Jump to content

LiFers

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hmm, dealing with what AVG calls Win32/Expiro today. MBAM didn't find any of it. Almost every exe outside windows infected - ugh - mess! Exhausting.
  2. Good point, however the reason why I'm running full scans is that a) I strongly suspect there's a virus due to particular PC behaviour or b) I know there's a virus because I can see it's behaviour. Also, when I leave the site (or return the computer) I must be 100% certain that all malicious software has been expunged from the PC. As an IT Technician I'm routinely scanning PCs I know have an infection. I'm not using Full Scan on an uninfected PC as a routine system maintenance item. Further, as I'm charging for the service, there can be no mistakes. Hence a minimum of 2 full scans with MBAM and on the tricky ones I have to rope in an additional 2 scans with Trend's HouseCall (which truly redefines the word slow, but in my experience has been the most aggressive scanner of the lot), not to mention fast scans with more specific Rootkit detectors etc. (Off topic: And just to keep life interesting, every now and again I see a virus that no scanner can find. Last time a client saw this they had GFI A/V, and GFI remoted in, found the virus (which was in an obvious location in the end) and added it to their protection tools. I think I submitted it to MBAM at the time.)
  3. MBAM is my first go to tool for A/V repairs (I'm a network admin / IT support contractor so this is usually weekly) and it's easily over 90% effective, however with my clients volumes getting larger and larger (particularly with photos, music and videos), even on fast computers it's taking 2+ hrs per scan (and you need to run at least two). Ideas: - Make MBAM more thready if possible. Looking at resource monitor it's only using 1 CPU (out of 8) however currently it is hitting a storage bottleneck. - When multiple volumes are selected, scan them simultaneously as long as they're not on the same infrastructure. For example when 2 partitions, 2 internal HDDs, and 1 external HDD are selected, scan everything simultaneously except the partitions, which will need to be scanned sequentially for optimum speed. - Is it possible to white list or use File Signatures to speed up the scan? Scanning WinSxS is often almost 50% of the scanning time. All these files should be digitally signed (as well as others in \Windows\). Is it not faster/possible to verify the signature and checksum and get through these official files faster? - Optimise for SSDs: Perhaps there are scanning methods that work faster with SSDs as random access speeds will be similar to sequential access speeds. Maybe run a scan engine for the number of CPUs and divide the file system between engines, rather than 1 scan engine proceeding sequentially through the drive.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.