Author Topic: Temptation...  (Read 55044 times)

0 Members and 1 Guest are viewing this topic.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Tentation...
« Reply #15 on: December 09, 2005, 02:16:36 PM »
Hmmm i said that Nod32 has http scanning
Not like WebShield. Just this.

Quote
I don't wanna be a pain in the rear end, but all I want is to see my belowed AV working the way we all want. That's all.
You've stolen my thoughts  8)
The best things in life are free.

..::ReVaN::..

  • Guest
Re: Tentation...
« Reply #16 on: December 09, 2005, 03:10:06 PM »
Hmmm i said that Nod32 has http scanning
Not like WebShield. Just this.

What don't you get?Did i say that webshield and IMON are the same thing?Or did i say Nod32 had http scanning before avast, nothing else nothing more.
« Last Edit: December 09, 2005, 04:07:47 PM by ..::ReVaN::.. »

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Tentation...
« Reply #17 on: December 09, 2005, 03:53:51 PM »
Sorry, it was not my intention.
What I was trying to say is that NOD32 is a tentation for me because it seems very good.
avast scanning speed should be improved. And HTML traffic scanning of NOD32 is not like WebShield.
NOD32 has heuristics and avast not  :P

Let's forget and be friends  8)
The best things in life are free.

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6957
Re: Tentation...
« Reply #18 on: December 09, 2005, 03:59:44 PM »
Hey people calm down, we all are friends and it should stay that way. Tech, you started this thread with whole idea of NO32 being tempting... and it IS the truth, NOD32 is very, very tempting. Best of al, it works unbelievable silently and efficiently.

I also saw nothing else, but normal remark comming from ReVaN, that NOD32 had similar feature even before avast! had it. He wasn't trying to speak bad things about avast!, just said some facts. All those things can help us help avast! developers build a better product. We need faster boot-time, and we need lighter antivirus. We don't need those extra bells and whistles. If I need some anti-spam (and I don't because gmail does it perfectly for me), I will find something nice, and I surelly (like many others in here) don't want to be forced to use a bunch of extra things inside the antivirus. AV should be light and does its job... after all it's antivirus, not Norton  ;D  ;D  ;D
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

..::ReVaN::..

  • Guest
Re: Tentation...
« Reply #19 on: December 09, 2005, 04:12:05 PM »
Sorry, it was not my intention.
What I was trying to say is that NOD32 is a tentation for me because it seems very good.
avast scanning speed should be improved. And HTML traffic scanning of NOD32 is not like WebShield.
NOD32 has heuristics and avast not  :P

Let's forget and be friends  8)


No problem ;)


P.S:To anyone reading this we handled everything trough PM's like it should be handled ;)

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6957
Re: Tentation...
« Reply #20 on: December 09, 2005, 04:14:56 PM »
Best possible way... let's continue asking Alwil about what can be done regarding these things because we all want our AV to be without competition out there... let's try to find out some more. If other companies can make things go faster, then Alwil can do the same if not even better. Am I right or someone will start calling me names again ?!!
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33378
  • malware fighter
Re: Tentation...
« Reply #21 on: December 09, 2005, 04:37:55 PM »
Hi folks (and I mean Tech and S.Z.Craftec),

There must ne a difference in scanning techniques. One of the postings here, by Igor is explaining much. The question remains: what of a file is actually scanned? Rather wait a bit while a thorough and decent scan takes place, then prefer a blitz scan where part of the procedure is heuristic scanning or taking some things for granted, which is right 99% of all cases, but..not always.

Also heuristic scanning can come up with a lot of strange results, especially in the range of VSB scripts found. I know that Dr. WebCureIt is doing this when the heuristics are set to tightly, for instance toolbarcop is taken as a malicious VSB script file, while a scan with toolbarcop.exe on Jotti demonstrates that only Dr. Web comes up with this FP result. I have read that script viruses is also a weak point of the heuristic part of the Nod32 scan (as are cripples Zoo viruses), it just comes with this technique. So there are more angles to a thing as it may seem to be at first sight.
But Avast wants us to be critical and feed them back with results to build their decisions on, I will always co-operate to make Avast better.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6957
Re: Tentation...
« Reply #22 on: December 09, 2005, 06:48:24 PM »
Exactly my friend Polonus, I totally understand what's your point. It's natural... if you want something to be scanned as it should be scanned (detailed and perfectly) your antivirus needs some time, that's natural. I am sure Alwil guys would make it much faster if it's just possible, but it looks like there is not much that can be done in that area. However, my main concern was never the speed of the scanning process. I don't have problems with scanning doing its job even if it takes 2-3 hours... why ? Because I don't perform system scans every 5 minutes, doh. I don't need it to be fast, I just want it to be accurate, nothing else.

