Anti-malware Memory Usage; RAM, Virtual etc

Hello,

I would like to know if there is an accurate method of measuring the total memory usage of a security application/product not only by observing RAM usage as this alone does not reveal the full story.

I've used the Resource monitor in Windows which does give a more accurate depiction of the memory in use; standby, free etc. but there isnt a break down of which component (process, driver etc.) is using exactly what?

I am concerned with this since i have tried several anti-malware solutions while running Win 7 x86 as a guest OS on my Win 7 x64 machine (host). I've allocated 1215mb RAM to my VM and my computer (the host) has 3GB RAM in total. I installed a trial of each anti-malware software on my computer and the guest OS in the vm (i.e. Product A installed locally on host and also installed in VM guest, then tested). Upon launching the VM certain anti-malware products would cause my computer to freeze, both host and guest. During the boot of the VM i have the Resource monitor open on the host machine, and examine the amount of free RAM available and certain anti-malware solutions which report a low RAM usage in Task Manager were in fact the ones which used most RAM overall when i fired up my VM which, also had the same anti-malware program installed.

So what gives? Where is the rest of the memory being used?

Regards

 

Check the svchost.exe:s. You usually see an increase in RAM usage there.

 

Also watch out for malware tools not supporting virtual machines.

 

No, there is no accurate method.
Long time ago, I tried to make some points about the futility of those attempts (here), but I guess it was a futile attempt itself

Using a virtual machine is an interesting idea, but I'd say the interaction with the virtual machine, its own overhead etc... would affect the results a lot (compared to the "real" situation on a real machine).