Scheduled Scans vs Shields What is Avast's Policy?

I have purchased Avast Home/Professional for my mother’s computer because Norton was slowing it down to a crawl and Avast’s Professional edition has a command line scanner. I have reformatted the drive and re-installed XPSP3 and Office 2003. Her computer has 512MB of RAM. I would like to schedule a full disk scan to run at 3AM. In a post in March It looks a translator for Avast recommended other products for doing batch scanning. See:

Now back in the “old days” (1993) when you were word processing, you were in the word processing application. When you were accounting, you were in the spreadsheet application. When you wanted to check for viruses, you ran an anti-virus application. Avast seems to favor a “shield” approach: Network Shield, P2P Shield, Standard Shield, Web Shield, photon torpedo shield, etc. My mother has an older computer which runs slower with all these shields. Is Avast suitable for the circa 1993 approach? Do I have to get her a new computer just to keep up with the virus scans? We bought it in 2005 and she still uses it for just what she bought it for back then: MS Word and light surfing.

Can someone from Avast comment and advise as to what virus scan approach I should take? I’d be interested in thoughtful users’ responses as well.

Thanks in advance
:-\

I ran a full scan when I installed avast! and as its resident protection prevents infections from installing I find that I rarely do a full scan any more.
I’ll run a full scan before an avast! update or sometimes at the begining of the month if I remember.

That quote, was for a specific problem and not a recommendation for everyday usage. For example, suspicious activity on a system yet no detection by the resident scanner, by doing an on-line scan it is a second or third opinion that your system is in fact clean or otherwise.

You can’t do batch scanning, certainly not the batch I’m thinking of given your comment (back in the “old days”) a batch file was something to run things one after the other. This isn’t possible for on-line scanners where you have to be present to connect to the site and initiate the scan and any actions, etc.

So I would say ignore this as it is I believe unrelated to what you ask.

avast is a resident scanner which means it is always running and any files that are accessed (say to run) would be scanned by the resident (on-access) scanner. So this lessens the need for a scheduled (on-demand) scan, so say once a week and not daily should be enough. There is also the screen saver or scan when idle option where avast will cycle through he local drives scanning away, this has the advantage of it shouldn’t slow anything as the screen saver is on or the system is idle and you don’t have to schedule a scan.


The first thing I would suggest is that you ensure that all remnants of Norton are gone as it can be a pig to fully remove and this could have an impact on both performance and avast.

A link worth looking at, which is a program removal tool that can remove the remnants of a number of different Norton Programs:
Removing your Norton program using SymNRT
Or ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

ShieldsUp Jim
The main shields as far as resources go are the Standard Shield and the Web Shield; the others use negligible resources and for the most part are idle so resources are minimal until in use. I would say there are probably many shields that your Mother may not require, if she doesn’t use Instant Messaging or P2P applications, then you can terminate the shield specifically for that.

So I would say the minimum would be Standard Shield (the main scanning engine), Web Shield, Network Shield and Internet Mail (set to High sensitivity).

You shouldn't need to get her a new computer:
If you can I would suggest at least another 512MB of ran and that would improve overall system performance and not only avast. XP has a recommended minimum of 256MB which leaves 256MB for the rest of the things that are running and that really isn't enough. Windows will then be having to swap data out to the pagefile.sys and back into RAM, that thrashes the hard disk and slows the system.

Thanks for the helpful response YoKenny and especially DavidR.

She does not use instant messaging and uses Yahoo! mail. So the only shields I’ve enabled are Network Shield, Standard Shield, and Web Shield. I was thinking of upgrading to 1GB myself – we most certainly could do that. The disk image from HP contained Norton 2004 which seemed to clean itself out pretty easily but I will try the tool you suggest. It’s a shame, Peter Norton is a bright guy and it was such a great product.

I guess the difference between 1993 and 2009 is that the “network is the computer” so I guess batch scans aren’t going to cut it anymore. David, I want to make sure I am understanding what you’re saying. You say:

Does that mean a virus or malware is not a object that exists on a disk but a process? Would it follow that we are less concerned with the altered structure of an infected file and more interested in the infection process? So once the infection happens it’s too late? Is the only way to lick the malware is to catch it “red handed?”

Still interested in other’s thoughts.

Even though she only uses Yahoo email (web based, viewed through the browser) I would still have the Internet Mail running and on High, as any undetected/hidden trojan spambot comes to the party with its own SMTP client, so it can send spam without an email client or using yours.

That could also give you your first indication that you have an undetected spambot on the system as it blocks those emails.

The virus exists on your system, but if I got your drift that you would like to run a batch script to run several scans (as in fire and forget), that isn’t possible if you are using on-line scanners such as those you quoted from Tech, as they require interactive input.

For example, I use a small batch file to back-up my data files to a mirror location. That works great as all the files required on my local system, but I can’t construct a command to connect to the internet, connect to a site and initiate a scan based on the internet.

Prevention is obviously the first course of action if possible (the resident on-access scanners), then it can still be dealt with. It depends on why it wasn’t detected in the first place. No single application will provide 100% protection so things can get through and for the most part this is rare and the only way most find out about this is if they start seeing strange effects on their system. That is when you check using other tools, like the on-line scanners and that was said:

For example, suspicious activity on a system yet no detection by the resident scanner, by doing an on-line scan it is a second or third opinion that your system is in fact clean or otherwise.

Other tools you can have on your system to run on-demand scans periodically, like those in my signature, SAS and MBAM, which I run weekly as a back-up scan, a multi-application approach to security. This improves overall detection/protection.

If you haven’t already got this software (freeware), download, install, update and run it periodically.

Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.

I would have never known that Trojans bring their own SMTP client. I will add the internet e-mail scanner to my Mom’s (and my) configurations. This was a real education. Many thanks for the links and your time.

No problem, glad I could help.

Devious sods these spambots, some are also hidden, so the multiple emails in a time period check of the Internet Mail is a handy back-up to it being hidden as the email has to be sent.

A belated welcome to the forums.

+1 This was the actual reason for me joining these forums, so for me the internet mail shield is absolutely necessary. A very good feature of avast!, which sometimes goes unnoticed if you ask me…