Norton / Symantec Internet Security and AV - bum rap for resource usage?

Thanks guys.

Amazing. This is a first. But I will heed the advice! Much appreciated.

 

and a review about the "poor" performance of NIS 2006 from Cnet (cough cough):

Yes, even "independent" reviewers can be affected by the (excellent) observations that Randy_Bell has made. Too quick to judge is the aforementioned reviewer, say I

while there findings aren't totally off base, I think that they fail to look at the bigger picture. True, MS Office docs take a little longer to load as I hinted at in my first post. This is because NIS launches a new process to specifically scan these types of files. I do not really notice the slowdowns with Outlook though. Lastly, I, as many, would never run a full system scan while using my computer so I believe that point is a little unjust.

Overall, I would again say that my system is faster with NIS 2006 than most other AV products and security suites. All other applications and file types load extremeley quickly, and internet speed is completely unaffected.

And those Staples + Symantec deals are really hot! Do I detect some fatwalleters on this board?

 

Ok, so I decided to give Norton IS 2006 a try on my extra machine. I found it cheap at my university's software store. I have been running it for a few hours and can say that I do not notice any system slow downs on this computer. There are quite a few addtional processes running but, web surfing, opening different apps (visual studio.net/ office), startups, and shut downs all seem normal. The only thing that seems to take a while is opening the Norton IS control panel itself. Firewall rule creation seems pretty straight forward, my only complaint is not being able to make the firewall configuration window bigger. So for now this security suite will stay on my extra computer, since I do not have a reason to remove it.

 

Hi all,

I reformatted yesterday and I wanted to see if the parental filter was using so much ram because I had multiple accounts running. Right now I only have an administor account running and the parental filter is now using 102MB of ram to run 2 MB more. There is no web browsing slowdown, but programs do run slower. Too bad. Back to K9.

 

Bum rap!.You must be kidding, right?.Another thing i'm noticing that more and more nasties are getting by norton and only detecting them after there in your computer.And it's having a hard time removing them too.It just shows that norton doesn't seem to have the best detection rates anymore.You don't see Kaspersky, F-secure users in the forums asking why they have a virus when they're using a suppositely good antivirus do you!.

 

I believe the thread title is speaking of "bum rap" with respect to the "resource hog" label; it has nothing to do with detection rates relative to other AVs .. My thinking as is others', is that many comments about hoggish resource usage are based on older versions of Norton when in fact the newer versions {2005-2006} are quite improved in that dept as attested to by myself, BigC, et. al.

From all the reported cases that I have seen, [I think] the vast majority of them are cases of spyware slipping through. Personally I don't think AntiVirus is equipped to stop spyware even when/if it adds the stuff to its definitions. What I am suggesting is {and people biased against the popular AVs usually don't accept this idea}, if as many PCs population were running another AV, even KAV or NOD, and given how reckless many people are in their surfing habits, you would see the same phenomenon with other AVs resident on those PCs. It just happens unfortunately that Symantec has the lion's share {McAfee the second largest} and they will get blamed.

Also people are often running older engine / version of the software that is not as aggressive against spyware {only 2004 and higher engine detect the expanded threats added to signatures}. I have noticed that NAV is getting more and more aggressive against spyware with each release {2006 being the strongest one} -- still though, given people's irresponsible behavior and lax security, I really don't think any AV alone will be able to stop this stuff from slipping through; adware and spyware has many "infection vectors" or points of entry.

I have EarthLink for ISP and they {like RoadRunner} have a virus blocker powered by Symantec and it seems to do a good job against traditional malware -- no worms, virii, etc. get through that I have seen. Spyware is different because it strikes through people 's surfing, especially through unpatched-IE and ActiveX, new vulnerabilities being found everyday, etc. So I think Symantec is *trying* but an AV alone cannot stem the tide IMHO. Spyware stoppage and prevention requires an arsenal of tools {AV being only one tool} and it requires responsible security knowledge & practice from users too, IMHO.

And in the meantime, Symantec will ALWAYS get blamed; I have pretty much gotten used to it. I have found myself wishing that other AVs would gain market share so that THEY might become the "Whipping Boy" once people realize the AV just isn't equipped {alone, by itself} to stop this stuff.

One other point of the usual argument made, {as you seem to suggest here}, people will say "I haven't seen any infected boxes running Alternative-AV-X" {usually KAV or NOD} -- which I don't doubt their word but ..

.. besides the obvious statistical thing about the relative populations of PCs running different brands of resident AV .. It just seems very obvious from watching Wilders {for example} that the folks who switch to NOD or KAV are ALREADY more security conscious users .. Who are for that reason ALONE less likely to get infected ..

I mean, those folks are the type of security savvy people who might manage to escape infection even if they had NO resident AV .. Couple that with the excellence of those AVs {NOD and KAV} in defense / detection / prevention and it adds to the skewed picture of things ..

