Author Topic: Turning on and off real time protection  (Read 1957 times)

Offline AnnieMS

  • Newbie
  • *
  • Posts: 16
    • Personal Message (Offline)
Turning on and off real time protection
« on: January 04, 2010, 07:37:52 PM »
I uninstalled AVG 9 via Start> Programs > AVG > uninstall AVG, deleted the AVG files in c:\Program Files and rebooted before installing avast 4.8. I just read in a thread that I should have run the AVG remover as well. Should I turn off avast real-time protection before running the AVG uninstaller? I don't need to uninstall avast and run an avast uninstaller before running the AVG installer, do I?

Do I need to turn off avast real-time protection for updates - windows, java, etc. - or just when I install a program or just when I install a program that specifically says to turn off av and script blockers?

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69213
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: Turning on and off real time protection
« Reply #1 on: January 04, 2010, 09:00:25 PM »
You can still run the AVG remover even after its regular uninstall, even with avast installed, there should be no need to either disable or uninstall avast first to run this tool.

- AVG8.x (or higher) Remover, download tool from here, http://www.avg.com/download-tools there is a 32bit and 64 bit windows version, ensure you use the correct one.

There should be no need to pause or turn off avast for windows or software updates. As far as installations go, this is the very time you want your defences up and running. If they say it should be disabled, I ask why, what is it that they are doing or trying to hide that requires this. There has to be a very, very, good reason for this (perhaps some security software, bet even then, I don't see why) and they should say exactly why this is necessary.

I can't recall the last time I disabled avast to install or update anything.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline AnnieMS

  • Newbie
  • *
  • Posts: 16
    • Personal Message (Offline)
Re: Turning on and off real time protection
« Reply #2 on: January 05, 2010, 09:08:57 PM »
Thanks DavidR. That helps a lot.

Back in the old, old days it was routine to turn off av protection before doing installs. Most programs included that instruction in their install instructions and some reminded you when you started the install. Then programs stopped including it in instructions and I stopped doing it w/out noting problems. [well, on a pc there are always problems and one's seldom sure where they come from].

Now av's include anti-rootkit scanning and I wasn't sure if things had changed back again. I noticed online scanners like Trend Housecall state they work w/ installed av and anti-malware now - you used to have to turn off installed av to do an online scan. Something recently said to turn off av and anti-malware as one of its steps. I think maybe it was a how-to troubleshooting article - I'm troubleshooting several things as usual and I'm trying not to create more problems when I have to install or uninstall. I'll question any such instructions more thoroughly from now on.

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69213
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: Turning on and off real time protection
« Reply #3 on: January 05, 2010, 09:19:59 PM »
You're welcome.

Personally if I'm doing an on-line scan (can't remember the last time I ever did one though as most use activeX meaning using IE, no way), once connected and just before running the on-line scan I would pause the Standard Shield.

This not only avoids potential conflict (some AVs don't encrypt their virus signatures, so avast may alert on them), but also cuts down the overall scan duration by cutting duplication. For the files being opened/unpacked by the on-line scanner to scan, avast would most likely intercept the opening and first scan the file (this is after all what a resident scanner does).

By using a multi-application (they must compliment rather than conflict) approach to security you are already using a second opinion so to speak (like the applications in my signature), so the need for an on-line scan is lessened.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Online polonus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 20143
  • Gender: Male
  • malware fighter
    • Personal Message (Online)
Re: Turning on and off real time protection
« Reply #4 on: January 05, 2010, 09:23:07 PM »
Hi AnnieMS,

An additional precaution to introduce on downloading from unknown sources.

Use secure downloading, that means whenever installing new software without knowing the source a priori perform a combined AV and anti-malware scan for the executable and the rest of the vulnerable files.
If there is no malicious software flagged or detected, it could be a zero day, so be careful under all circumstances.
Before installing a proggie or a tool, always export your Registry first.
Might it be malcoded then make another export of the Registry and compare both exports with a File Compare to see what eventual malcoded crap came nested in the registry. Then perform an uninstall and search for the files that weren't removed (select *.* for date of that specific day of install) now as a final step put back the Registry - easy peasy...

