Hi,

Here's an issue of the Windows Secrets newsletter which deals with a charge that the Microsoft Security Essentials freeware is a resource pig, and compares it to 5 other freeware AV apps. It does not compare ability to find malware, just claims on system resources.

http://windowssecrets.com/newsletter/is-your-free-av-tool-a-resource-pig/

Scroll down a bit.

Cheers

I have found AVG to be the biggest resource hog I have ever seen for a free one and Norton is very heavy on a system for a paid for one.

I dont use a free one but if you want a great AV thats fast and low on resources I can recommend Eset's NOD32

Interesting. I've stopped using AVG free because latest versions are becoming sneakier in tricking the user into clicking the paid option, just don't like the way here doing it. I then tried ClamAV and it let viruses through and had issues updating itself. Now using the MS Essentials to check it out. Haven't noticed it hogging resources.

I have taken the advice from several Computer people I talk with online and removed ALL Anti-virus programs from my computer.
Runs tons faster and I haven't had any problems. Been 4 months now :thumbsup:

Jeez Ken, you are playing Russian Roulette. No way I would do that mate...:jawdrop:

I am with Peter you are going to get attacked it is just a matter of time:sadeyes:

Same I wouldnt either , every couple mths I get a legitimate warning
I have used NOD32 for 5 yrs now and no prob ever

I've used Linux for 15 years with no AV and no malware.

On the other hand, every Windows box with even with AV has eventually got some malware.

I'm fairly certain there is a moral there.

The very nature of what you asking AV software to do means it slows your system down.
Over recent years I have moved from AVG to Avast to MSE due to perceived performance and as mentioned the level and sneakiness of pestering.
I would love to go with none but then for piece of mind I would have to rebuild my system more often.

It's probably all a false sense of security anyway.

With 64bit systems and ram cheaper than chips, I just don't understand the term resource hog any more.
That's a term from the low powered, single core cpu days when ram was $200 a gig.
I bought 4gig of ram today for a 3.6gig quad core cpu, it cost $30 !!!!

If you open task manager, look at processes and click on memory to order it descending, you'll find windows is the resource hog, closely followed by your browser.
Who cares if it takes 10 seconds extra to start the PC, get a solid state disk if it's a problem :rolleyes:

One things for sure, if you don't run an antivirus and have your identity stolen as a result, you deserve it.

I haven't used an antivirus program for close on 9 months. That's not to say I don't have one though, it's just disabled. Every now & then I'll fire it up, download the latest definitions & run a check. No viruses usually but I only visit forums & no longer do the 'random browsing thing'.

It isn't that bad an idea, all you then do is

A) Have a decent firewall
B) Be careful with what you open/download
C) Run an anti virus boot disc once a week or once a month to clean up anything that might get through.

If you aren't downloading things you shouldn't, and are canny with not opening dodgy emails, a firewall plus a weekly scan will keep you out of trouble. Then you don't have your windows PC bogged down with annoying AV programs.

Bitdefender and Kapersky both have great boot CDs that will get latest definitions from the web.
Instructions are here: http://www.howtogeek.com/howto/36677/how-to-use-the-bitdefender-rescue-cd-to-clean-your-infected-pc/

Hey I can remember Kobe - when RAM was $100 a MB. Building a 486 system with 8MB of RAM was prohibitively expensive!

I use Avast nowadays - if it even things one of your licenses are expired - it doesn't straight away tell you - it goes real slow. Once the licenses are correctly confirmed - it has periods when it monopolises and pretty much freezes a quad core machine (minute or two at a time on start up) then everything is back to life.

Also pays to schedule updates for 4am or some time when you are sure you'll be asleep and the PC shouldn't be working hard!

You don't need an anti virus program on a computer that is not connected to a net or the internet and does not run or load any external programs as long as the computer is clean to start.

Why does everyone want to connect their computers to the internet if it is not necessary. At work we have a server (lan cabled) that controls about 10 terminals where the staff can access the necessary programs. The terminals do not have disk access and the server is not connected to any outside lines. It has been running for 18 years now on the same basic lan cabling although we have occasionally updated the server, operating system and terminals.

For internet we use a separate set of computers and if you steer clear of the social networks and automatic updates etc. you don't get many attacks.

Barry

Mate, I paid $400 for a 48KB upgrade back in the day, that is about...$8,533 per Megabyte, so 4GB would have set me back over $34,000!!

I agree with Barry, if you are not connected to the net then you can just run a boot disc scanner occasionally to make sure you didn't bring something in on a USB drive etc. If you are connected to the net, but don't do much, just make sure you have a good firewall and check weekly or so with a boot disc scanner. No need to have bloated anti-virus software clogging everything up, I'm amazed how much it slows down even fast windows machines. I do most of my work on OSX these days, so don't have the same issues, but have removed AV software from my windows machines and am just careful and run the boot disc regularly. Have had no infections in over 2 years.

