to complete an anti-virus or anti-malware scan depends
on a variety of factors
- The program itself and how its scanning engine is designed to scan: using a signature database vs heuristic scanning or a combination of both.
- Options to scan for spyware, adware, riskware and potentially unwanted programs (PUPS).
- Options to scan memory, boot sectors, registry and alternate data streams (ADS).
- Type of scan performed: Deep, Quick or Custom scanning.
- What action has to be performed when malware is detected.
- A computer's hard drive size.
- Disk used capacity (number of files to include temporary files) that have to be scanned.
- Types of files (.exe, .dll, .sys, .cab, archived, compressed, packed, email, etc) that are scanned.
- Whether external drives are included in the scan.
- Competition for and utilization of system resources by the scanner.
- Other running processes and programs in the background.
- Interference from malware.
- Interference from the user.
-- Note: Using two security scanning engines at the same time can cause each to interfere with the other, cause systems hangs, false detections, unreliable results and other unpredictable behavior.
If you are using a CD Emulator (Daemon Tools
, Alchohol 120%
, etc) be aware that they use rootkit-like techniques to hide from other applications and can interfere with investigative or anti-rootkit (ARK) tools. This interference can produce misleading or inaccurate scan results, false detection
of legitimate files, cause unexpected crashes, BSODs
, and general 'dross'. This often makes it hard to differentiate between malicious rootkits and the legitimate drivers used by CM Emulators. In some cases, the drivers related to such tools can cause crashes or system hanging when attempting to boot into safe mode. Since CD Emulators use a hidden driver which can be seen as a rootkit and interfere with providing accurate results or cause other problems, it is recommended that they be disabled
or removed until your scans have been completed.
Edited by quietman7, 03 January 2011 - 01:24 PM.