Multiscanning

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Multiscanning is running multiple anti-malware or antivirus engines concurrently. Traditionally, only a single engine can actively scan a system at a given time. Using multiple engines simultaneously can result in conflicts that lead to system freezes and application failures.[1][2] However, a number of security applications and application suites have optimized multiple engines to work together.

Reason[edit]

Testing agencies published results showing that no single antivirus engine is 100% effective against every malware threat.[3][4] Because each engine uses different scanning methodologies and updates their malware definition files at various frequencies, using multiple engines increases the likelihood of catching malware before it can affect a system or network.[5]

Vendors[edit]

  • F-Secure – Combines an in-house engine with BitDefender's engine.[6]
  • G Data AntiVirus – Combines in-house and BitDefender's engines. avast has been removed with version 2014.[7]
  • HitmanPro – Combines an in-house behavioral engine with a cloud containing engines from Kaspersky Lab and BitDefender.[8]
  • Lavasoft Ad-Aware – Combines an in-house anti-spyware engine with Vipre's engine. Ad-Aware Total Security replaces Vipre with G Data's multiple engines.
  • Microsoft Forefront – Combines the engines of Authentium, Kaspersky, Norman and VirusBuster, with its own in-house engine.[9]
  • OPSWAT Metadefender – Combines a configurable number of anti-malware engines (1 to 30) to scan for malware on premise. Also available with 42 engines in the cloud.[10]
  • Qihoo 360 Internet Security use Bitdefender Engine, QVM 2 Engine,360 Cloud engine. But, Chinese version includes Avira engine additionally.
  • TrustPort Antivirus – Combines the engines of BitDefender and AVG.

Open Source Tools[edit]

  • MultiAV[11] – An open source project similar to OPSWAT Metascan that combines a configurable number of anti-malware engines (1 to 18).[12]
  • MultiScanner[13] – An open source file analysis framework that allows the user to evaluate a set of files with a set of tools. Comes with a set of modules for different malware analysis tools.[14]

See also[edit]

References[edit]