When does your antiviral start working?

By on May 12, 2013 7:31:02 AM from JoeUser Forums JoeUser Forums

DrJBHL

Join Date 04/2002
+2162

 

You probably don’t need it most days (but, you’ll never know which days). In fact, you might or might not encounter a “drive by” for days or weeks. But, AV-Comparatives (AVC) did an interesting test on AVs (Antivirals). They tested when the AV actually loads. That’s not to say they’re actually protecting you during boot, but AVC didn’t actually test that.

Another caveat: They tested on new machines. That’s not exactly real world testing.

“To test a product's effect on day-to-day computer use, the researchers timed a number of common activities with no antivirus at all, averaging several runs, and then re-tested in the same way with the antivirus running. The tests included: copying files between drives; zipping and unzipping files; installing and uninstalling applications; transcoding music files; launching applications; and downloading files.”

- http://securitywatch.pcmag.com/security-software/311241-speed-up-pc-performance-by-replacing-microsoft-s-built-in-antivirus

They found a big difference in system impact between some AV’s. One didn’t load until eleven minutes after boot initiation.

A philosophical difference: Some AVs would allow the virus to load and then whack it. I can’t agree with that approach. The malware should be whacked ASAP to prevent your having to repair services, etc.

So how much does each AV affect boot time? The sooner it boots, its effect will be felt. That might decrease on subsequent scans, both a good thing and under some circumstances a bad one since files flagged as safe might become infected. Other factors affecting boot time are age of computer, amount of filling of the hard disk, speed of processor, degree of fragmentation and amount of RAM will affect the boot speed as well. So, the AV probably doesn’t determine a heck of a lot when it comes to boot speed. It does affect a great deal with respect to boot safety. So, maintaining a lean, well tended to machine determines a great deal.

Here’s a screen shot of their results:

 

On this graph, the closer to the left the better.From BitDefender to the left, the AV’s earned the Advanced+ score.

AVC found that about one-third of the products tested affected boot time less than MSE (Microsoft Security Essentials). In fact, You might just boot faster with one of the Advanced+ AVs and without MSE which hasn’t been doing well at all in AVC’s testing.

Source:

http://securitywatch.pcmag.com/security-software/311241-speed-up-pc-performance-by-replacing-microsoft-s-built-in-antivirus

20 Replies
Search this post
Subscription Options


Reason for Karma (Optional)
Successfully updated karma reason!
May 12, 2013 7:42:17 AM from WinCustomize Forums WinCustomize Forums

Ah....second best ain't bad...

Reason for Karma (Optional)
Successfully updated karma reason!
May 12, 2013 7:56:52 AM from WinCustomize Forums WinCustomize Forums

Actually quite excellent...boot time scanning and protection matter a great deal.

Reason for Karma (Optional)
Successfully updated karma reason!
May 12, 2013 8:12:42 AM from WinCustomize Forums WinCustomize Forums

Thread is confusing. It says malware but then refers to antivirus...

Reason for Karma (Optional)
Successfully updated karma reason!
Sign Up or Login and this ad disappears!
There are many great features available to you once you register. Sign Up for a free account and browse the forums without ads.
May 12, 2013 8:20:20 AM from WinCustomize Forums WinCustomize Forums

Mine (being my own common sense) starts at the moment I wake up in the morning on most days. There are a few days when there may be a bit of a lag however.

Reason for Karma (Optional)
Successfully updated karma reason!
May 12, 2013 8:23:55 AM from WinCustomize Forums WinCustomize Forums

Quoting Fuzzy Logic,

Thread is confusing. It says malware but then refers to antivirus...

Sorry, Fuzzeh. Meant to type antiviral. Fixed.

Reason for Karma (Optional)
Successfully updated karma reason!
May 12, 2013 8:26:40 AM from WinCustomize Forums WinCustomize Forums

Says the first have a .4, so I'd say a 3 way tie for first place.

