|
Posted by VanguardLH on January 12, 2008, 6:59 am
If you were Registered and logged in, you could reply and use other advanced thread options
>
> "VanguardLH" wrote ...
>>
>> "Charles Manoras" wrote ...
>>>
>>> My Norton subscription having run out I have taken advantage of an
>>> offer
>>> from Comcast (my ISP) to install McAfee for free.
>>> McAfee asked me to remove Norton and the free firewall from Zone
>>> Alarm.
>>> Which I did.
>>> Now everything has slowed to an absolute crawl.
>>> The CPU always run at 100%.
>>> Scans take forever and cannot be even be completed overnight.
>>> I have removed what I actually don't need with no effect.
>>> Is this normal?
>>> I run under Windows XP SP2.
>>> I experienced none of this with Norton which I thought was already
>>> gobbling up a lot of resources.
>>
>> Is there also a lot of disk activity during the 100% CPU usage? I
>> don't remember the security product but it conflicted with
>> VirusScan. The other product would update a log file that VirusScan
>> saw got updated so it checked but because VirusScan touched the
>> file then the other security program checked it again and the two
>> kept battling over checking this file with something around 2900
>> accesses on the same file every minute. Check what other security
>> software you have installed, and try disabling it to see if the
>> host settles down.
>
> Thanks.
> Yes there was a lot of disk activity I think.
> At this time I have disabled everything except the firewall.
> And things have quieted down considerably.
> But that's no way to run a "Security Center"! :-)
> The only other security software which I have is whatever
> XP provides plus Adaware and Spybot.
>
> Adaware and Spybot should not in principle interfere with McAfee.
I have Ad-Aware installed but I do NOT have it running all the time;
i.e., its on-access scanner is not running. I have several
anti-malware programs installed. Every process, especially that have
to interrogate the effects of other processes, will impact the
responsiveness of a host. So I install those other anti-malware
programs but I disable their on-access (real-time) scanning and only
use them as on-demand scanners. Personally, Spybot's TeaTimer is so
antiquated that you should find something better if you want real HIPS
protection - but I do still keep it in my suite of anti-malware apps
for on-demand scanning. HIPS that monitors memory ends up prompting
you as to what can load into memory (and some will monitor and prompt
as to what parent process can call what child process). HIPS in a
firewall regulates who can call what to make a connection. Spyware is
an area where all those products have poor coverage (when, for
example, compared to anti-virus products) so you really need layered
detection using multiple anti-malware products - but that doesn't mean
you need active layered protection. It depends on your expertise and
your habits when using the computer as to how susceptible it is.
I have yet to see any software that can guarantee it is compatible
with all other software. You could use SysInternal's FileMon and use
its filtering to narrow down what files are getting the most accesses
while the CPU is busy and to determine what process/es is/are doing
all those accesses. That would help to determine which product/s
is/are mucking up your host.
| 
XML site map