topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Saturday December 14, 2024, 9:56 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Raymond.cc compares antivirus memory usage  (Read 19146 times)

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,914
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Raymond.cc compares antivirus memory usage
« on: April 30, 2013, 09:30 AM »
The Raymond.cc blog has just put up a serious comparison of the memory usage of a ton of different antivirus programs.

It's not easy to evaluate such things given all of the different factors involved, but the results are informative.  Definitely worth a look to see where your antivirus program of choice comes in.  Is your favorite tool a memory hog?


cmpm

  • Charter Member
  • Joined in 2006
  • ***
  • default avatar
  • Posts: 2,026
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #1 on: April 30, 2013, 11:15 AM »
Eset is quite high, but I'm ok with it still.
The features are worth it to me.

Thanks.

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,914
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #2 on: April 30, 2013, 11:17 AM »
It would be nice to see Raymond do a follow up comparing cpu usage.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #3 on: April 30, 2013, 12:06 PM »
It would be nice to see Raymond do a follow up comparing cpu usage.

Me too ... I tend to worry about the validity of any test that Norton doesn't fail.

TaoPhoenix

  • Supporting Member
  • Joined in 2011
  • **
  • Posts: 4,642
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #4 on: April 30, 2013, 12:58 PM »
Yeah, I want to see this too. I was never all that worried about the memory usage, but MS Sec Essentials chews through a lot of cpu for me especially when booting.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #5 on: April 30, 2013, 05:02 PM »
Yeah, I want to see this too. I was never all that worried about the memory usage, but MS Sec Essentials chews through a lot of cpu for me especially when booting.

Strange, I've never noticed it ... But then again I seldom reboot.

I think over all most of these test are inherently flawed in their attempt to pinpoint specific resource usage numbers at key (idle/scanning) points. When the true measure is really more a question of how deeply does the AV insinuate itself into everything? I frequently see processes that appear to be hogging resources, but in reality they're just fighting with the (chronically over zealous) AV to get loaded into memory.

Norton may indeed be able to claim good resource usage numbers ... But I've yet to see a machine that didn't run 10 times better after it was removed...because they just fiddle with stuff to much.

tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,964
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #6 on: April 30, 2013, 05:09 PM »
My biggest problems with AV's are when downloading - they tend to not only check the download but also the contents of the download folder which tends to be over-full - or simply when navigating within any file dialogue (save/open).
I guess those two overlap.

MSE used to really slow things down as per above, but it has improved and stabilised the last few months.
Tom

TaoPhoenix

  • Supporting Member
  • Joined in 2011
  • **
  • Posts: 4,642
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #7 on: April 30, 2013, 11:08 PM »
My biggest problems with AV's are when downloading - they tend to not only check the download but also the contents of the download folder which tends to be over-full - or simply when navigating within any file dialogue (save/open).
I guess those two overlap.

MSE used to really slow things down as per above, but it has improved and stabilised the last few months.

Heh my download folder is empty! That's because I save each and every download to the desktop, whereupon then I process it out and move it somewhere. I never liked a lot of the "standard" folders from Windows - Downloads, My Documents, My Pictures, My ____, and a lot of the weird temp folders.


4wd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 5,644
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #8 on: May 01, 2013, 12:30 AM »
My biggest problems with AV's are when downloading - they tend to not only check the download but also the contents of the download folder which tends to be over-full - or simply when navigating within any file dialogue (save/open).
I guess those two overlap.

MSE used to really slow things down as per above, but it has improved and stabilised the last few months.

It's too bad that it doesn't have the option to only scan files when they are opened - like most other AV programs.

Tinman57

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,702
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #9 on: May 01, 2013, 07:54 PM »
  I posted this same story but from a different source yesterday, and I'll be darned if I know where it went???

conceptualclarity

  • Participant
  • Joined in 2013
  • *
  • Posts: 14
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #10 on: May 09, 2013, 04:18 PM »
My biggest problems with AV's are when downloading - they tend to not only check the download but also the contents of the download folder which tends to be over-full - or simply when navigating within any file dialogue (save/open).
I guess those two overlap.

