Loading...

Knowledge Center

Understanding the On-Demand Scan system resource utilization
Technical Articles ID:   KB55145
Last Modified:  5/15/2018
Rated:

Environment

McAfee Endpoint Security (ENS) Threat Prevention 10.x
McAfee VirusScan Enterprise (VSE) 8.x

Summary

In the latest McAfee products, the On-Demand Scanner (ODS) uses Windows Priority Control. The ODS System Utilization setting does not set a static percentage of CPU utilization or threshold for the amount of CPU used to perform an On-Demand Scan. Instead, the operating system manages the amount of CPU resources that the ODS receives at any point in the scan process.

The System Utilization option in the Performance tab for the On-Demand Scan maps to Windows Priority Control. The logic used by Windows Priority Control keeps the CPU as busy as possible performing useful tasks. Windows Priority Control prioritizes CPU utilization to complete specific tasks in the shortest time possible, based on priority. Tasks must be prioritized to determine how available system resources are allocated.

A core component of Windows Priority Control is the System Scheduler. The System Scheduler uses a Multilevel Feedback Queue algorithm to check the Priority and the length of time required to complete a task. Windows Priority Control allocates system resources based on this algorithm. When an On-Demand Scan is set to run at Below Normal, it does not take CPU time from programs that run at Normal priority. If set to idle, it does not take CPU from any other task or process running at a higher priority.

Why does the On-Demand Scan use up to 100 percent CPU when the task is set to a System Utilization of Low?
When an On-Demand Scan occurs, Windows Priority Control will allocate CPU time to the On-Demand Scanner. How Windows Priority Control allocates CPU is based on the Scheduling Priority for the running task. The task priority of the On-Demand Scan can be set in the On-Demand Scan Task or Policy under Performance > System Utilization.

The following Microsoft article explains how Windows Priority Control works: https://msdn.microsoft.com/en-us/library/windows/desktop/ms685100(v=vs.85).aspx

NOTE: This does not apply to archive files if archive scanning is enabled.

To view the priority of a task:
  1. Press CTRL+ALT+DEL, then select Task Manager.
  2. In the Processes tab, right-click the process and highlight Set Priority.

Solution

Make the following adjustments to the ODS settings to improve performance, as required:
  • For best practices for On-Demand Scans, see KB74059.
  • Enable the scan cache. For assistance, see the VirusScan Enterprise 8.8 Product Guide (PD22941).
  • Configure a daily, targeted ODS for risky locations.
  • Configure a complete ODS to run once a week.
  • Configure exclusions in ODS tasks where required, such as on an Exchange server.
Part of the above advice has been extracted from another article, KB85299 - FAQs about McShield.exe and high CPU utilization when running On-Demand Scans.

Related Information

For more information about CPU utilization, see: http://msdn.microsoft.com/en-us/library/ms685100(VS.85).aspx.
For information on improving performance in ENS, see KB88205.
For the VirusScan Enterprise 8.8 Best Practices Guide, see PD22940.

Previous Document ID

9197288

Rate this document

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.