Reason for Karma (Optional)
Successfully updated karma reason!
May 12, 2013 6:06:55 PM from Elemental Forums Elemental Forums

That list is questionable considering where Symantec/Norton ranks.  Actually, the rest of the list pretty much coincides with my experiences of each.  I've tested all of them at some point over the past 2 years.

Reason for Karma (Optional)
Successfully updated karma reason!
May 12, 2013 6:18:51 PM from GalCiv II Forums GalCiv II Forums

Does the graph measure seconds? Minutes?

It would be nice to know actual numbers as to how long things actually took.

Reason for Karma (Optional)
Successfully updated karma reason!
May 12, 2013 7:37:12 PM from WinCustomize Forums WinCustomize Forums

Quoting DivineWrath,

Does the graph measure seconds? Minutes?

It would be nice to know actual numbers as to how long things actually took.

Link to the actual report:

http://www.av-comparatives.org/wp-content/uploads/2013/05/avc_per_201304_en.pdf

Nowhere are units mentioned, but it would seem (if only from logic) that the time unit is seconds.

 

Reason for Karma (Optional)
Successfully updated karma reason!
May 12, 2013 10:15:07 PM from WinCustomize Forums WinCustomize Forums

With systems having 4GB RAM or more these days does it really matter?

Reason for Karma (Optional)
Successfully updated karma reason!
May 12, 2013 10:48:37 PM from WinCustomize Forums WinCustomize Forums

Quoting DrJBHL,



Quoting DivineWrath,
reply 8

Does the graph measure seconds? Minutes?

It would be nice to know actual numbers as to how long things actually took.


Link to the actual report:

http://www.av-comparatives.org/wp-content/uploads/2013/05/avc_per_201304_en.pdf

Nowhere are units mentioned, but it would seem (if only from logic) that the time unit is seconds.

 
See the summarized results in the full report for an explanation of the scoring.

http://www.av-comparatives.org/wp-content/uploads/2013/05/avc_per_201304_en.pdf

Reason for Karma (Optional)
Successfully updated karma reason!
May 13, 2013 12:39:24 AM from WinCustomize Forums WinCustomize Forums

Quoting kona0197,

With systems having 4GB RAM or more these days does it really matter?

Yes.

As usual, you didn't bother to read the OP, or didn't understand it.

Don't troll this thread.

Believe me: I will eliminate any such answers, and those I deem an effort to hijack it.

 

 

Reason for Karma (Optional)
Successfully updated karma reason!
May 13, 2013 2:36:33 AM from WinCustomize Forums WinCustomize Forums

Trolling was never my intent. Simple misunderstanding.

Reason for Karma (Optional)
Successfully updated karma reason!
May 13, 2013 2:47:00 AM from WinCustomize Forums WinCustomize Forums

Kona...the issue is how quickly the AV activates and actually protects your machine on boot.  If one has a delay of 11 minutes before it is active then it's about next to useless....cos a heck of a lot can happen in 11 minutes....

Reason for Karma (Optional)
Successfully updated karma reason!
May 13, 2013 4:17:11 AM from WinCustomize Forums WinCustomize Forums

yuuuuuuuup, just another my dick is bigger than your dick Anti Virus comparison test. If the AV you are using right now works for you, then it is the right product for you. Who gives a flying frack if it takes a few extra microseconds to load or uses a couple of extra megabytes of memory in today's multigigabyte RAM systems. If it works GREAT. 

Reason for Karma (Optional)
Successfully updated karma reason!
May 13, 2013 4:30:21 AM from WinCustomize Forums WinCustomize Forums

Quoting Nimbin,

yuuuuuuuup, just another my dick is bigger than your dick Anti Virus comparison test. If the AV you are using right now works for you, then it is the right product for you. Who gives a flying frack if it takes a few extra microseconds to load or uses a couple of extra megabytes of memory in today's multigigabyte RAM systems. If it works GREAT. 

 

agreed. the really important bit from the original report is this:

They found that all except AVG, Bitdefender, eScan, Kingsoft, Microsoft, and Sophos delayed full protection to some degree.

so while Kingsoft might look a lot worse than Kaspersky or F-Secure on the graphic, it actually protects you while any malware might still be loaded before Kapsersky, no matter how fast it is. at least according to this report.