MSE used to really slow things down as per above, but it has improved and stabilised the last few months.

I have noticed that Microsoft Security Essentials goes crazy with CPU usage and brings my system nearly to a halt when I open up Downloads folder or deal with a program saved to Desktop. I've taken to momentarily killing it from Task Manager to punish that behavior. I haven't seen any improvement in recent months as you have.

The Raymond.cc blog has just put up a serious comparison of the memory usage of a ton of different antivirus programs.

It's not easy to evaluate such things given all of the different factors involved, but the results are informative.  Definitely worth a look to see where your antivirus program of choice comes in.  Is your favorite tool a memory hog?

Pleased to meet you, mouser, and thank you so very much for that post. I'm on a memory-starved computer, and I've been looking for a new antivirus. I had narrowed it down to Avira, Avast, and AVG as quality free choices. This cinches it for Avast.

Tinman57

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,702
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #11 on: May 09, 2013, 06:12 PM »
I'm on a memory-starved computer, and I've been looking for a new antivirus. I had narrowed it down to Avira, Avast, and AVG as quality free choices. This cinches it for Avast.
-conceptualclarity (May 09, 2013, 04:18 PM)

  Avast is awesome on my system, and I've tried a bunch of them everywhere from McAfee to Norton to Kaspersky and all in-between, and Avast has the lowest memory usage and doesn't tie up my CPU unless skanning a huge file, which is pretty much normal for all of them.

  To be fair though, I haven't used Norton or the others in years since I switched.  Had way too many problems with them all, the last being Kaspersky, that will force you to remove some useful software like Spyware S&D BEFORE it will allow you to install.  Insanity!  It was their way of squashing some of the competition.  I got tired of having to uninstall Kaspersky just to update Spybot and a couple of others.  And they all worked just fine with Kaspersky, so I don't know what their problem is....

Joe Hone

  • Supporting Member
  • Joined in 2012
  • **
  • default avatar
  • Posts: 86
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #12 on: May 09, 2013, 10:25 PM »
I was having CPU issues and among all of the other culprits, AVG was taking a toll. The article motivated me to survey the market and I have migrated back to Avast as well. Thanks Mouser - all 3 computers are running better.

I should post a separate topic, but AVG wouldn't uninstall on 2 of my 3 computers, not using AnVir Pro, Windows uninstall, etc. I even tried the steps on the AVG site for stubborn uninstalls.  I had to reboot, kill the processes using AnVir, and then use wipe expert to completely uninstall them. What a pain.

barney

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,294
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #13 on: May 13, 2013, 10:21 PM »
AV?  That stands for audiovisual  :huh:.  Anti-virus?  Nonexistent save for virii that have already been identified.  Some of the removal systems seem adequate - MalwarBytes comes to mind - but I've yet to find any anti-virus system that could be trusted.  I'll set up a firewall, but it is only as effective as my imagination.  To my mind, anti-virus software is totally useless - it's a safety blanket that doesn't work, that gives a false sense of security.

I read raymond.cc's review.  It was comprehensive.  I appreciate the amount of effort he put forth to create it.  But, in the long run, it's basically useless.  You never know how adequate your security system is until it fails and you know that it failed.

This is common throughout history.  Examples?  Hadrian's Wall, the Great Wall of China, the French Maginot Line, all were circumvented at some point.  Not defeated, circumvented.  And any anti-virus solution will, in like fashion, be circumvented, not by a head-on attack, but by an end run, a circumvention not anticipated by the protection authors.

