Active scanning AV... Is it still a necessity?

[safehaven]

I guess I am curious if you all still feel running an active scanning AV program is a necessity. I have run Norton when I got it for free from my ISP. It was a resource hog. I ran AVG after I had a system built for me and the builders installed it. I actually got a nasty virus with AVG actively scanning, with a fully updated program and definitions. I quickly uninstalled AVG after that. I then installed McAfee because it was free from my ISP. That too was a resource hog.

I have been running for about 9 months now with no active AV software running. I do, however, run CCleaner, AdAware, SuperAnitspyware, Spybot, and HiJack this on a regular basis. I update all of them before each use. Is this enough protection? Or, do I really need some sort of active scanner?

Since disabling all AV software, I have be cleaner than ever. My inactive scanners haven't found anything except some adware here and there. No major threats. I always run anything I have downloaded through BOTH AdAware and Superantispyware before I use the files. Is the fact that my system is still clean after 9 months (apparently anyway), proof that what I am doing is sufficient, or proof that I am just lucky thus far?

 

[Joe Average]

Using all that software to keep "clean" is a bit ridiculous, kinda like using a sledgehammer to place a single nail in a wall to hang a picture. It's funny how you call the actual AV software resource hogs while not looking at the fact that you're using what, 6 applications to keep "clean." Doesn't quite make sense...

None of that software will tell you if you're "clean" or not, and if you've been running without any AV software or scans for 6 months, there's a better than average chance you are infected to some degree by something, it's just how things go.

And that's the point: the stuff you're using won't detect such infections...

Funny how that works, ain't it?

 

[safehaven]

I may be using 6 programs (only listed 5 though) but NONE of them run in the background, so NONE of them are resources hogs. McAfee and Norton, when I had the running used at lot of resources. Uninstalling both of them made noticeable gains in performance for me. Maybe they have gotten better in the last year or so, I don't know. I just simply did not like AVG.

I use CCleaner to clear out what Firefox will not clean on its own. I use Spybot for immunization only. I use HJThis periodically just to make sure that I don't see anything funky. The really only leaves 2 scanners. I use both of them to find what ever the other one misses. I know for a FACT, that it was SupereAntiSpyware that found the nasty little bug that AVG missed and also found a not-quite-as-nasty bug that McAfee missed.

But, like I said, I could just be lucky thus far, that is why I am asking. I am not opposed to AV software, it just seems like what I am doing not is adequate and my system isn't being bogged down. If I'm wrong, I'm wrong and willing to do something else.

 

[YeOldeStonecat]

A better antivirus product perhaps..
AntiVir is the best freebie..
Some people like Avast, although I and quite a few others think it slows your system a bit
Granted past Norton products were king of the resource hogs..their latest 2009 product is surprisingly light, and they've been decent with detection lately.

 

[safehaven]

So I am taking from this that a AV program is still needed. Does it have to be an active scanning AV? Or is there something that I can just fire off once a week and not have it running in the background all of the time?

 

[Joe Average]

Today's high powered machines and simplistic AV software - seriously, it is compared to what we had years past - and an OS that prioritizes I/O traffic to maximize how well the OS works in general... with all that, who cares about 1-2% occasional "spikes" because of an active background scan?

There is only so much that matters - focus on what's important (keeping your machine running safely) instead of the short term benefits of a few extra percentage points for the CPU...

 

[MrWizard6600]

Antivirus programs can find virus's, nothing but a clean install can remove them. They software is just too sticky.

 

[YeOldeStonecat]

So I am taking from this that a AV program is still needed. Does it have to be an active scanning AV? Or is there something that I can just fire off once a week and not have it running in the background all of the time?

With todays threats being mostly internet based...it's important to run with an antivirus program that does real time file protection. Years ago scanning your drive or scanning removable media such as floppies was the wsy to go. But with most PCs being full time on the internet and active on the internet, and in networks..it's become prudent to use real time file protection. Just about all antivirus programs have this feature. Some even reach out a bit futher and provide protection at the port level..such as browser protection, e-mail client protection, IM program, etc.