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline AnnieMS

  • Newbie
  • *
  • Posts: 16
    • Personal Message (Offline)
Re: Turning on and off real time protection
« Reply #5 on: January 07, 2010, 11:54:59 PM »
Thanks again DavidR and thanks polonus

Regarding online scans. Since no av is 100% and can have blind spots like the rest of us, usual recs [in articles I've read] have been to "occasionally" scan w/ another av. Since you can't install 2 av's at a time [not even if you keep one disabled], we paranoids who only sorta know what we are doing use an online scanner at times to get another av's "opinion" w/out having to uninstall and reinstall our av. Especially when we paranoids were stuck using symantec av, which didn't inspire us w/ confidence. I don't feel the need to do "occasional" scans now that I'm running avast. I'm also re-thinking what/if any anti-malware programs I need to run regularly.

Of course, one should only use scanners from well-known companies like trend or panda [I didn't know about avast then so I don't know if avast has one]. I think the recs need to be a bit more specific about how to choose a 2nd av for online or "on demand" scanning to compliment your installed av. That would require constantly updating info on which av's are catching/missing x% of likely/possible threats and maybe comparing heuristic vs definition strength and posting it where I can find it with my google searches. Probably not realistically doable. No article said how often "occasionally" was either.

I haven't done an online scan for awhile for long story reasons. You used to run the online scan from within the browser and they used to tell you to turn off installed protection during the scan, so you just went to that site and didn't do anything until the scan was over. With the recent trend housecall scan I downloaded a launch.exe via Firefox [ I don't use IE x when MS makes me and only at MS] that made a web connection to update when I ran it. It then runs a stand-alone, browser independent scan. I downloaded the symantec scanner [by mistake] and it also runs outside the browser [and produces uninterpretable results] so I was thinking that's how "online" scanners work these days. Trend said somewhere its scanner worked w/ installed av and antimalware programs in place [as I understood the wording]. I stopped my AVG real-time and Spybots teatimer 'cause I wasn't 100% sure of the wording and I didn't want any false positives or whatever else could happen.

AV products, the type/prevalence/effectiveness of online threats, and other technology that impacts on security change constantly and there may be times when it's better to run a 2nd scan and times when it's unnecessary or it's better not to run a 2nd scan and only the experts will probably know. I think the current recs are based on picking an online scanner provided by trend or panda or another such av which has maintained a good rep over time as your on demand scanner. If your avg, bitdefender or symantec missed something, they have a good chance of finding it.

One circumstance where I think it might be a good idea to run a 2nd scan is when you run into a troubleshooting issue that you can't fix easily and you get a lot of possible causes/solutions suggestions in forums or reading. I did the trend scan because I'm trying to figure out why this computer has run way too slow out of the box and why MS Word crashes constantly on MS WinXP. Since the computer has been in use w/ various av's and antimalware programs at various times I wanted to first rule out malware that I may have picked up to confuse the issue with as close to 100% confidence as I could, then do hardware diagnostics, then performance diagnostics.  The Trend scan found malware that my then-av hadn't and I found out about rootkits, so I haven't progressed to hardware diagnostics yet.

Re secure downloading. Prior to installing avast, I used to scan any downloaded file before opening w/ my av and spybot. [via rclick or context menu] With spybot, when you try to scan some .exe files from the context menu sometimes you get the "Do you want to run this" box instead of a scan, but I haven't had that problem w/ malwarebytes. I also use macafee software site advisor before downloading software from a new site [unless it's well known like sysinternals or cnet or pcworld] I've haven't routinely exported my registry before installations, which is a good idea. I only tried System Restore once and it didn't work.

With intelligent stream scanning I thought maybe I wouldn't have to scan pdfs & pics after download before opening.

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69213
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: Turning on and off real time protection
« Reply #6 on: January 08, 2010, 12:37:40 AM »
I can't recall the last time I did an on-line scan, mainly because most of them use activeX and that means using IE and for me I avoid that. If doing an on-line scan establish the connection and then pause the Standard Shield. This avoids possible conflict and reduces duplication of scanning, reducing the overall scan duration. Don't forget to enable it after.

I wouldn't touch Panda's on-line scanner as it dumps its virus signatures in the system folders and worse still it doesn't encrypt them, then on the next avast scan that you do it is likely to alert on finding the unencrypted virus signatures.

I tend to back-up avast with scans SAS and MBAM in my signature.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now