Main Area and Open Discussion > General Software Discussion
Scott Finnie unimpressed by NOD32 ...
Ralf Maximus:
Thanks for the benchmarks! It's nice to see all those listed side-by-side.
NOD32: 105 seconds first lap; 63 to 73 seconds subsequent laps
-tranglos (November 16, 2007, 08:54 PM)
--- End quote ---
Do you have NOD's the "self-extracting archives" and "unpackers" option turned on, and if so are many of the files you're copying self-extracting or compressed with UPX?
Also, heuristic scanning (while wonderful) causes a performance hit.
Not suggesting you turn any of that stuff off, just curious.
tranglos:
The amount of false positives drove me nuts, the interface when it detects something is a disaster. Why? Well, let me explain. In their infinite wisdom, they made it so that it can't be resized, and because of this it is impossible to read where the file it detect is actually located if it's several folders deep. When you then combine this with all the false positives, you can imagine how frustrating it can get as you sit there trying to decide if you should let it delete the file it just detected as being infected, without having any idea what file it is actually talking about. It should be easy enough to fix, but now almost a year later it still behaves the same way.
Another thing that I thought was really cheap on their side is that they don't let you scan drives/folders on a network with the regular paid Premium version. Oh no, then you have to give them even more coins >:(
-Dirhael (November 16, 2007, 08:48 PM)
--- End quote ---
I completely agree about false positives, although Avira only stubmles on two on my system, and zipping them up helped. The interface is clunky in general, and the free version I've been using won't let you configure the update schedule, so it kicks in at the most inopportune moments. Also, a few months ago they took to putting up an "upgrade" banner ad right on top of all other windows as the update progresses, every day. It's free, so I don't blame them, but I don't want to have to see the banner either. I first tried their suite, but as I mentioned before, the firewall was killing the system.
My main problem finding an optimal AV is lack of viruses on my system :) In 16 years of computing I've only had an actual infection once, back in the days of DOS 6.13 (it was an MBR virus and I fondly remember getting rid of it with Norton Disk Editor and thus saving my data). Meaning, if I see a virus warning, it's a false-positive from Avira - or a valid warning about an infected attachment, which TheBat had already sent to spam folder and I wasn't even going to see it. Meaning, I cannot differentiate between AV products based on detection, I can only trust people like av-comparatives. So I choose instead based on performance, resource consumption, feature set and UI. NOD-32 wins on the last three counts, Avira wins the first one.
tranglos:
Thanks for the benchmarks! It's nice to see all those listed side-by-side.
NOD32: 105 seconds first lap; 63 to 73 seconds subsequent laps
-tranglos (November 16, 2007, 08:54 PM)
--- End quote ---
Do you have NOD's the "self-extracting archives" and "unpackers" option turned on, and if so are many of the files you're copying self-extracting or compressed with UPX?
Also, heuristic scanning (while wonderful) causes a performance hit.
Not suggesting you turn any of that stuff off, just curious.
-Ralf Maximus (November 16, 2007, 09:06 PM)
--- End quote ---
I'm pretty much using the default config (for the testing), so let me check... Heuristics ON, Advanced heuristics OFF, Runtime packers OFF.
On edit: On the main config window (posted by Curt above), all three of these options are ON. However, Runtime packers and Advanced heuristics are OFF in the dialog shown after clicking the "Setup" button for "ThreatSense engine parameter setup". That's confusing!
But what really got me was trying to view a plain-text file (with an unregistered extension though). Not an executable and certainly not compressed. I didn't time this exactly, but the delay was certainly more than 5 seconds, when using the View command in Total Commander. I've had to switch from scanning all files on access to scanning selected extensions only.
I'm a bit of a speed freak when it comes to the system. Since I spend so many hours in front of it, I hate having to wait for anything, and have just put together a system that doesn't make me wait, mostly. As a result, I may be giving more weight to performance than I really (rationally) should.
Ralf Maximus:
I'm a bit of a speed freak when it comes to the system. Since I spend so many hours in front of it, I hate having to wait for anything, and have just put together a system that doesn't make me wait, mostly. As a result, I may be giving more weight to performance than I really (rationally) should.
--- End quote ---
No, I'd say you're justified in your concerns. Five seconds here and ten seconds there can add up over the span of a few months. If you routinely move massive files, it's certainly worth it to optimize where you can.
The part I find interesting is that NOD32 appears to expend a lot of processing effort (looking at your "subsequent laps" numbers) as opposed to being I/O bound. Would a quad-core overclocked monster workstation turn in better numbers?
Anyway, I do appreciate your real-world benchmarks. Thanks!
J-Mac:
I've been using NOD32 (currently using 2.7) for two years now and have not sen a speed issue thus far I have it configured to Blackspear's Extra Settings, which basically is a command line configured scheduled scan that is pretty comprehensive IMO. I haven't seen any particular delays, though that scan - scheduled weekly - takes about 3 hours from start to finish. Not as bad as NAV or McAfee were some years ago on a much smaller PC. Though it is a lot longer than TrendMicro ever took - but I was never impressed with TM's thoroughness.
My biggest issues with Eset is their lack of decent notification - both of updates/upgrades and of license expiration. They do neither at all and you must go to the web site and check to see what upgrades are available. And for your subscription expiration, contacting support gets a reply of, "Please refer to the email you received when you purchased NOD32 for the expiration date." Unheard of nowadays.
Jim
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version