Random Thoughts and Musings

Discussion in 'other anti-virus software' started by n8chavez, Jul 18, 2007.

Thread Status:
Not open for further replies.
  1. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    It's been a while since I felt I had anything substantial to say that warranted starting another thread. Now recently I've been thinking a lot more about the individual's security needs. So, thought I would create a semi-random thread that would encompass everything and see what you all have to say.

    It seems that AV companies no days are asking for far too much faith from its users. Why I don't understand. ESET seems to be leading the way in this race to obscurity. Why must we trust that they will deliver a compitent future product. Of course Dr Web, having not released a new version in so very long, is not far behind. The argument has been made that they have done so in the past and thus we should have faith that they will again. That reasoning doesn't work for me. I want to know as much as I can about a product that I'm going to be using, especially with ESET's habit or not supporting past version. Dr Web has so far delivered only promises which have yet to be fulfilled.

    It seems to me that many AV companies have forgotten that simple and effective can be a very good things. I have never understood Kasperskt's PDM, which flags and alerts the user for every little thing, to the point where I want to throw my system out the window. That's not smart. Intelligence lies in heuristics, as I assume we can all agree. It is important to have an engine that can detect as many pieces of malware as possible, without the need for signatures. But why is it that KAV has decided that is no longer enought. They now feel the need to include an HIPS with their sotware. You will learn that does not work. Quit trying to be the best at everything to the point where you where yourself thin.

    Size matters. I have never bought the argument that because hard drive space is easy to come by, as is the case with RAM, that security companies do not need to keep themselves in check. The above may be true but it is not a licence to run all 'will nilly.' Keep yourself in check. VBA32, I will admit, has improved in this areas with 3.12.2. But there is more work that can, and should be done. Come on....your off that fat ass and do a squat every once and a while. NOD32 is another example of a fantastic AV that has lost its focus and is no longer worthy of being considered a low-impact solution. I'm not sure what happend to it, but lately it consumes a lot more RAM then it used to. True, the numbers for the processes that NOD32 directly controlls, nod32krn.exe and nod32kui.exe, do not appear to have inflated. However the commit charge says otherwise. Can anyone provide me with a valid argument why having a lean, yet mean, AV is a bad thing?

    Does the perfect product exist? No. But in a world that seems to be content with sacrificing modern guis for effectiveness we have all lost our way. The perfect AV would have NOD32's effective version 2.7 interfece, VBA32's heuritics, Dr Web's compact definitions, and KAV's update frequency. This is a call, if you will, to stop blindly accepting what ever crap 'they' decide to put in front of you. You have the right to make an impact, you just need to decide to exercise it.
     
  2. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    701
    I don't understand why users are so obsessed with low memory impact of AV programs. Of course, you should not bloat the product. But keep in mind that the number of malware is increase in an *insane* way. To add detections, virus names, repair information etc. the AV program is doomed to use more memory - no matter what.
    Same goes for scan speed and system impact. Of course a HTTP scanning module will slow down your system! You cannot perform lot more of scanning without having that impact. Everything comes for a price - and that is a surprise to the users?!?!?

    Complaining about an AV program using 50-100 MB of RAM but using Vista at the same time... Yeah... :rolleyes:
     
  3. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    I always ignored the ram consumption of any AV.
    Only detection really matter to me.
     
  4. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,526
    Location:
    Arkham Asylum
    Same here.
     
  5. tamdam

    tamdam Registered Member

    Joined:
    Feb 8, 2007
    Posts:
    88
    if you have limited amounts of RAM then of course RAM usage matters. But of course, RAM is so cheap nowadays, not many people *should* have RAM troubles. I think the one that matters more is CPU usage and "freezes" -> where an AV tries to load its service at the same time as others, it might cause computers to freeze momentarily. Likewise, a high CPU usage AV will cause other apps to freeze every now and then.

    edit: anyway regarding KAV's PDM, I don't find it intrusive at all. Rarely, infact, does it popup for me, maybe once a week. I actually appreciate it so much its the reason I stick with KAV despite it slightly higher CPU usage. Compared to other HIPS, its dead quiet. Of course it depends what sort of programs you have installed on your computer.
     
  6. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    No, the perfect product does not exist. If it did, it would be a suite :gack: . I finally got away from suites last year and continue my search towards perfect. I also think that there is no perfect anything. A decent AV with a good AS/AM with HIPS/IDS and good firewall are close. Add a sandbox and or VM with a backup solution and your as close to perfect as humanly possible.

    We all want programs to be better, run faster and use less memory. The question is, if it uses more memory, is it worth it? I worked hard to trim my machine down and I do give a darn about how many processes are running and how it impacts my performance.