 

[Klob]

Funny how that works, ain't it?

What's funny is that you don't know that none of that software he uses runs resident so it is using no resources.

 

[Klob]

So I am taking from this that a AV program is still needed. Does it have to be an active scanning AV? Or is there something that I can just fire off once a week and not have it running in the background all of the time?

That's your choice. Active AV can block a virus before it infects your PC but it can fail to protect you also against a zero day virus. I don't use active scanning on my Vista PC but I do update it every day and when it opens to update it scans processes in memory so unless it was a time bombed virus I would soon know if I have a virus and would take the appropriate steps to remove it. But that has never happened to me so I don't worry about it too much. I do a full scan manually occasionally too.I do run active AV on Win7 and XP though. I don't on Vista because that is my main gaming PC and want it to have 100% resources for games only. It isn't a mission critical PC so don't anyone start chiding me because I don't run active AV on it. It's my PC for fun and not playing some anal program manager type pretending I am a system admin for IBM.

 

[Klob]

With todays threats being mostly internet based...it's important to run with an antivirus program that does real time file protection. Years ago scanning your drive or scanning removable media such as floppies was the wsy to go. But with most PCs being full time on the internet and active on the internet, and in networks..it's become prudent to use real time file protection. Just about all antivirus programs have this feature. Some even reach out a bit futher and provide protection at the port level..such as browser protection, e-mail client protection, IM program, etc.

Only people that need email protection are noobs that don't know how to set it up to be virus proof in the first place. Active scanning of web browsers slows down web browsing too so I usually disable that module also.

 

[Nenu]

I've used Avast for years, its been great for catching nasties and hasnt slowed my PC at all that I can notice.
My PCs benchmarks are right on track with equivalent systems.

Op something else to consider.
I'm using Sandboxie to keep my browser (Firefox) in a sandbox.
A sandbox prevents anything hacking the browser and writing to system files or anywhere else on the system except the sandbox.
It has saved me a lot of trouble a few times now.
If my browser gets hacked or mutilated, then simply deleting the contents of the sandbox puts me back to a vanilla installation.
Note: its a good idea to start off with the browser freshly installed with all your addons, then when you delete the sandbox, you will be returned to that state again.

 

[Vermillion]

That's your choice. Active AV can block a virus before it infects your PC but it can fail to protect you also against a zero day virus. I don't use active scanning on my Vista PC but I do update it every day and when it opens to update it scans processes in memory so unless it was a time bombed virus I would soon know if I have a virus and would take the appropriate steps to remove it. But that has never happened to me so I don't worry about it too much. I do a full scan manually occasionally too.I do run active AV on Win7 and XP though. I don't on Vista because that is my main gaming PC and want it to have 100% resources for games only. It isn't a mission critical PC so don't anyone start chiding me because I don't run active AV on it. It's my PC for fun and not playing some anal program manager type pretending I am a system admin for IBM.

Well if you don't want to be chided then quit spreading FUD about AV software slowing down system performance. Especially when your "proof" to back up your claims has more holes then swiss cheese.

95% of the population is noob otherwise the Downadup worm wouldn't have already infected nearly 9 million PC's across the world. Which is why AV programs offer active scanning for so many things. Security should always be maxed by default. Let people disable that stuff on their own.

As for the OP. Get Antivir. It's small and lightweight. I used Avast in the past as well and I liked it. I found it to be rather lightweight as well. Antivir is considered the best AV on the market (av-comparitives.org) and it has a free version. You can disable the ad that pops up once a day as well. Just Google it or search the [H] for the links to do that.

Running AV resident doesn't noticeably effect system performance at all. Full system scans != running resident. AV software isn't the bloat it was a few years ago especially when we were limited by single core processors and when RAM was at a premium.

