OK to not scan files on OPEN?

I need to speed up my Avast Home. I use only the resident shield and it can slow my PC down too much.

If I go into the Task Settings for the Resident and select the Advanced tab then I see I can select to scn on OPEN and/or CREATED/MODIFIED.

Of course ideally they would both be checked but if I had to uncheck one then is it better to uncheck the OPEN one?

Thank you.

You could uncheck both and, from time to time (weekly), run a thorough on-demand scanning.
If you still want to choose, uncheck the created/modified will give you more protection (although using more resources, in my opinion).

You could tell us a little about your system, what version of windows do you use, what is the CPU (processor) how much RAM do you have ?

Also what are the sensitivity settings of the Standard Shield, Normal (default), High obviously will scan more files.

disabling the Open I would say is a huge security risk as files being opened could be being opened to execute and you would have no protection against this. The Created/Modified is slightly less of a risk, but a risk none the less. If you were to disable both you would almost be turning avast into a non-resident scanner and loosing the valuable protection that may possibly stop a virus getting on to your system. Prevention is much better than cure and is not only likely to be easier to deal with but quicker and less potential for harm to your system.

I feel it is a mistake to disable these options, but it is your system and your choice.

Open here, as far I know, is different than execute. A script, a executable, will be caught by the Standard Shield. Open is referred to non-executable files. So, I don’t see a huge security risk.
I myself have that option disabled. The problem is the on-demand scanning should be run from time to time instead of depressing the system all the time. Infected files could be there in the hard disk, but they won’t be executed at all (if avast has the signatures for it).

Sure. The user must find the best balance between performance and security that he/she needs or wants.

Well right click on an exe file and see what is at the top of the list, ‘Open’ image 1.

So this is from windows explorer and to me Open can also mean execute, as selecting Open results in the execution of the programme, image 2.

So would I want to take a risk with semantics, no thanks.

Does that file is clean or not?

It doesn’t matter if that file is clean or not for the purposes of the test, if you have unchecked the ‘Scan files on Open’ then it won’t be scanned (infected or not) and if Open (certainly in this case) means execute then you could well be infected.

No David… you’re wrong. This is exactly the point.
If they’re executable files, ‘open’ means ‘run’ and they WILL be scanned due to Standard Shield settings…
I won’t suggest such an unsecure option for the users like you’re saying… You don’t believe me? :cry:
Even macro viruses (on OLE documents will be caught with the option ‘Scan files on Open’ DISABLED).

Try to run an eicar.com file and you’ll see avast warning :slight_smile:

That’s fine, I didn’t like the fact explorer has Open which would allow files to be run/executed and avast using the same term Scan files on open, which means something different to that of the explorer context menu.

I thought that the scanner advanced might over ride the scanner basic settings and it doesn’t which is fine.

Yeah… that’s the point. Without it, no way, the open option should be checked. With that option, we can customize our beloved avast a little more 8)

Whilst we have been trying to confirm how this function works and protects it would have been nice for some further feed back from the original poster on the question about their system and settings

Hi David, my brain has been watching in amazement as it tries to understand this discussion about open, run, execute and also create/modify! I have to confess that I little idea as to what the conclusion is! Heh!

I should add that my Standard Shield is set to NORMAL. I do not have any other Avast providers running.

I was asked in the thread for my system details but I don’t have them all to hand altho I can say its an AMD Duron 1800 MHz cpu with 768 MB and several hard drives. The hardware may be less relevant because over time the system has a greater and greater load from all sorts of programs getting installed. So once the system was quite fast and now it is sluggish. >:( This has resulted in me needing to reconsider if I need both those boxes in the Advanced tab of Avast’s standard Shield settings.

Could someone kindly summarise what the debate above has concluded? There seem to be some very interesting points raised but I don’t know Avast well thoroughly enough to understand their significance.

Thank you!

Smolls

Personally I would say leave them at the default settings ‘checked’ and also leave Standard Shield at Normal as these do provide a compromise between performance and protection.

I would suggest that you do an audit of what you have running on boot as there are many applications that by default run on bott when they aren’t absolutely essential, media players are one of the usual suspects. You don’t need it running until you click on a media file and then it will start because of the file associations, yes it might take a couple of seconds for the media player to start but that is gained in the reduced resources.

On my system I try to have only security applications run on boot and absolutely essential applications, my graphics controller, Uninterruptable Power Supply and my Image capture application, the rest are windows services, etc.

You didn’t say what version of windows you use, this probably has the greatest impact when talking about resources and how they are handled. Win9x, winME are notoriously poor at managing resources, so if you have one of those then the audit of running applications is even more important.

What other security applications do you have ?

Follow David’s advices is the simpler and secure.
If you want even more performance in your computer, then just ask and I can guide you for the second step.
Is it good if we do this way?

It’s not the best situation. WebShield and Internet Mail provider should be running too…