    I personally feel that AVs, AS, and AMs, ATs are all merging into one product. I don't know if this is a good thing or bad. It would seem to eliminate some of the layered components so highly recommended. I personally don't want any single program in control of my computers security.

    I'll also be honest. With an updated system, FireFox2 with goodies, a good firewall and some common sense, I'm not sure things are as bad as we may think they are ;). We mainly only need AVs/AMs during our rare weak moments. Of course, we are not your 'typical' users.

    Sorry for the long rant and cheers,

    innerpeace
     
  7. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    While this seems to make sense, and while I respect your opinion, Dr Web and F-prot are evidence to the contrary.
     
  8. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    There isn't any price awarded for the "smallest" Antivirus. Ofc a solution blocking the whole machine while scanning is also a mess. But keep in mind that different av solutions using different technologies. If your AV solution doesn't consume more memory within weeks than before then you're doing something wrong. Because incrased database size HAS TO USE MORE MEMORY since you have to hold the sigs in memory for speed reasons and cannot load every single signature "on-demand" from the virusdatabase file for every file to scan. That should be pretty much self explaining.

    And regarding interface / GUI memory use... What's the difference for using lets say 5 or 10 MB more memory than some other AV? And an answer like "but i have only 1 GB and need to run Vista" or "256/512 MB and XP" or "Old machine" simply doesn't count. The stuff (memory/hardware) is so cheap that you should really be able to extend your machine to a at least use-able machine with some sufficient amount of memory.
     
  9. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Some pretty formidable AV experts have weighed in on this thread, yet I am foolishly throwing in my thoughts.
    "Simple and effective" does not sell units. If I may draw a flawed analogy, it the situation is similar in the realm of digital cameras, where image quality does not sell units - megapixel counts do. Digital camera enthusiasts that know that 6 or 7 megapixels is enough for 98% of users, and after that image quality is paramount. But enthusiasts are a niche market, the average consumer doesn't care to know the nitty gritty of how image sensors work. They want the concept of "best" to be quantifiable, hence most have latched onto megapixel count, which is ridiculous.

    The same goes here. Security enthusiasts may want simple and effective, but the average consumer wants "everything including the kitchen sink" protection, because it helps them choose a product (and cover their asses) without requiring them to study threads at Wilders for four to six months. It doesn't makes sense to many regulars here, but I think that Symantec could live without our business as long as it still sells to our moms, cousins, and in-laws.
     
  10. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Nah...you cannot add more than 2GB RAM to XP. I don't have enough RAM. I have the maximum of 2GB. I just had a popup while on a virtual machine saying that Windows was resizing my paging file because I was too low on virtual memory. Then I had no taskbar or Start menu. I actually wasn't low on memory (had almost 1GB free according to Task Manager which was the only program I could use since the taskbar and Start were missing) but Windows got itself in a twist about it and then nVidia TwinView caused a mess (it thought my virtual machine was a second monitor). But my point here is that 2GB RAM is simply not sufficient if you want to run more than one virtual machine and sometimes, like tonite, seems to be insufficient for one virtual machine. Dell informed me that this top of the line XPS machine cannot use any RAM beyond 2GB ...not even 3GB. Ridiculous. So, don't tell me just buy more RAM. I am at the limit currently and it not nearly enough. Even when I don't run any virtual machines I am pushing the limit on my RAM much of the time. Moving up to Vista is out of the question. I won't use that OS. A lot of us will never go to Vista so we are rightly concerned with an application that hogs RAM. Plus, many of us don't want Suites. I hate those. I want different applications ...layered. No Suites.
     
  11. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,526
    Location:
    Arkham Asylum
    I have never really thought about it, 2 gigs always seemed fine for me. Although, I have never ran a VM.

    http://support.microsoft.com/kb/555223

     
  12. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Yeah...but that is misleading. XP Pro is what I have and it will not see 4GB RAM on anyone's machine. Most it will see is about 3GB and Dell says the XPS 600 won't even see that or may see it but won't use it.
     
  13. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    You should be able to see a max of about 2.8 plus or minus. Unfortunately a limitation in 32 bit OS
     
  14. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Hi Nate. :)

    You initial post goes fine, and those random thoughts are all OK, but what's this? A call? To arms? A revolution? You sound a bit like Martin Luther King :D Sorry buddy, but what exactly do you propose here? That us, users, should appeal with 4 vendors to join their forces and produce us one super-anti-virus? I can't see exactly where you're coming from, n8...
     
  15. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,634
    Location:
    UK
    My experience differs to you. I hardly get any PDM alerts. Initially when KIS was installed, I got a few alerts that's for sure, but not received any more for the same programs.

    I should also mention I do not have the AIC component enabled. It is disabled by default, but if one enables it, there will be more alerts relating to shared .dlls and such like. This may be confusing to some.
     
