topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday December 12, 2024, 3:01 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: Is there an AV App that Doesn't Eventually Become Bloatware?  (Read 32370 times)

Defenestration

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 81
    • View Profile
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #25 on: July 06, 2006, 07:40 AM »
Kaspersky is nice as well, but has become a bit bloated, and the way it uses NTFS streams and rootkit-like method for hiding those streams is a bit icky :( (see sysinternals' rootkit revealer forums).
The new KAV/KIS version 6 does not use NTFS streams anymore (and so no rootkit method for hiding them). Has low memory usage and various options to optimize the scan (eg. only scan new and changed files), as well as an option to concede resources (ie. CPU)  to other apps during a scan which keeps the system running smoothly. It is truly modular, in that you only have to install the modules you actually want.

NOD32 uses more memory but is lighter on CPU.

Big problem with NOD32: it doesn't cache file status, so every time you boot your system, files have to be re-scanned, which makes first-launch of apps pretty slow (AMD64x2 4400+ here, and it *is* noticable >_<). Also, I haven't found a way to disable the background/instant file scanning that persists through reboots.
I'm sure there is an option to only scan new and changed files in NOD.


XMinus1 - It seems odd that you mention bloatware with regard to AV's, but yet use SpySweeper. From my experience, SpySweeper used massive amounts of memory (upwards of 40MB-50MB).

 

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #26 on: July 06, 2006, 07:56 AM »
Hmmm.... I'm running SpySweeper right now and it's only using 15MB in the system tray (i.e. it's monitoring but not sweeping). A full sweep bumps that to 18MB and 1-3% CPU (I've just confirmed this on a first generation Centrino notebook  with 1024MB RAM).

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,069
    • View Profile
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #27 on: July 06, 2006, 08:05 AM »
I have used SpySweeper and found it is pretty slow to start up the scanners but then seems to run quite well in use.

I have also used SpywareDoctor and that is even slower at starting and more demanding on resources.

Both are good programs but don't do what I did and try to use them at the same time - the system literally ground to a halt!

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #28 on: July 06, 2006, 11:03 AM »
Big problem with NOD32: it doesn't cache file status, so every time you boot your system, files have to be re-scanned, which makes first-launch of apps pretty slow (AMD64x2 4400+ here, and it *is* noticable >_<). Also, I haven't found a way to disable the background/instant file scanning that persists through reboots.
I'm sure there is an option to only scan new and changed files in NOD.
-Defenestration (July 06, 2006, 07:40 AM)
Not that I've seen... Sure, it doesn't re-scan files that aren't changed while you keep your computer running, but the "scanned files database" is in-memory and doesn't survive a reboot.

New KAV version sounds interesting, perhaps I should give it a go.
- carpe noctem

Defenestration

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 81
    • View Profile
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #29 on: July 06, 2006, 11:27 PM »
Hmmm.... I'm running SpySweeper right now and it's only using 15MB in the system tray (i.e. it's monitoring but not sweeping). A full sweep bumps that to 18MB and 1-3% CPU (I've just confirmed this on a first generation Centrino notebook  with 1024MB RAM).
When determining memory usage of a process, you should be looking at both the "Mem Usage" and the "VM Size" columns in Task Manager.

Defenestration

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 81
    • View Profile
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #30 on: July 06, 2006, 11:48 PM »
Not that I've seen... Sure, it doesn't re-scan files that aren't changed while you keep your computer running, but the "scanned files database" is in-memory and doesn't survive a reboot.

New KAV version sounds interesting, perhaps I should give it a go.
You may already know this (in which case please excuse me for stating the obvious :) ), but do you have the AMON  setting "Optimize scanning" enabled ?

This feature causes AMON to rescan a particular file after it's been changed, the virus signature database has been updated, if AMON's settings have been changed or an application has attempted to access the file in write mode.


You should definitely give the new KAV 6 a try.

Gothi[c]

  • DC Server Admin
  • Charter Honorary Member
  • Joined in 2006
  • ***
  • Posts: 873
    • View Profile
    • linkerror
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #31 on: July 06, 2006, 11:54 PM »
Like App said,... AVG-free has always worked fine for me. it has a very small memory footprint and it's not bloaty, and it hasn't been for a while (knock on wood).

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #32 on: July 07, 2006, 01:42 AM »
When determining memory usage of a process, you should be looking at both the "Mem Usage" and the "VM Size" columns in Task Manager.
-Defenestration
The most important thing to look at is "private bytes" (use Process Explorer), as this is the real and exclusive memory usage for the process.

You may already know this (in which case please excuse me for stating the obvious :) ), but do you have the AMON  setting "Optimize scanning" enabled ?

This feature causes AMON to rescan a particular file after it's been changed, the virus signature database has been updated, if AMON's settings have been changed or an application has attempted to access the file in write mode.
-Defenestration
Yes, of course :)

And it *does* optimize the scanning - until the system is rebooted. The database of scanned files is only kept in memory, not stored on disk.
- carpe noctem

Defenestration

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 81
    • View Profile
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #33 on: July 07, 2006, 10:11 AM »
When determining memory usage of a process, you should be looking at both the "Mem Usage" and the "VM Size" columns in Task Manager.
-Defenestration
The most important thing to look at is "private bytes" (use Process Explorer), as this is the real and exclusive memory usage for the process.
You need to look at both to get a true indication of memory usage. While "Private Bytes" tells you the amount of virtual address space allocated for the process, the amount actually committed to RAM (indicated by "Working Set"/"Mem Usage") is sometimes higher (and so this column gives you the true indication of memory used by a process).

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #34 on: July 07, 2006, 10:27 AM »
Well, "Private Bytes" is the amount of memory that cannot be discarded and re-read from the .exe (and .dlls) - memory that in low-memory situations must be flushed to the paging file. Working set just means how much memory is currently allocated to the process working set - this includes both private bytes as well as shared bytes.

The "Virtual Size" figure doesn't matter much, as long as "Private Bytes" is low.
- carpe noctem

Defenestration

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 81
    • View Profile
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #35 on: July 07, 2006, 11:20 AM »
And it *does* optimize the scanning - until the system is rebooted. The database of scanned files is only kept in memory, not stored on disk.
I started a thread about this over at the official NOD32 forum at Wilder's....

http://www.wildersse...wthread.php?p=790967


f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #36 on: July 07, 2006, 02:29 PM »
Cool!

I can see a reason for NOT storing on disk, by the way - a virus could intercept this *somehow* and mark all files as "oh, but they're good to go". When scanning takes as long as it does, though, it's invaluable. (I'm on an amd64x2 4400+ here, so it's not like I'm running old hardware. I'm very picky about launch speed, though.)
- carpe noctem

imtrobin

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 125
    • View Profile
    • Donate to Member
Re: Is there an AV App that Doesn't Eventually Become Bloatware?
« Reply #37 on: July 11, 2006, 02:11 AM »
I find www.bitdefender.com better. I use AVG 6  before, it didn't manage to detect a virus that is zipped within a zip.