I am running Win7 Ultimate 64bit.
i7 2600k CPU @4Ghz
16GB G.Skill Ripjaws PC2133 Ram
nVidia GTX560ti 1GB DDR5 Video Card
1 x Wildfire Patriot 120GB SSD ( C: DRIVE )
1 x Wildfire Patriot 240GB SSD for Gaming
1 x OZC-Vertex 2 120GB SSD for FSX
1 x 2TB WD Sata 3 for Data and Backup.

I built this system myself ... to the spec's I wanted .. far cheaper than buying from HN or DS or G Guy's etc.

Hardware Firewall at the Modem/Router
Software Firewall on the PC ( keep an eye on what wants access to the internet )
Avast Antivirus ( free edition )

Don't seem to be plagued by any resource hogs ... runs nicely ... but running FSX with HD Textures on the Aircraft can be ' taxing ' on 'Frame Rates ' .. although you can ' tweak ' this in the settings.

Antivirus is running all the time...except when installing programmes ... will turn it off to prevent any ' false positives ' which can cause corruption of installations.... then turn it back on again afterwards.

I also have Malware/Trojan Scanners which are only used when needed to ' run a check ' from time to time.

So far ... no infiltrations have been detected ... although my Firewall ' tells me ' several attempts have taking place to gain access to my Computer.

This Computer is always connected to the WWW ... unless I ' block ' all internet traffic in/out ... engaging the Internet Lock.
Nothing get's in...Nothing get's out.

Flash :hi:

If you browse on the internet and don't have security software installed, running, and up to date, you may not even know if you've picked up a virus or malware. Not all the nasty stuff pops up and says "Hi, I'm Mr Virus". Some can just lurk there, logging your keystrokes and discretely send them to their "owners".

And you don't have to actually be downloading a file and installing an executable. My wife recently picked up a "drive by" malware just by browsing a site that must've been compromised (giving them the benefit of the doubt). And her computer did have antivirus software on it, just slipped right on by.

So don't fall into a false sense of security and think "I don't download anything, so I'll disable my AV software and just run it if/when I decide to", because you can be in trouble just browsing.

Troy is absolutely right. From memory the average time an unprotected internet connected computer is safe before it gets targeted (port scans which then escalate into a pattern of attacks) is between 2 - 3 minutes (source - a major Australian Bank's IT research department - time taken to target a newly built server)!

If you never net connect nor insert any drives, program or DVD or USB material - well its inert and not exposed to new risks. But it carries all the bugs that weren't know when the software was originally delivered. An example of this is Apollo 11; when it flew to the moon there were 4 known non recoverable software bugs in the programs. Triggering one of these bugs would have killed the crew - so they were studiously avoided. A more thorough examination of the code a few decades afterwards revealed there was (memory fails me) somewhere between 90 to 200+ of these bugs; talk about thin ice!

So if you don't patch you carry all these faults.

BTW Colin - if you are I/O bound on your solid state drives - rather than RAID (stripe) them you might consider going to a REVO (PCI-express rather than SATA 2 or 3) attached SSD - these can give between double to triple the speed apparently of the SATA bus; so rather than 200 - 500 MB/sec you are looking at 700 - 1000 MB/sec ...

http://www.ocztechnology.com/ocz-revodrive-3-x2-pci-express-ssd.html

Hi all, what came to my mind here, is all those that browse the Net with their phones should also have security on them.

Russian Roulette with a bullet in every chamber.
4 Months, not bad but prepare for the worst. Keep- a good clean backup.

I have used and still use Microsoft Security Essentials, have done for years not a problem as yet. :thumbsup:
Ken maybe playing Russian Roulette i guess, but it all comes down to where you go i expect. :shrug:

Leon :thumbsup:

I basically come into here, about another 5 forums, and run my Video camera.

Matthew ... yes ... certainly the ' choice ' to go to the pci - express config' ... blazing read/write speeds.
I was looking at this at umart:

OCZ RevoDrive Hybrid merges 100GB SSD with 1TB HDD ... see pic.

A compromise I suppose ... but price wise per GB is good and it is still pci express ... but the Mechanical Hard Drive is only 5400rpm

Comes with software to ' intelligently ' store your most used programmes on the SSD.... hence , faster loading times.

My Mainboard has 2 x PCI Express 3 Slots .... so could get past the Sata ' bottleneck ' later on.

At the moment ... from ' pushing the on button ... to showing the ' desktop ' on my PC = 16 Seconds.

Flash :hi:

Anyone who takes no precautions can expect to be hacked within hours.