It is a given.  It's a challenge to some.  And they will not let that gauntlet lie on the forest floor.

x16wda

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 888
  • what am I doing in this handbasket?
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #14 on: May 14, 2013, 12:29 PM »
Sure, everything you might use will be circumvented in time, but that doesn't mean that the less effective attacks aren't going to happen in the meantime.
vi vi vi - editor of the beast

Tinman57

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,702
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #15 on: May 14, 2013, 09:04 PM »
AV?  That stands for audiovisual  :huh:.  Anti-virus?  Nonexistent save for virii that have already been identified.  Some of the removal systems seem adequate - MalwarBytes comes to mind - but I've yet to find any anti-virus system that could be trusted.  I'll set up a firewall, but it is only as effective as my imagination.  To my mind, anti-virus software is totally useless - it's a safety blanket that doesn't work, that gives a false sense of security.

I read raymond.cc's review.  It was comprehensive.  I appreciate the amount of effort he put forth to create it.  But, in the long run, it's basically useless.  You never know how adequate your security system is until it fails and you know that it failed.

This is common throughout history.  Examples?  Hadrian's Wall, the Great Wall of China, the French Maginot Line, all were circumvented at some point.  Not defeated, circumvented.  And any anti-virus solution will, in like fashion, be circumvented, not by a head-on attack, but by an end run, a circumvention not anticipated by the protection authors.

It is a given.  It's a challenge to some.  And they will not let that gauntlet lie on the forest floor.

  With that analogy, since when does a soldier go into battle without his armor and weapons?  My anti-virus software has saved my butt many times, I think I'll just keep on using it....

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #16 on: May 14, 2013, 10:41 PM »
I gotta go with barney on this. Hardening a system is more a matter of exposure mitigation ... Reduced user permissions, adherence to a patch policy, and removal of unused anything that could open a port. That is the armor. Weapons are user education so the guy on point isn't blind, deaf, and dumb (answers to Tommy/plays pinball ... Sorry..). These days securing a machine without AV is like going hunting without a waffle iron.

I keep MSE installed on my machine only to keep track of its resource usage and FP rate ... its yet to catch anything before I did.

brahman

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 239
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #17 on: May 28, 2013, 05:19 PM »
This is an interesting thread.

I have also been very concerned about performance of AVs. That's why I have used Clam Sentinel for years, which is an open source way of running the free AV ClamWin resident.

ClamWin is usually used mainly on servers but with Clam Sentinel, it is usable on individual PCs.

Its idle memory usage is better than the winner. When scanning it is about middle of the pack. Easy to disable if you just move files around on your computers and want to do it as fast as possible.

An AV that gives you a lot of control.

As a second opinion for downloads I use Emsisoft Emergency Kit's terminal scanner (formerly called A2Squared) triggered by Firesoft after a download has finished. I use the following batch file for that:

@echo off
echo.
::After 3 sec default to n (No)
choice /T 3 /D n /M "Do you want A2 to do a RAM memory scan too?  Press"
:: pressed N
if errorlevel 2 goto NOMEM
::Check for wrong keypress and assume no
if not errorlevel 1 goto NOMEM
:: pressed y (Yes)
c:\Apps\tc7\Msc\A2SquaredPort\a2cmd.exe /m /h /a /n /f=%1
goto NEXT
:NOMEM
c:\Apps\tc7\Msc\A2SquaredPort\a2cmd.exe /h /a /n /f=%1
:NEXT
@echo off
if not errorlevel 1 goto END
::Foreground yellow, type in red for better signal visibility
color EC
echo VIRUS ALERT: %1
echo.
pause
:END
echo End of batch program
exit

Regards, Brahman

ajfudge

  • Participant
  • Joined in 2012
  • *
  • Posts: 14
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #18 on: May 29, 2013, 02:26 PM »
To my mind, anti-virus software is totally useless - it's a safety blanket that doesn't work, that gives a false sense of security.

I read raymond.cc's review.  It was comprehensive.  I appreciate the amount of effort he put forth to create it.  But, in the long run, it's basically useless.  You never know how adequate your security system is until it fails and you know that it failed.

