dreadfully long scans. I'm wondering how much it hurts to keep it on.
From: Frank on 8 May 2010 23:13 A bit of clarification below... On May 8, 11:06 pm, Frank <franklin.macint...(a)gmail.com> wrote: > On May 8, 3:12 pm, "David H. Lipman" <DLipman~nosp...(a)Verizon.Net> > wrote: > > > From: "Frank" <franklin.macint...(a)gmail.com> > > > | I want to run the following on c-drive hard disk, and e & f drives > > | (usb stick): > > | MalwareBytes, SpybotS&D, Symantec AV. > > > | What are some thoughts on the trade-offs of launching all at once? My > > | initial thoughts are: > > > | They will compete for CPU, which will drag the total scan time out. > > | No big deal if I'm away all that time, though it does wear the disk a > > | bit. However, the disk head will probably be jumping around all over > > | the place because the different scans will be requesting files from > > | everywhere almost at the same time. This will drag the scans out > > | probably a lot more, and wear the disk way more. > > > | There are likely ways to schedule these scans (or even more sensibly, > > | to queue them). But if there's a cheap and lazy way to scan without > > | figuring that out, I'll take it (with a bit of due diligence in the > > | questions above). I will do this routine on both user and > > | administrator accounts. > > > Never run "at the same time". Each should be run sequentially. They bog each other down > > and get get in each others way. > > > However you note you have Symantec AV (not the best out there) which will be performing On > > Access scanning whenever a file is written or read from media. Therefore if you perform a > > scan with an On Demand scanner such as SbyBot S&D, as SpyBot S&D scans the disk Symantec > > will also be scanning the files. Thus when completeed, before running the next On Demand > > scanner such as Malwarebytes (MBAM), you can turn off the On Access scanner of Symantec. > > OK, sequential it is. Looks like I can't just launch them all and > take off (I'd have to figure out how to queue to do that, if I want to > spend the time). > > I realize that Symantec is not the most well regarded, but that's what > I have to use (else I'd use Avast or Grisoft). > > I'm confused about the "On Demand" scanner such as SpybotS&D or > Malwarebytes. Doesn't "On Demand" mean that an AV scans files for > malware as those files are used/accessed? On the other hand, it > almost sounds to me that you mean scans that are invoked by the user > rather than scheduled. I'm not sure if SpybotS&D or MalwareBytes are > "On Demand" -- I haven't researched how one might schedule or queue > their scans, whether this is scheduling/queueing can be set up within > the app, or whether I have to figure out scheduling/queueing in > Windows and possibly invoke those apps by text commands and command- > line options. > > I'm guessing (correct me if I'm wrong) then your last paragraphs says > that I should turn off On Access before doing scans with Spybot or > MalwareBytes.... ....since I directly invoke Symantec to scan the hard drive and USB sticks beforehand. > Is this right? Because it could also mean that I > should keep it on for the first of those two scans, then turn it off > for the second one (which also makes sense... ....if I hadn't directly used Symantect to scan the drives beforehand). > I have concerns about turning off On Access...I am constantly using > the machine during these dreadfully long scans. I'm wondering how > much it hurts to keep it on.
From: Frank on 8 May 2010 23:49 On May 8, 11:13 pm, Frank <franklin.macint...(a)gmail.com> wrote: > A bit of clarification below... > > On May 8, 11:06 pm, Frank <franklin.macint...(a)gmail.com> wrote: > > > On May 8, 3:12 pm, "David H. Lipman" <DLipman~nosp...(a)Verizon.Net> > > wrote: > > > > From: "Frank" <franklin.macint...(a)gmail.com> > > > > | I want to run the following on c-drive hard disk, and e & f drives > > > | (usb stick): > > > | MalwareBytes, SpybotS&D, Symantec AV. > > > > | What are some thoughts on the trade-offs of launching all at once? My > > > | initial thoughts are: > > > > | They will compete for CPU, which will drag the total scan time out. > > > | No big deal if I'm away all that time, though it does wear the disk a > > > | bit. However, the disk head will probably be jumping around all over > > > | the place because the different scans will be requesting files from > > > | everywhere almost at the same time. This will drag the scans out > > > | probably a lot more, and wear the disk way more. > > > > | There are likely ways to schedule these scans (or even more sensibly, > > > | to queue them). But if there's a cheap and lazy way to scan without > > > | figuring that out, I'll take it (with a bit of due diligence in the > > > | questions above). I will do this routine on both user and > > > | administrator accounts. > > > > Never run "at the same time". Each should be run sequentially. They bog each other down > > > and get get in each others way. > > > > However you note you have Symantec AV (not the best out there) which will be performing On > > > Access scanning whenever a file is written or read from media. Therefore if you perform a > > > scan with an On Demand scanner such as SbyBot S&D, as SpyBot S&D scans the disk Symantec > > > will also be scanning the files. Thus when completeed, before running the next On Demand > > > scanner such as Malwarebytes (MBAM), you can turn off the On Access scanner of Symantec. > > > OK, sequential it is. Looks like I can't just launch them all and > > take off (I'd have to figure out how to queue to do that, if I want to > > spend the time). > > > I realize that Symantec is not the most well regarded, but that's what > > I have to use (else I'd use Avast or Grisoft). > > > I'm confused about the "On Demand" scanner such as SpybotS&D or > > Malwarebytes. Doesn't "On Demand" mean that an AV scans files for > > malware as those files are used/accessed? On the other hand, it > > almost sounds to me that you mean scans that are invoked by the user > > rather than scheduled. I'm not sure if SpybotS&D or MalwareBytes are > > "On Demand" -- I haven't researched how one might schedule or queue > > their scans, whether this is scheduling/queueing can be set up within > > the app, or whether I have to figure out scheduling/queueing in > > Windows and possibly invoke those apps by text commands and command- > > line options. > > > I'm guessing (correct me if I'm wrong) then your last paragraphs says > > that I should turn off On Access before doing scans with Spybot or > > MalwareBytes.... > > ...since I directly invoke Symantec to scan the hard drive and USB > sticks beforehand. > > > Is this right? Because it could also mean that I > > should keep it on for the first of those two scans, then turn it off > > for the second one (which also makes sense... > > ...if I hadn't directly used Symantect to scan the drives beforehand). > > > I have concerns about turning off On Access...I am constantly using > > the machine during these dreadfully long scans. I'm wondering how > > much it hurts to keep it on. I should add that, further to the above clarifications, the bottleneck in SpybotS&D scan of the USB stick seems to be SpyBotS&D's CPU usage. If Task Manager is used to display processes sorted by CPU usage in descending order, SpyBotS&D uses most of the CPU all the time, and Symantec uses almost no CPU. This also means that SpybotS&D scanning isn't spending excessive time waiting for file content from the USB stick or from Symantec's On Access scanning. I wonder if this enough to indicate that On Access scan does not hinder the SpyBotS&D scan on a stick... Of course, if it the scan was being made of a hard drive, the situation might be different because of seek times. Furthermore, if a MalwareBytes scan uses much less CPU than a SpybotS&D scan, then the scan might be I/O limited rather than CPU limited.
|
Next
|
Last
Pages: 1 2 Prev: Update - Microsoft Responds to the Evolution of Community Next: snopes.com: F1 Key Virus. |