Here is a summary of the break-in attempts on my home network since Jan 2, as blocked by the border router. Service names where known, port numbers where not known.

4499 microsoft-ds 2 rsh-spx
1448 ms-sql-s 2 radan-http
1409 49756 2 h323hostcall
733 telnet 2 cslistener
287 8909 2 81
195 epmap 2 27238
160 ms-wbt-server 2 21168
144 mysql 1 zenginkyo-2
74 ident 1 websm
42 9415 1 socks
39 http-alt 1 redstorm-diag
25 netbios-ssn 1 pcanywheredata
21 rfb 1 netiq
16 radmin-port 1 imap
14 https 1 iax
11 pop3 1 dsc
10 ndl-aas 1 distinct
9 6666 1 cisco-sccp
5 ncube-lm 1 cadlock2
3 codasrv-se 1 9944
3 65500 1 880
3 5998 1 8090
2 ssc-agent 1 37037
That is not counting the permitted services that were dropped by iptables rules at the server.

You namedropper :rofl::rofl::rofl:

Not really there are webots that trawl the internet looking for openings you dont have to go anywhere dodgy they will find any open computer and infect it without a doubt.:rolleyes:

Not if you are behind even the simplest of hardware firewalls, like those available in nearly every modem/router these days.

Again, this is a job for a firewall, not an anti-virus resource hog.

I wish you luck if that is all you use but the people who want in will not be stopped by a hardware firewall they eat them for breakfast.:hi:

Depends on the firewall setup. If ports are blocked, they're blocked. If they're open for some application that needs to have some port open, the weak point becomes the security of that application/daemon running on that port. That's not the firewall's fault.

You're going to need a pretty high end firewall to spot say DNS poisioning, which can be a pretty basic virus tactic. Once that DNS is compromised a man in the middle attack would fool nearly any firewall, regardless of your Stateful Packet Inspection techniques and there goes all your banking credentials for example. How many folk run a DNS check (e.g. TrustDefender aka ThreatMetrix) before they connect to their bank online to ensure the connection certificates are valid and no one intercepted their link before secure tunnels were set up?

I think layered security makes sense, hardware firewall + software ones, virus scanners, DNS checkers and if your really sensitive reverse proxies, smarter than average firewall rules and even a real or virtual honey pot PC behind your nextwork layer (so attacks channel to a fool's paradise machine rather than your real rig. The guy that used to head security for me at St George Bank did his own home security that way (bit overboard but he was ex-defence intelligence and really into it... Used to say for home PCs (this is back in 2005) ZoneAlarms was clear winner (not sure what he recommends now, could ping him if you're really interested?)

For anyone interested, a man in the middle attack diverts a secure web link to a real looking fake web site that simply collects your authentication details (copies them) and then logs you onto the real site - copying everying you do or worse executing its own commands on your accounts and only pretending to do your ones!

Say www.anz.com.au (http://www.anz.com.au) has real IP address 1.2.3.4, a simple man-in-the-middle attack creates a fake website say www.anzbank.com.au (http://www.anzbank.com.au) with IP address say 231.231.231.231 that looks exactly like the bank's webpage, it can easily disguise the URL so it looks exactly like www.anz.com.au (http://www.anz.com.au). Next a virus or dirty webpage launches a payload (say you have java enabled, but there are many ways of doing it). In its simplest form this payload adds a single line to your hosts file c:\windows\drivers\system32\etc\hos ts (ARP Cache poisioning it) saying

231.231.231.231 www.anz.com.au (http://www.anz.com.au)

Now whenever you type www.anz.com.au (http://www.anz.com.au) into any browser instead of landing at www.anz.com.au (http://www.anz.com.au) at IP 1.2.3.4 you land at www.anzbank.com.au (http://www.anzbank.com.au) with IP 231.231.231.231, looking exactly like ANZ. You login - it takes your credentials before secure tunneling is in place and acts as a man in the middle. Your firewall doesn't know this diversion is fraudulent, your virus scanner doesn't likely see anything wrong.

Do you check the site certificate of your bank's URL is the correct one for the real ANZ bank when you land there? That's what DNS and site certificate checking software does to detect DNS posioning attacks.

I have had a few issues over the last few days and from this I have learnt AVG isn't exactly as highly regarded as it once was hence the reason I am off to delete it after posting this. I was recommended to use avast which I have on my laptop so I figure no problem and it doesn't pick anything up at all either.

So upon further advice I install Malwarebytes which does a scan and sure enough it picks up 1 threat which turns out to be a known threat, I deal with it and it appears gone. However still I'm probably going to run another piece of software to do further checks to make sure the PC is clean before changing anything I have to.

I guess the moral of the story is no matter how good an anti-virus may be it will still miss things, I'd never of known if I hadn't run mwarebytes.

