Making Avast the lowest overhead AV available

Discussion in 'other anti-virus software' started by Kees1958, Jan 27, 2010.

Thread Status:
Not open for further replies.
  1. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I installed Avast 5. I like it a lot... On demand scan the first time took 1 hour, but i guess it's because it was making the permanent cache too. When i browse i see no CPU spikes at all! I love the cache! :thumb:
     
  2. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    Yeah, the first scan takes longer. But all the next ones will take just a fraction of that. on-access shouldn't even be noticeable. Anyone who says they don't use AV because of the overhead should shut up with avast! 5.
     
  3. cupez80

    cupez80 Registered Member

    Joined:
    Jun 28, 2005
    Posts:
    617
    Location:
    Surabaya Indonesia
    anyone here got lag when browsing with windows explorer ??
     
  4. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    Nope. Not even on netbook.
     
  5. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Don't recall if I got that or not, but for sure when browsing the web, it makes a big difference.
     
  6. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    never had a slowdown with any part of avast v5
     
  7. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,974
    Location:
    Boston, MA
    Yes I had some slow down opening and browsing w/ firefox. Not so bad when I took off the web sheild
     
  8. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    True, after intensive non stop use , i have less CPU time and dramatic decrease in IO reads (last column).

    http://img64.imageshack.us/img64/3719/69320929.png

    Great AV! So light! :thumb: :argh:
     
  9. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,102
    Location:
    on my zx10-r
    im testing this on a old cereron m 1.2 single core and its shows no slowdown at all from the suite. i can actually run a full scan while using chrome and running a update. granted the system is not crazy fast to begin with but running a full scan does not slow down the system at all. i actually couldnt even tell it was running. and its only using 15-40% at times of the single core. i had another av on here before which is also very light and doing a full scan pegged the cpu while running chrome and trying to do anything else it was impossible. im still amazed.
     
  10. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Yep, you have on average 1.5 secs Avast CPU for every hour your PC is on and only 70 MB I/O, that is very very light

    When I run for about 4 hours, it averages to 0.8 secs per hour and total 30 MB I/O (that is with my tweaks). So what shields are you running?

    Regards Kees
     
  11. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Yep. In the previous page you can see the difference with Vipre. In both cases, i were doing the same things with the PC.

    Just File shield and behaviour shield, default settings.
     
  12. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    YEP, same here (only tweaked a little)
     
  13. captainron

    captainron Registered Member

    Joined:
    Oct 22, 2009
    Posts:
    77
    hey kees, noticed this from your first post "downside is that I still can download zipped files (not considered and anti-executable), see pictures"

    you should be able to add zip files into your softfware restriction policy no problem.

    on xp - start --> run --> gpedit.msc --> double click on windows settings --> double click on security settings --> double click on software restriction policy --> double click on designated file types on the right hand side --> add .zip file types to be controlled by your software restriction policy

    edit - disregard this step I posted above if you ever use zip files at all, it limited my admin account from dl'ing zip files also so it's too restrictive IMO
     
    Last edited: Feb 8, 2010
  14. captainron

    captainron Registered Member

    Joined:
    Oct 22, 2009
    Posts:
    77
    sorry to bump an old thread, but kee's I don't have any entry or folder called 'attachments' to add this dword and value into....

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments

    any help?
     
  15. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Just create the subkey, no problem.


    Regards Kees
     
  16. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Thx for sharing solutions and taking the time to solve it. I found another work around (only to be used with Chrome/Chromium)

    When you fancy the download + execution trick I posted AND are using Chrome/chromium, there is a way to prevent zip-files from unintended access also (because zip can contain data and programs, this approach is only viable with Chrome, because Chrome allows download, but explorer intercepts opening).

    See https://www.wilderssecurity.com/showpost.php?p=1620412&postcount=6584

    Just implement Running Chromium with the anti executable trick .... until ...(scroll to inclusion lists).

    regards Kees
     
  17. captainron

    captainron Registered Member

    Joined:
    Oct 22, 2009
    Posts:
    77
    thx Kees :thumb:
     
  18. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,557
    Hey Kees! I can't find "attachments" under policies in regedit.
    I'm using Windows XP Professional SP3, what should I do? I want to use this tweak much XD
    http://i45.tinypic.com/fmi6i8.png

    I created a subkey and proceed on your instructions.. after downloading eicar test file.zip... i don't recieve notice from avast.
    I'm using firefox


    Also..
    I'm trying to do this setup.:
    Avast All shields disabled except File System Shield + Threatfire?
    is it overkill or just right?
     
    Last edited: Feb 22, 2010
  19. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857


    The Attachement key is not there by default, just create it.

    You can also use the Group Policy Editor (GPEDIT.msc) when on XP Pro.

    Avast file shield with TF is a good combo IMO, just be sure to make a restore point (option in TF) before quarantaining
     
  20. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    I'm on Win 7 Pro and the key you refer to is at Local Machine and already set to 3 by default.
     
  21. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,557
    Hey, I followed this tweak..
    but when downloading "eicar.com" avast does not block the download.
    the virus was detected when I double clicked it though, thats after downloading.

    Is that how its supposed to work? I thought it would be something like web shield.
     
  22. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857

    Sorry Konata Izumi,

    I have implemented this tweak https://www.wilderssecurity.com/showthread.php?t=262475 This prevents IE8 from downloading executables. Firefox downloads the file with zero bytes (I don't use FF, but I am told). Chrome downloads exectables anyway. When downloaded Explorer does not allow to run it (when downloaded with Chrome), until you remove the block (with Explorer).

    When you have default deny download or deny execute of downloaded programs (f.i. with this tweak or with the paid program AppGuard), then you can same a little bit (CPU and I/O) when you check only downloaded executables by mail or webbroswe ON EXECUTION time.

    So when you want Avast to check at writes, you better to use the default file shield setting.
     
  23. demonon

    demonon Guest

    Just to get things straight.

    I do this registry trick :

    Only thing I have to do is open REGEDIT and toggle to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
    Add Reg Dword rename it to ScanWithAntiVirus and give it a value 3, it should show
    ScanWithAntiVirus REG_WORD 0x00000003 (3)
    (3 means scan and block access when malicious)

    And after that I can disable the shields?
     
  24. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    See picture
     

    Attached Files:

  25. demonon

    demonon Guest

    Ok, thank you.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.