 

[Joe Average]

What's funny is that you don't know that none of that software he uses runs resident so it is using no resources.

Actually I'm quite well aware of all of those apps and precisely how they work, as they are typically the items I tell clients not to use, save for CCleaner. The other ones are effectively useless garbage in my testing, which is more extensive than anyone could ever care to take it. But I digress...

And that's the point: the stuff you're using won't detect such infections...

My statement is still 100% true, and incontrovertible as the OP stated he's not running AV software - none of the apps listed are AV applications. He specifically states he's not running AV software so... considering that the apps he listed are not antivirus applications, the logical conclusion is he has absolutely no way of being 100% certain at this exact moment in time if he's infected or not.

*ahem*

 

[YeOldeStonecat]

Active scanning of web browsers slows down web browsing too so I usually disable that module also.

Depends which antivirus product you use....there are many that are light (Such as Eset). If you like to run naked..that's your choice.

If you get nipped by any of those abundant Vundu/ZLob trojans (such as XPAntivirus2009) a few times....well, your choice.

 

[DeaconFrost]

How did I know Klob would show up in here to crew up a perfectly good thread?

So I am taking from this that a AV program is still needed. Does it have to be an active scanning AV?

Active AV scanning is needed now more than ever. How would you like to be browsing on a legitimate website, looking for a new hardware purchase, and be infected with a virus simply because it was injected onto your PC from a graphic that loaded on this legit website? With an active scanner, that most likely would have been caught. Running without an active scanner, you would be infected. And yes, that was a real example I gave.

 

[Klob]

Actually I'm quite well aware of all of those apps and precisely how they work, as they are typically the items I tell clients not to use, save for CCleaner. The other ones are effectively useless garbage in my testing, which is more extensive than anyone could ever care to take it. But I digress...



My statement is still 100% true, and incontrovertible as the OP stated he's not running AV software - none of the apps listed are AV applications. He specifically states he's not running AV software so... considering that the apps he listed are not antivirus applications, the logical conclusion is he has absolutely no way of being 100% certain at this exact moment in time if he's infected or not.

*ahem*

Super Antispyware and Spybot are useless? No more than your advice.

And anyone who claims web protection in AV software doesn't slow down browsing needs to buy new fucking glasses. I don't even have to measure the performance difference to be able to tell it is being slowed down by the AV software.

 

[Nenu]

Looks pretty quick to me.
A1 eyesight too

 

[YeOldeStonecat]

And anyone who claims web protection in AV software doesn't slow down browsing needs to buy new fucking glasses. I don't even have to measure the performance difference to be able to tell it is being slowed down by the AV software.

You on a socket 7 P133 with 32 megs or something?

Yes there are some antivirus/internet security suites out there which are heavier than others..and can slow down your browsing.

But many of us work in IT as a profession..for a living..some of us, on our job, work on computers of all operating system and of all hardware specs and with almost every antivirus brand out there under the sun..and when a few of say "There are some light AV products that really don't noticeably slow you down"...guess what...it's true.

I know my computer inside and out, and if it's off just the slightest sliver of a hair..I know it, and I'll roll up my sleeves and get under the hood til I find the problem. With many of the lighter AV products out there..there isn't a sliver of a difference in my browsing performance with our without the real time monitoring and internet monitoring..or even with the AV fully uninstalled and rebooted.

...'course I'm not running a P133 with 32 megs..but it's not a bleeding edge quad core either, just a first generation C2D with 4 gigs.

 

[eggrock]

My statement is still 100% true, and incontrovertible as the OP stated he's not running AV software - none of the apps listed are AV applications. He specifically states he's not running AV software so... considering that the apps he listed are not antivirus applications, the logical conclusion is he has absolutely no way of being 100% certain at this exact moment in time if he's infected or not.

*ahem*

But.. but..

QFTMFT

How can anyone argue with this?