So anyway in answer to the original question posed my vote goes to AVG.

This is correct ... as I have my Host File ' Locked '

Flash :hi:

I have had a system up and running for over 3 years with just a hardware firewall, it hasn't had a single malware/virus/worm infection in that time.

If you understand this stuff, it is easy to keep the script kiddies with their port scanners at bay.
If someone somewhere decided for some unknown reason to target hacking just your particular computer, then sure, someone could possibly get in, but it isn't going to happen. Infections that come from just leaving the Windows machine connected to the internet are pretty basic ones, and easily stopped.
The middle attacks mentioned still requires you to have your hosts file unlocked (not recommended) click on a dodgy link in an email, or open a dodgy file i.e. have *you* deliver the payload. Using OpenDNS protects you from this sort of attack too and is easy to set up and great if you take your laptop on the road for example.
People get either too worried about this stuff, or not enough.
If you don't open odd attachments, do not download pirate software or dodgy videos and are clever enough not to click on links from dodgy emails, then a decent firewall and a once a week/month boot scan will keep you well and truly clean. Quite possibly in better shape than those who have their machine bogged down with permanently running AV suites.

Be sensible, have a decent firewall, use openDNS instead of your ISP DNS, do your backups and scan once a week or so from a boot CD/USB stick and you will be fine.

If you do end up doing something silly, your weekly bootscan will pick it up (whereas a full-time AV program might be compromised, the bootscanner won't be) and you can remove it quickly.

You mean you have it on read only media? I can do that on Unix by mounting /etc (where both hosts and resolv.conf reside) read only, but how do you do it on winblowsupinyourface?

Anything else just means it takes a smarter trojan.

Getting back to the original problem of a resource hog.
Has or does anyone run backup software for their laptop for instance?

A short while back I purchased a WD external USB 1TB backup drive for my laptop backup, now this has its own software installed and when connected to your machine it will install a mating program that will catalogue your files and then backup to the ext drive automatically when ever you connect it, runs in the background.

If you want a resource hog get one of these because even when not connected every time you boot up it starts a catalogue check looking for new or changed files.

Boot up time triples or quadruples to the point of being ridiculous and even having screen drivers not load for some time leaving a black screen.
I needed to shut the process down to get the computer to boot in a respectable time frame.

Got rid of that fast.

Ken.

I do better than that with just a single vertex 2 (SATA2) SSD. My secret is I have a motherboard with practically none of the whizz bang features you never use, so there are no hardware drivers to wait for load and init. I'm still running an i7-2600.

We looked at Revo Hybrids yesterday but couldn't justify as we need > 1Tb and there are no reports of stripe working/performance on those hybrids on the net yet. The kinds of data we are loading could choke even a 100Gb SSD cache so we decided to stick with the tried and true stripe of 4 x 600Gb Velociraptor. Not quite as fast, but a known quantity with a 5 year warranty...

So far as home based AV goes, we've had just about everyone NOT in the enterprise using Microsoft Security Essentials for over a year now. No problems whatsoever and not a resource hog. The company is using Trend which I find inferior in threat detection to Symantec but it is not so much of a resource hog. Personally I'd rather a resource hog than a poorer performance in threat avoidance.

Anything that hangs in the memory doing not much - if nothing. For example all AVG live components. They can be switched off so that you have scanner/remover alone. Still will be taking some memory - as resident module is an "essential" part of system. All modern security suites are trying to play "big brother" for the computer soft.
What I have to have - a good firewall. It's a must for every Internet machine - as most of threats are net-based these days. Time of old program-infecting bits of code if not passed, coming soon. Plus, some pure scanner (sort of Spybot). Spybot is getting bigger, though - tries to become Norton or something?
Did not have virus infection in years - just used common sense not to open on my working machine anything that may be infected (checked occasionally by loading, scanning, then uninstalling some antiviral monster).
Also, found free program Ccleaner quite helpful. It may take a lot of resident memory hogs off startup list - speeds up all the system considerably. Plus takes rubbish out of the system and registry. Years of use did not find any "bad habits" in this free marvel. AVG sits residentially on my kid's computer, though...

It's been close to 18 months with my new PC build and no AV software in all that time. No big deal. Not one issue. Zilch.

And ive never even thought of the prospect of AV on the Mac. Just works.

Bit off topic - but oh what fun I am having with Avast at the moment. Somehow the engine version number changed from 6.XXX to 7.XXX - before a version 7 was created! However part of the Avast Suite thinks I'm on version 6 - using a slightly out of date engine but the updater thinks I'm on version 7 - at a release number higher than the real (and I hear buggy) version 7 that is out now.

Avast sure goes flakey on version and quality control some days!