Do Antivirus Suites Impact Your PC's Performance?

Features
By published

Most of us are now fairly confident that our antivirus scanners are doing their main job of protecting our systems from malicious pests. But what are those scanners doing to system performance behind the scenes? Are some scanners better than others?

Scanning Time

Antivirus scanning is an odd beast. Everybody wants to know the numbers, but the means with which the results are generated can be so various as to be meaningless. Moreover, we come back to real-world applicability. If you’re running a deep scan in the middle of the night, do you care if it takes 10 minutes or two hours? If, for some strange reason, you run a scan while working on other tasks, do you care so long as there’s no noticeable impact on system resources? Honestly, we don’t. But for those who like numbers as a way to grade product options, here goes.

The first full system scan will almost always be the slowest. This is because most AV products perform some caching. The rationale is that, provided no malware is detected in the system, why reinvent the wheel? Why burn a lot of time and cycles performing deep inspection on files that are already known to be safe? This is akin to doing a differential backup rather than a full system backup.

AVG and McAfee are the big surprises here. In fact, there almost seem to be two approaches to deep scanning. Is it a coincidence that AVG and Kaspersky are in the back half of AV-C’s missed samples results? Maybe, but so is Microsoft, which is our second-slowest scanner behind GFI.

Subsequent deep scans seem generally to accrue cached data until a steady performance level is reached. For example, our three subsequent scan times for Symantec were 29:50, 6:01, and 6:15. Microsoft progressed from 1790 seconds to 361 and 375, or just over six minutes. So, our mean times reported here are actually skewed to the high side in cases where caching progresses to an eventual baseline. The notable exception is GFI, which clearly does not cache and exhibited no drop-off from the first scan to subsequent scans.

More about antivirus

Microsoft Defender can now detect insecure Wi-Fi hotspots and enable a VPN — you need to pay for Microsoft 365 and live in a supported region

U.S. customers wake up to find Kaspersky antivirus sneakily replaced with UltraAV — switchover caught many users by surprise

Arrow Lake die shot shows off the details of Intel's chiplet-based design
See more latest
114 Comments Comment from the forums
  • dogman_1234
    Regardless what anyone says: Using McAfee is like using a Glad garbage bag as a condom.
    Reply
  • Martell77
    I've been using Trend Micros AV since y2k and haven't had a reason to switch. Because of the systems my clients have I never recommend Norton or McAfee and if they have it I always recemmend they switch. Its truely amazing how the performance of their systems increases after getting rid of those AVs, especially Norton.
    Reply
  • soccerdocks
    On the scanning time page there is an error in the second graph. It also says first run.

    Also, the timing of this article was excellent. I had just been doing some research about what anti-virus software I should switch to, mainly based on performance, but I guess I just got all the information I needed.
    Reply
  • compton
    Some of the results seem mysterious, like all the times the no-AV configuration scored lower in many tests than it should be faster in. Is it possible that using the Wildfire as the system drive instead of the platter would have eliminated this behavior? In general, I hope there is a second part to this that does include SSD runs. I would think any advantage AV products have vs. the no-AV config would evaporate.

    I stopped using AV products on my personal systems back in 2003. Norton back then was god-awful on a Pentium 4 systems, seemingly crushing the life out of a system. Even with a first generation WD Raptor 36GB my P4 2.6 would choke not only with Norton, but also McAfee. I might not use AV software, but I do put it on my family members' systems when it doesn't kill performance. In that respect these modern solutions seem much better.
    Reply
  • ChiefTexas_82
    On my Pentium D I have to run McAfee when I'm gone for a good while or sleeping as my computer slows to a crawl during the scan. Even bringing up the menus to stop the scan take way too long.
    Reply
  • darkstar845
    Why didn't they test this on a computer with average specs? The 8gb ram and very fast CPU might be offsetting the impact that the AVs put on the computer.
    Reply
  • bit_user
    Thanks for this. I remember the bad old days when AV could make software builds take several times longer.
    Reply
  • cdhollan
    While my comment is completely tangential, but my inner chemical engineer can't resist making a small correction in what is otherwise a great article:

    >>Apparently, this is somewhat like saying you can boil water at 230 degrees Fahrenheit instead of 260 degrees. As long as the water is at 212 degrees or higher, no one really cares.
    Reply
  • rottingsheep
    installing vipre speeds up your computer?
    i think something is wrong with your numbers.
    Reply
  • Amazed ESET is not being tested considering it sells itself on its performance over the competition while maintaining the same levels of protection.....
    Reply