 

[Joe Average]

Super Antispyware and Spybot are useless? No more than your advice.

And anyone who claims web protection in AV software doesn't slow down browsing needs to buy new fucking glasses. I don't even have to measure the performance difference to be able to tell it is being slowed down by the AV software.

I don't run any anti-malware bullshit on this box aside from Windows Defender (this is Windows 7 Beta 1 here, as on all my machines). I run Firefox 3.0.5 (Portable) with NoScript, updated. I currently have Eset NOD32 v4 beta up and running, updated. I got nothing else going on...

I can run Spybot, SuperAntiSpyware, Ad-aware, HiJackThis, etc etc ad nauseum - I can run any god damned useless piece of fucking trash software (ok, I'm ranting now, deal with it) you'd choose for me to 'test' on this box, after days or weeks of my normal browsing habits, to popular and not so popular websites, of all shapes sizes and content, and when I'm done running all that god damned useless pieces of fucking trash software, none of them will tell me Jack Fucking Shit© in terms of anything useful.

I've done so much testing of the crappy shitty useless "anti-malware" software that currently exists on the market that people keep putting their faith in that I'm almost at the point where I wanna just smack the piss from someone when I see them standing in line in front of me at Fry's and they've got all of 'em in their cart about to shell out money for absolutely worthless software that will do far more harm than good when they install it on their computers.

But then again, when their ignorance and outright stupidity causes them to completely hose their PCs by installing that shitty software - not by actually getting infected or surfing, surprisingly - I get paid mad cash to fix it.

So I guess I shouldn't complain, in some respects, but I'm tired of dealing with stupid fucking people. I really am.

Do whatever you choose, those of us that make a comfortable living fixing other people's problems because of ignorance know better.

Slow performance, crashes, infections, spyware, malware, etc... it's all being caused by the very software that's supposed to "protect" people. Don't they teach you anything in the real world anymore? Those problems are not caused by the OS, not caused by the browser either. They're caused by the shitty crap people keep installing on their PC because "It was only $5..." at the register and they have no self-control for stopping the impulse buys.

Or they read one too many issues of PC World and it's advertiser-infested and paid reviews.

Moving on...

</rant_off>

 

[DeaconFrost]

But many of us work in IT as a profession..for a living..some of us, on our job, work on computers of all operating system and of all hardware specs and with almost every antivirus brand out there under the sun..and when a few of say "There are some light AV products that really don't noticeably slow you down"...guess what...it's true.

Don't go there. He's a gamer, so all of us who are sys admins are just self-righteous elitists who don't know what we are talking about. Don't you know that gamer's know more about their systems than IT Pro's and Sys Admins?

 

[Joe Average]

Calling that person a "gamer" is an insult to gamers, I'd think.

Wait... wait, that post... that's sarcasm, right? 'Cause I know sarcasm... hehe

 

[YeOldeStonecat]

Don't go there. He's a gamer, so all of us who are sys admins are just self-righteous elitists who don't know what we are talking about. Don't you know that gamer's know more about their systems than IT Pro's and Sys Admins?

I'm a gamer too...besides the sys admin for many SMBs.

Several hours before work in the morning, and several hours at night...I'm playing Battlefield '42/DC/Vietnam/2. Seriously, literally..I play that much. Those are rather "heavy" games that need more RAM and more bandwidth than most other online games.

In the past, I always used to disable antivirus real time protection when playing. Back then I usually used Symantec Corp Edition (pre version 10 days when it wasn't a bloated pig), or AVG, a few others now 'n then..but mostly SAV. Up until I started using NOD32...and became a reseller. It's the first AV I don't disable real time scanning..it's that light.

I usually play on 1 server in German..so from the US, I want my ping dang low and system as snappy as possible.

 

[Vermillion]

Don't go there. He's a gamer, so all of us who are sys admins are just self-righteous elitists who don't know what we are talking about. Don't you know that gamer's know more about their systems than IT Pro's and Sys Admins?

