I also too have the same fondness for Antivir from back around the 07-08 era. I have used the newest versions off and on through the last two years and I have never been too impressed, The detection lacking next to Avast/AVG, a noticeable system impact, and certain bugs that keep coming back from time to time. But, at the same time i don't want to see them just be another Avast/Avg under the hood either.
With the presence of Gen Digital we still have access to other options: G Data, Bitdefender, Kaspersky, Eset, Trend Micro, Emsisoft, Webroot and Malwarebytes.
And IMO, has better online, browser protection as well as the excellent Banking protection, and Shopping protection.
I believe that the Windows system will display pop-up windows whenever you hover over any application icon or control on the taskbar, and that the content to be displayed is the responsibility of the application developer.
I realized that I was wrong about this analysis of mine. I mean writes are only being done in the browser cache, not by Avast is wrong. What System Informer's disk write column showed was double writes which is accurate. One by Browser, one by Avast. It seems System Informer's value is always accurate one way or another.
So Avast writes excessively for https scanning and B for updates; if I am going to disable https scanning of Avast, then its web protection is not superior to MD.I realized that I was wrong about this analysis of mine. I mean writes are only being done in the browser cache, not by Avast is wrong. What System Informer's disk write column showed was double writes which is accurate. One by Browser, one by Avast. It seems System Informer's value is always accurate one way or another.
I noticed write activities from AVG in the temp folder while watching YouTube. So to properly measure, I opened a YouTube video and set Process Monitor to log activities of the AVG processes only. I played a video for 2-3 minutes. Saved the log as a CSV file and let Claude analyze it. I asked it to tell me about the disk writes.
View attachment 295759View attachment 295760
As you can see in the screenshot, AVG/Avast/Norton do their HTTPS scanning even on YouTube, and for doing so, they have to scan all the contents, including the video streams in real-time to look for malicious contents. This scanning cache for Avast is written in the temp folder, so in your SSD/HDD. Your browser already writes cache in its own cache folder, while this write from Avast is extra. So it seems, if you watch a 100 MB YouTube video, with Avast/AVG/Norton you will end up writing double the amount on your SSD.
I don't know why Avast thinks it's necessary to do HTTPS scanning on YouTube. ESET and Bitdefender, for example don't do it on YouTube, so they by default, avoid these excessive disk writes when you watch YouTube.
This is not just YouTube for Avast, any website you visit, anything that is loaded by your browser, is written temporarily in Avast's cache to be scanned by it. So this is the reason, Avast disk writes on System Informer always keeps increasing as you browse the web. I don't remember seeing this for other AV products with HTTPS scanning, like Bitdefender, ESET, and Kaspersky. Avast's HTTPS scanning method is different. It seems this method causes more disk writes than the methods used by Avast. Others may also cause writes when scanning a streamed content like a live sports match. I did a small test with ESET in a live sports streaming site where ESET was doing HTTPS scanning. ESET wrote 21 MB in 3-4 minutes in the Temp folder like Avast, but I thought I watched more than 21 MB worth of live streaming. So I need to test again.
I did a brief test with Bitdefender also, but Bitdefender doesn't do HTTPS scanning on 8/10 sites I visit, including my current go-to site for watching sports. So it not doing HTTPS scanning on most sites means they avoid these extra disk writes + faster web browsing in most cases.
I haven't tested Kaspersky. Kaspersky usually does HTTPS scanning on most websites, so it would be interesting for me to learn if it causes similar extra writes also.
Anyway, Avast is the biggest offender here. So if you're an Avast/AVG/Norton user, you may want to disable HTTPS scanning.
Avast support doc clearly states that there is a correlation between your internet speed, your HDD speed and Avast's webguard, impacting the speed.
Troubleshooting connection speed issues with Web Guard in Avast Antivirus | Official Avast Support
Learn how to troubleshoot connection speed issues with Web Guard in Avast Antivirus.support.avast.com
Interesting. I decided to try it for myself using Avast Premium, and Resource Monitor didn't reflect the behavior you describe.Anyway, Avast is the biggest offender here. So if you're an Avast/AVG/Norton user, you may want to disable HTTPS scanning.
Avast support doc clearly states that there is a correlation between your internet speed, your HDD speed and Avast's webguard, impacting the speed.
Troubleshooting connection speed issues with Web Guard in Avast Antivirus | Official Avast Support
Learn how to troubleshoot connection speed issues with Web Guard in Avast Antivirus.
I realized that I was wrong about this analysis of mine. I mean writes are only being done in the browser cache, not by Avast is wrong. What System Informer's disk write column showed was double writes which is accurate. One by Browser, one by Avast. It seems System Informer's value is always accurate one way or another.
I noticed write activities from AVG in the temp folder while watching YouTube. So to properly measure, I opened a YouTube video and set Process Monitor to log activities of the AVG processes only. I played a video for 2-3 minutes. Saved the log as a CSV file and let Claude analyze it. I asked it to tell me about the disk writes.