  16. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Effect on performance is as important as detection rate.

    With 2 GB memory, I am quite happy to use a top tier AV that used 50-100 MB RAM but had no effect on the speed of my computer.
     
  17. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    This a restriction imposed by the mother board not the OS.
     
  18. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
    I agree with BC - I don't care if a AV uses 50-100 M B of RAM as long as the impact on the system is low.

    @Mele - 2.8-3.1GB of RAM is what you will normally see in a 32bit OS, you will still see this even if you run a 64bit OS without one of the chipsets mentioned in the MS kb article.
     
  19. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    I also don't understand why people want their RAM to be empty 3/4 of all time.
    RAM is there to be used doh. It's like always filling your car gas tank only to 1/4 while leaving other 3/4 unused. Sure your car is lighter but your mileage will be smaller... Bottom line, you don't profit much of of it...
     
  20. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    Hello,
    I have to say that the PDM is kis7.0 does really annoy me sometimes.
    when installing stuff it popups up like 20times on almost the same thing.
    there was alot less alerts with kis6.0 and i guess the extra alerts are ment to be more protective but alot more annoying.
    there is no perfect product.
    with anything you have to choose a product that protects you while at the same time doesnt ask you questions you cant answer and doesnt slow you down.
    i dont think nod32 is much heaver than it used to be.
    i can still install the lastest version of it on my test pc with basically no difference in speed than without it installed.
    the test pc is a pentium 3 with 256mb of ram.
    the reason i choose kaspersky over nod32 was because kaspersky has a better interface and is better at removing malware if any gets through.
    lodore
     
  21. rothko

    rothko Registered Member

    Joined:
    Jan 12, 2005
    Posts:
    579
    Location:
    UK
    just to reply to the "nod32 getting fatter" issue...

    i've used nod since version 1 and its lightness has always been welcome, but is certainly not the be all and end all of it.

    Stefan Kurtzhals makes the best point when he says that system resources are bound to be affected by the AV as the amount of malware increases and the work the AV has to do increases.

    back in the day of nod v1 pcs were a lot less impressive than they are today, as was the malware. the growth of the internet has meant that there is more malware around, but luckily the advance of computers has meant desktops and laptops are a lot more powerful than they were in those days. So who cares if an antivirus is taking up more space/memory/cpu when we have so much more available?

    if the enemy is getting bigger, then the army must increase too.
     
  22. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    hmm, ive never noticed my AV use more RAM just because more signatures are added. o_O
     
  23. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    Well for the workplace PCs in my case, there is only ONE security program, Symantec Antivirus Corporate Edition. No software firewall nor AS nor HIPS of any kind. Before that there was only McAfee Antivirus.:cool:
     
  24. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    That doesn't make sense to me. This is a 64-bit, 3.8GHz Intel 670 processor on a Nvidia Nforce 4 SLI x16 motherboard. Dell had told me originally back in December 2005-January 2006 that I would be able to run XP Pro 64 bit and that all 4GB of RAM would seen and used. I had asked because at the time I was seriously thinking of moving to XP Pro 64 bit and I knew I needed more than 2GB Ram even on 32bit XP Pro because the Dell I had then had two GB RAM and it wasn't enough to comfortably run more than one virtual machine at the same time. I should be able, on a powerful machine, to run at least 2 or 3 virtual machines simultaneously and give each machine a decent amount of RAM and still have sufficient RAM for the host. These were Dell Supervisors I was dealing with in the Small Business Resolution Center and they understood what I needed and assured me that this chip and board would be able to address those needs.

    However, after I got the machine, I saw in the owner's manual that it would support only 2GB RAM. I asked, along with others who had been mislead also by Dell, in the Dell forums, and was told that 2GB was the limit although the machine might use 3GB it would not report it, and would not see or use 4GB, but the others asking did not have my CPU ...they all had Pentium D's. I was assured that this specific Pentium 4 on this nVidia board could, and would take, and use 4GB RAM. So, I don't know who to believe. There are a number of reviews floating around on the internet of this machine, in this configuration, saying the machine can do XP Pro 64 bit and use 4GB RAM so I am totally confused. I mustn't complain too much though because this machine was an exchange for a 22 month old Dimension 8300 that fell apart and this is obviously a superior machine. However, with the 8300 had I increased the RAM from 2GB (it also was a hyperthreading, dual channel Pentium 4 at 3.0GhZ) to 3GB, it would have seen and used that. The board chip on that machine was Intel ...Dell never used anything else until the XPS 600.
     
  25. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Sorry for the confusion, I meant chip set not the mother board, see the post right after mine for a better explanation.
     
Loading...
Thread Status:
Not open for further replies.