Dammit Deacon, you beat me to it...well at least I have that quote from him in my sig.

On a note more in line with the OT I find Spybot and Spywareblaster actually very useful. I don't let the added tools like Teatimer from Spybot or other junk install because those are indeed what clutters a system and cause more problems then they prevent. I do a streamlined minimal install and just use them to immunize systems and manually update. This has no impact on a systems performance.

I've found that immunizing family and friends computers saves me some hassle in the long run because I can't get all of them to move to Firefox with addons we don't talk about here.

 

[number69]

You on a socket 7 P133 with 32 megs or something?

lol.

Where there's a AV thread, there's Klob.

 

[Cmustang87]

The main point Joe Average is trying to make is the astounding amount of Windows Rot you are putting machine through by installing/uninstalling the various types of anti-spyware software infinitely.

Bad, very BAD.

 

[Klob]

I can run Spybot, SuperAntiSpyware, Ad-aware, HiJackThis, etc etc ad nauseum - I can run any god damned useless piece of fucking trash software (ok, I'm ranting now, deal with it) you'd choose for me to 'test' on this box, after days or weeks of my normal browsing habits, to popular and not so popular websites, of all shapes sizes and content, and when I'm done running all that god damned useless pieces of fucking trash software, none of them will tell me Jack Fucking Shit© in terms of anything useful.

Nor has Defender so I guess that is a fucking useless POS software too? It has never once alerted me to any issue on my PC, not once. Know why? Because there never has been any issue to alert me to. But to trust your security to just Defender is pure stupidity. One needs to use a multi-layered approach because not any one piece of software is going to catch everything, including your beloved AV software. To think you are safe just because you are running active AV is a false sense of security.

Spybot has an immunization database in the thousands so it is very useful for pre-emptive blocking of known bad websites, same with Spywareblaster, that's all Spywareblaster does and nothing else. Spybot has found many malware threats on peoples PCs so just because it didn't find any with your little test doesn't mean it is useless. Same with Super-antispyware. I don't use SAS anymore because I prefer Malwarebytes but I expect you would say that is useless too anyway. HijackThis is to help people clean an infected PC and is not there to help stop malware from getting in so how is that useless? It has helped many people fix their infected PC. All of that software is free to use so what would their motive be to give away useless shit software?

I suggest you come to the anti-spyware Usenet group so we can beat some sense into your stubborn head. Seems to me you hate people anyway so that would be a great place for you to hang out and get all this hate off your chest.

 

[Klob]

But many of us work in IT as a profession..for a living..some of us, on our job, work on computers of all operating system and of all hardware specs and with almost every antivirus brand out there under the sun..and when a few of say "There are some light AV products that really don't noticeably slow you down"...guess what...it's true.

I hate internet suites. I am running Kaspersky Internet security suite on Win7 right now because they have a free 90 day trial for Win7 users. Kaspersky firewall is one annoying POS and I have already disabled it. No noob is going to know what all the prompts are to allow this and that so it is more dangerous to their security than it is good.

I don't know of any *free* AV software that doesn't slow down web browsing if you enable the web protection. AVG web protection was really bad the last time I used it. Avast is better but not by much. What's a good *free* AV software that doesn't have a performance hit?

 

[Klob]

In the past, I always used to disable antivirus real time protection when playing. Back then I usually used Symantec Corp Edition (pre version 10 days when it wasn't a bloated pig), or AVG, a few others now 'n then..but mostly SAV. Up until I started using NOD32...and became a reseller. It's the first AV I don't disable real time scanning..it's that light.

I usually play on 1 server in German..so from the US, I want my ping dang low and system as snappy as possible.

If NOD32 was free I would probably use it like you but like hell I am paying a yearly subscription price for AV software. Even Microsoft doesn't charge a yearly subscription price and their software does a hell of a lot more than just scan for virus.