View attachment 295759View attachment 295760
As you can see in the screenshot, AVG/Avast/Norton do their HTTPS scanning even on YouTube, and for doing so, they have to scan all the contents, including the video streams in real-time to look for malicious contents. This scanning cache for Avast is written in the temp folder, so in your SSD/HDD. Your browser already writes cache in its own cache folder, while this write from Avast is extra. So it seems, if you watch a 100 MB YouTube video, with Avast/AVG/Norton you will end up writing double the amount on your SSD.
I don't know why Avast thinks it's necessary to do HTTPS scanning on YouTube. ESET and Bitdefender, for example don't do it on YouTube, so they by default, avoid these excessive disk writes when you watch YouTube.
This is not just YouTube for Avast, any website you visit, anything that is loaded by your browser, is written temporarily in Avast's cache to be scanned by it. So this is the reason, Avast disk writes on System Informer always keeps increasing as you browse the web. I don't remember seeing this for other AV products with HTTPS scanning, like Bitdefender, ESET, and Kaspersky. Avast's HTTPS scanning method is different. It seems this method causes more disk writes than the methods used by Avast. Others may also cause writes when scanning a streamed content like a live sports match. I did a small test with ESET in a live sports streaming site where ESET was doing HTTPS scanning. ESET wrote 21 MB in 3-4 minutes in the Temp folder like Avast, but I thought I watched more than 21 MB worth of live streaming. So I need to test again.
I did a brief test with Bitdefender also, but Bitdefender doesn't do HTTPS scanning on 8/10 sites I visit, including my current go-to site for watching sports. So it not doing HTTPS scanning on most sites means they avoid these extra disk writes + faster web browsing in most cases.
I haven't tested Kaspersky. Kaspersky usually does HTTPS scanning on most websites, so it would be interesting for me to learn if it causes similar extra writes also.
Anyway, Avast is the biggest offender here. So if you're an Avast/AVG/Norton user, you may want to disable HTTPS scanning.
Avast support doc clearly states that there is a correlation between your internet speed, your HDD speed and Avast's webguard, impacting the speed.
Troubleshooting connection speed issues with Web Guard in Avast Antivirus | Official Avast Support
Learn how to troubleshoot connection speed issues with Web Guard in Avast Antivirus.
Perhaps because you are trying this in a private window, I have noticed that Chromium browsers do not write to disk when used in private browsing mode as much as they do in normal mode.
No, it is not superior. Avast's web protection is still many times better. Disabling HTTPS scanning means, it will not decrypt a sites' content to scan. Scanning the HTML to look for malicious code, for example. Sites blacklisted by Avast (HTTP/HTTPS) will still be blocked without their HTTPS scanning feature.
You're unlikely to see Avast process here using any built-in Windows tools including Microsoft's, Process Explorer. It falls under the "System" process usually. This is usually true for even files downloaded via a download manager. The writes in their case will be attributed to the System process. It's something like Avast telling the system to do things on its behalf.
systeminformer.com
The concept of SmartScreen, blacklisting, no realtime examination.
Yeah. Though even SmartScreen does some kinds of real-time analysis, it happens on the server side. SmartScreen is not bad; better than Google Safe Browsing but top third-party AV products like Avast, Avira, Bitdefender, ESET, Kaspersky, etc. are better.
Okay, I ran a new experiment. I asked Process Monitor to show me every CreateFile and WriteFile event occuring inNo, it is not superior. Avast's web protection is still many times better. Disabling HTTPS scanning means, it will not decrypt a sites' content to scan. Scanning the HTML to look for malicious code, for example. Sites blacklisted by Avast (HTTP/HTTPS) will still be blocked without their HTTPS scanning feature.
You're unlikely to see Avast process here using any built-in Windows tools including Microsoft's, Process Explorer. It falls under the "System" process usually. This is usually true for even files downloaded via a download manager. The writes in their case will be attributed to the System process. It's something like Avast telling the system to do things on its behalf.
System Informer can individually identify the process responsible for the activities.
In case of AVG, the folder where this happens is, "C:\Windows\Temp\_avg_\". So for Avast's case, it's probably avast instead of avg.System Informer
System Informer, A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
C:\Windows\Temp\_avast_\.
Yeah, No HTTPS scanning = No writes for network streaming. ESET has no network stream-related writes on YouTube. Avast's HTTPS scanning writes more than other AV products in my test, even for normal browsing, as I explained in above comments.
Yeah, I agree. The benefits don't outweigh the negatives. Bitdefender perhaps has the best strategy for this. Their whitelist to skip HTTPS scanning is very large. They whitelist by certificate issuer, it seems (I'm not 100% sure) and maybe their malware researchers choose which sites should always be scanned based on prevalence and threat telemetry.
because they do not issue their own certificates, the method applied by K and B?