Here's the problem: not every computer user is as smart as you.
The point of an AV software is to block what was already known, and to update its database to include what's recently been discovered.
Here's an analogy: You build a gate around your house. You don't like how it blocks your house but it's a necessity. It gives you the feeling that you're enclosed but it's there to protect you from trespassers. A day will come that a thief [your "circumventor"] will disgrace your home. But the gate at least provided a challenge, and it kept out any potential wrongdoers [the standard AV definition database].

Here's a similar thing: the issue with regards to Internet usage/privacy/trackers, well they're new. Some programs and services offer to block them, but there will always be something that will know what you do no matter what. It's not fail-safe, but it gives you a fighting chance (this also applies to walls and lines of ancient wars that you mentioned  :)).

Sidenote:
Others suggest to use a security sandbox (read: not Sandboxie). Sometimes they're very useful, but not ideal if you rarely, if not at all, go online.

Giampy

  • Participant
  • Joined in 2009
  • *
  • Posts: 444
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #19 on: May 29, 2013, 03:40 PM »
I believe it's interesting to report the experience of a certain guy who is very busy about security. After years of experience, now he no longer uses an antivirus, but his purpose is reducing the "attack surface". This is his configuration for real-time prevention in Windows XP:

Firewall of Windows XP
ExploitShield Browser Edition ver 0.9.1 beta
SandboxIE 4.01.08 beta
EMET 4.0 beta
DropMy Rights
Norton DNS

Opera, Google SSL, WOT, Adblock, Ghostery, Dr.Web Link Checker.
"A refrigerator without beer is like a body without soul"

barney

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,294
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #20 on: May 29, 2013, 09:23 PM »
I believe it's interesting to report the experience of a certain guy who is very busy about security. After years of experience, now he no longer uses an antivirus, but his purpose is reducing the "attack surface".

Sounds a lot like Steve Gibson.

The point of an AV software is to block what was already known, and to update its database to include what's recently been discovered.

And that's something that damned few of 'em do at all, much less do well.  All they do is provide a false sense of security, letting folk think they can go anywhere and do anything on the Web with complete impunity.

use a security sandbox

There are folk here that use virtualization, e.g. VirtualBox, for browsing.  Others use one or another of the extant sandbox programs.  And that does supply a degree of protection, although CPU/RAM usage may suffer.  But even that can be circumvented:  I want a particular program, video, song, so I move it out of the sandbox.  Then I open it and become contaminated.  I am quite possibly now a disease vector for anything else I touch, network-wise.

All any anti-malware software [of which I am aware] does is the same thing as that fenced domicile - provide a false sense of security.

In the long run, it's not a matter of being smart so much as it is a matter of knowing the capabilities - and shortcomings - of the tool you are using.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #21 on: May 30, 2013, 07:04 AM »
And that's something that damned few of 'em do at all, much less do well.  All they do is provide a false sense of security, letting folk think they can go anywhere and do anything on the Web with complete impunity.
...Alternate line of thought: they protect you against drive-by attacks on legitimate but compromised sites. The mass-infection-drive-by attacks usually don't use the very latest 0-day exploits, but a truckload of slightly older exploits. Bleeding-edge exploits are normally used in very targeted attacks.
- carpe noctem

barney

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,294
    • View Profile
    • Donate to Member
Re: Raymond.cc compares antivirus memory usage
« Reply #22 on: May 30, 2013, 10:24 AM »
...Alternate line of thought: they protect you against drive-by attacks on legitimate but compromised sites. The mass-infection-drive-by attacks usually don't use the very latest 0-day exploits, but a truckload of slightly older exploits. Bleeding-edge exploits are normally used in very targeted attacks.
[/quote]

Maybe.  The one (1) time that I got hit by such, I was using NOD32, supposedly best of breed at the time.  The malware sailed through NOD32 as pretty as you please, without so much as a hiccup.