 

[DeaconFrost]

So then you can run Avira AntiVir, with no loss of performance on your system and no yearly subscription fees. Problem solved.

 

[Klob]

Dammit Deacon, you beat me to it...well at least I have that quote from him in my sig.

Great to see I am so popular and I am fairly new here too. But the joke is on you because I only said that because I knew it would wind you all up, and it has. Not only are gaming PCs my forte' I am also a master of the wind up.

 

[Klob]

So then you can run Avira AntiVir, with no loss of performance on your system and no yearly subscription fees. Problem solved.

I've ran it and the free version has no gamer module and has no way to disable it either.

 

[DeaconFrost]

So then don't disable it. We'll say it until the end of time, or when you finally drop the bullshit and see, that you aren't losing anything in terms of performance. We're not going to travel down this road again, because you've been given several links, even by people in this thread.

Besides, if you were truly as knowledgeable as you claim, you'd know how to disable it, or you would have been smart enough to realize that it doesn't interfere with your gaming.

 

[Klob]

I know how to force it to be disabled but I am not going to do that every time I run a game. It needs a right click on the system tray icon to simply disable it but you have to pay for it to get that. Oh yea, another bad thing about Avira is that it was very slow getting updates. I hope that behavior is only in the free version because I would be seriously pissed if their updates where still that slow after I had paid for it. One last point I would like to make. When I play single player games on my PC I disconnect from the internet so there is no chance of getting a virus anyway. WTF would I want active AV software running when it is useless to me while gaming and only has the potential to interfere with my gaming experience? I also use a limited user account even on Vista so the chance of getting infected is slim. I have always used a limited user account because that is a good rule that Linux taught me. Running in main account and active AV is for noobs.

 

[DeaconFrost]

So you are this anal about your gaming performance, and you aren't even playing online? And you call yourself a hardcore gamer? Really? If you really think AV software is hurting your single player gaming performance, you REALLY have no idea what you are talking about....but then again, that's been well established.

Here's my suggestion. You use your computer is strange ways, and buy into strange beliefs. That is certainly your right to do so, as it is your computer. My suggestion is to permanently disable your internet connection so you stop spreading ridiculous BS on these boards, and then you can enjoy your precious games, and everyone wins. Yes, I'm being 100% serious.

active AV is for noobs.

Playing games and pretending that makes you a knowledge users is for noobs. Arguing things outside your realm of understanding is for noobs. Thinking you actually need to turn off active AV scanning and disable your internet access to increase gaming performance is for noobs.

 

[Klob]

You need to be taught some manners sonny. I never said I don't play MP online games. I said I disable the internet connection when playing SP games. Leaving your PC connected 24/7 to the internet is also a noob practice and a very stupid thing to do. Yea, lets leave it connected 24/7 and see how long it takes for a hacker to break in. Doh!

 

[DeaconFrost]

Your posts get more ridiculous as the thread goes on. If I didn't know better, I'd think you were purposely pulling this stuff out of your ass to be funny. Clueless doesn't even begin to describe them.

 

[Mister Natural]

I've mentioned this before, but folks who want to try a free version of NOD for a while you can download and install the beta 4 version. It's fully functional and self updates. Leave the default username/password and it will update itself. While I haven't look at the beta 4 forums in a while I don't think there are any major problems with it. I tried it a month or so ago and worked fine.

http://www.eset.eu/download/beta

As far as questioning whether you need real time protection, well if the computer is connected to the internet there's no question you do need it and anyone who disputes it has no understanding at all of the current capabilities of malware now.

 

[YeOldeStonecat]

I don't know of any *free* AV software that doesn't slow down web browsing if you enable the web protection. AVG web protection was really bad the last time I used it. Avast is better but not by much. What's a good *free* AV software that doesn't have a performance hit?

The one that's mentioned severals times a week in the almost daily threads asking "What's a good free antivirus"

"AntiVir"