Reason for Karma (Optional)
Successfully updated karma reason!
May 13, 2013 6:32:58 AM from WinCustomize Forums WinCustomize Forums

They tested when the AV actually loads. That’s not to say they’re actually protecting you during boot, but AVC didn’t actually test that.[/quote][quote who="Nimbin" reply="15" id="3356893"]
yuuuuuuuup, just another my dick is bigger than your dick Anti Virus comparison test. If the AV you are using right now works for you, then it is the right product for you. Who gives a flying frack if it takes a few extra microseconds to load or uses a couple of extra megabytes of memory in today's multigigabyte RAM systems. If it works GREAT. 

Again. This is about boot time protection as well as system impact. From the OP:

They tested when the AV actually loads. That’s not to say they’re actually protecting you during boot, but AVC didn’t actually test that.

You haven't discovered America, I'm afraid. I stated that in the OP to make things clear. From their report (note the second paragraph, as well):

 

 

I also noted the limitations of the user machines tested. They did a good job of comparing "similar" systems, but there was too much variation. I believe they should have limited their testing to exactly when the AV/AM module loaded. They should have measured the impact from that moment on.

Clearly, I believe people should adopt AVs/AMs which give actual protection from the earliest possible time.

Also, they tended to compare apples and oranges. Suites load slower. They should only measure when the actual protection starts, while measuring system impact from the moment of starting the services and onward.

Their testing therefore, has some problematic areas. Also, "real world" testing is truly impossible because of the differences between machines in the real world: Age, disk saturation, processor speed, fragmentation and RAM are important. I mentioned all that as well.

Reason for Karma (Optional)
Successfully updated karma reason!
May 13, 2013 1:50:56 PM from Stardock Forums Stardock Forums

Hate to sound like a broken record people, but better 'OS-at-boot-time-protection' comes from not running your system as admin.  If your system boots and you login to a 'limited' user account you have just done more to protect your system at subsequent 'boot-times' than anything else.  Just that tiny little detail will do more to protect your system from threats (as well as yourself) than any of those products listed above....

 

I am not saying that AV programs are unnecessary, I am just saying I believe the idea that they should be looked to as one's first-line-of-defense is silly and one of these days soon I will write up a step-by-step (as I see it) guide to securing one's system from the inside (ie. credentials, least-privilege, security policies etc.).  After securing a system/OS from the inside the AV program (any AV program) becomes more about 'second-opinion' etc. which is about as far as I'm willing to trust any AV program when it comes to the security of my systems.  

 

 

EDIT:

In an effort to remain somewhat on topic..........hehe

 

Windows 8 has a nifty little thing called ELAM (Early Launch Anti-Malware) http://msdn.microsoft.com/en-us/library/windows/desktop/hh848061(v=vs.85).aspx  I wonder how the test-results would be affected by that...

Reason for Karma (Optional)
Successfully updated karma reason!
May 13, 2013 2:27:45 PM from WinCustomize Forums WinCustomize Forums

Thank you Jafo. Makes better sense now. 

Reason for Karma (Optional)
Successfully updated karma reason!
May 13, 2013 2:40:25 PM from WinCustomize Forums WinCustomize Forums

Quoting the_Monk,
I am just saying I believe the idea that they should be looked to as one's first-line-of-defense is silly and one of these days soon I will write up a step-by-step (as I see it) guide to securing one's system from the inside (ie. credentials, least-privilege, security policies etc.).

Yep...same day as Smedley's skin "Roan".

Reason for Karma (Optional)
Successfully updated karma reason!
Stardock Forums v1.0.0.0    #108431  walnut1   Server Load Time: 00:00:00.0000688   Page Render Time:

Home | About | Privacy | Upload Guidelines | Terms of Service | Help
WinCustomize © 2014 Stardock Corporation. All Rights Reserved.