What is my main concern is the fact that many people already reported those boot-time slowdowns... what is being scanned all the time when I don't have anything in my startup items, nothing of some significance anyway. Also, don't want to go too deep into this, I am aware that I shouldn't just look what's in my startup items, I am very well aware of that, but still... I posted that link to one of my earlier replies, where I attached all those screenshots from various service-monitoring applications. Ok, in case someone missed that link, here it is one more time:

http://forum.avast.com/index.php?topic=17701.msg152166#msg152166

I still have no clue what's happening after entering the logging name and my password and entering Windows. It takes forever to see my HD LED stop flashing and finally turned off.
Simple question - why ?
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Tentation...
« Reply #23 on: December 09, 2005, 07:12:33 PM »
I still have no clue what's happening after entering the logging name and my password and entering Windows. It takes forever to see my HD LED stop flashing and finally turned off.
Simple question - why ?
Simple answer: interaction between firewall and antivirus. The different combinations will give the final answer.
For me, Outpost startup is very quick. Kerio give me an error (cannot connect to service). ZA is slow.
I did not test other resident antivirus.
The best things in life are free.

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6957
Re: Tentation...
« Reply #24 on: December 09, 2005, 07:35:48 PM »
Well I have to say, when I was testing this I uninstalled Kerio completely. I didn't even need it at that point because I could rely on my hardware router/firewall temporary. Same picture, same slowdown. As soon as I uninstalled avast! and installed NOD32, installed Comodo (later uninstalled and tested with Kerio as well), everything went back to normal.

So it doesn't look that simple to me...  ;)
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Tentation...
« Reply #25 on: December 09, 2005, 07:37:36 PM »
So it doesn't look that simple to me...  ;)
avast is guilty  :P
Isn't it simple?  ;D
The best things in life are free.

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11808
    • AVAST Software
Re: Tentation...
« Reply #26 on: December 09, 2005, 08:07:33 PM »
Well, something must be causing heavy disk access during your startup... and avast! is scanning the accessed files (at least that's the only explanation coming to my mind right now).
If you really don't know what it might be, you can try to let the "OK files" be included in the report file of the Resident Protection task (you can modify the task in the Enhanced User Interface). Of course, that will cause much more disk access, so it will probably make your startup much slower again... but maybe you'll find out what is being scanned...
« Last Edit: December 10, 2005, 01:49:41 AM by igor »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85966
  • No support PMs thanks
Re: Tentation...
« Reply #27 on: December 09, 2005, 09:29:26 PM »
Igor, I had a thread that went on for ages (what does avast scan on boot http://forum.avast.com/index.php?topic=14062.0) and really didn't get anywhere other than my finding Outpost being very talkative on boot and Standard Shield set on High, over 800 files were scanned on boot. Totally disabling Outpost on boot brought that down to around 250. With Outpost enabled again and Standard Shield on Normal, some 250 - 300 files are scanned.

I have virtually no programs start automatically and many windows services that are not required on my system disabled, so my system is well locked down. Yet I constantly see exe files in my Program Folders (I have two) being scanned on boot that I haven't used in months.

So I don't know why avast would scan them on boot?
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.9.2494 (build 21.9.6698.703) UI 1.0.672/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33378
  • malware fighter
Re: Tentation...
« Reply #28 on: December 10, 2005, 12:57:16 AM »
Well Sasza,

I too have some thoughts on your questions. In this respect I think it has not much to do with the interaction between AV and FW, but it has more to do with MS "by design".

This is information with one point of view in mind  andalso a bit biased, but it leads you in this respect into a good direction. By design Microsoft Windows XP is fragmented, where MRU's are concerned, the registry is hierarchal but the information is all over the place, an extensive amount of MRU's have been altered to an ":unreadable" format for 99% of the users. So remind hierarchal, but fragmented/ Swap file keeps ghost images generated . Raw sockets access also bypasses every home firewall from the old Sygate to ZoneAlarm. The reason is that these application rely on the Windows message/event handling and MS designed the raw sockets not to report to this layer. Install for instance a TCP/IP packet crafter on WinXP SP2 to see this function in action.
Index.dat contents also include deleted files, temporary internet files. Without extreme reconfiguration of Windows end users will not see the real files, instead a generated representation drawn from this file called index.dat Registry security is mainly the end users responsibility. An ini file would be a better solution, simpler and better security wise. Furthermore a growing registry slows the system considerably.
Know the (hidden) workings of your windows OS and the design of it, and you can answer some questions better.

greets,

polonus
« Last Edit: December 10, 2005, 01:45:57 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6957
Re: Tentation...
« Reply #29 on: December 10, 2005, 01:45:02 AM »
I am assuring you taht no one in here maintenance their systems as I do... it's in my blood already. I do that on every other systems all around Ontario (serving our customers). Registry cleaning (wise clean, not cleaning everything you get reported as a trash  ;) ), hard drive/partition/file defragmenting, and much more, are just few of many every-day tasks we perform...

Another thing... all those OS related problems/issues... well, how come all that falls into water when I have NOD32 and Kerio installed ? All those rules should be the same, no matter which antivirus you use, but apparently that's not the case here...  ???
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s