.. Whereas the majority of the bozos and clueless will be found running the popular {often preinstalled or OEM} brand of AV -- Norton, McAfee, Trend Micro -- with Norton having the lion's share .. many times without even current definitions / sigs [most these bozos just have no clue ] ..

I happen to think, especially with spyware prevention, but really with prevention of ANY type of infection .. that user habits and good computing practice FAR outweigh choice or brand of AV .. all the decent AVs will detect ~100% of ITW stuff ..

In Summary:
1. NOD & KAV *are* very very good scanners and offer some of the very best protection available {don't want to take away credit from them, they are quite good}.
2. Users who switch to those AVs also tend to be more security savvy to begin with, and thus less likely to become infected regardless of AV choice.
3. Users of the popular AVs will contain higher proportion of "clueless" users who IMHO are the type of folks who might manage to get themselves in trouble even if they had the strongest protection {NOD, KAV}.
4. User behavior and knowledge IMHO outweigh choice of AV, in determining likelihood of getting infected.

All those factors will point to what is witnessed with the popular AVs being blamed for the problem, IMHO.

 

Randy, what a great post.

I was one of those that tried NAV 2004 and it slowed my then 256B ram machine to a crawl. 1 day later I unistalled it. I instantly believed everthing I had heard before about Symantec and it's bloat. Fast forward, and I wanted a suite for cost and family factors. Someone on the board moved me in the NIS 2006 direction. I recieved it as a gift, that way if it was horrible I would not be out a dime. I have to be honest and say I am more than impressed with the complete set of protection tools NIS includes. Once the parental filter is off everythong runs very, very quickly....using roughly 42 MB ram.

 

There are too many user complaints out there for it not to warrent the rap it does receive.Is there problems with every single computer that's running it.Of course not.But in my opinion, there is way more than a quality product should.And to add to this, i felt the norton users needed to know what i have been seeing on alot of different forums.That being, its got detection problems right now.Especially trojans.A few of us have been trying to help this troubled woman the past few days with her computer.She runs norton and right now a trojan got by and rendered norton pretty well useless.She's also dealing with a rootkit.So much for being protected.

 

I empathize, with this womens plight, but this thread is on resource.

If I take your thinking Tobacco, then KAV is the worst product for detection I have ever used. I say this because something that KAV should easily have picked up it did not. Luckily I still had AVG pro on as an on demand scanner and it cleaned it right up.

BTW...before the KAV users freak out...I am sure it was a fluke when it happened.

 

It deserves every bit of the resourse hog reputation it gets.There, ya happy!.

 

Did you actually try 2006 version??

 

Hey,,, all opinions are welcome. Could you maybe elaborate on why Norton was taking up so many resources?? Was it ram or cpu usage?? Was it a certain process, like I noticed with parental filter?? What setup are you using for a computer. I know my beat up old office PC slowed too a crawl with any Symantec product. Of course it has 128MB of ram . Cheers, and thanks for the input.

Mikel

 

As nicM was suggesting, I don't think tobacco has tried the product. For your PC with only 128 Megs of RAM, for sure you need to try one of the lighter AVs. I run older versions of Norton {2001, 2002} on my old PCs which don't have much RAM or CPU and those versions work fine but the newer versions {2005, 2006} of Norton would as you suggest bog down such a PC. Use a different AV on that older PC, is your best bet. NOD32 is a very good one to try for lighter footprint.

P.S. Of course all opinions are welcome, but bashing is *not* IMHO .. tobacco seems very much into bashing all things Norton ..

 

I will start out that NIS2006 has never given me any headaches other than the memory usage. I use the fast uaser switching feature of XP, and that then creates a copy of all the CCxxxx.EXE process for each user.

Here is a screen shot of the task manager with 5 users logged in and none but me (Calvin) have any appliactions running.

http://home.comcast.net/~ckrusen/Taskman_shot.bmp

As you can see, the NIS total foot print exceeds 137 MB, and for long periods of time the CCAPP.EXE or CCPROXY.EXE may consume more than 80 % of the CPU time. And there have been time when CCPROXY tops out at 105 MB by itself, and each users instance of CCAPP exceeding 64 MB.

I'd put more memory in my machine, but it tops out at 512 MB.

Any thoughts on wrangling the CCAPP and CCPROXY memory useages?

Thanks,

 

After using NAV for years, when I installed a new hard drive, I decided to try something else. First, I tried AVG Free. I didn't check on resource use very closely, but I think it was about 17MB. Then I decided that AVG wasn't enough protection, so I bought BitDefender9 Standard. Using the Task Manager, it seems that the three components of BitDefender9 use between 20-35MB of memory while monitoring my computer's online usage.
I'm not a big fan of Symantec, but it appears BitDefender9 is not exactly a lightweight, either. I guess my question would be; what is considered low resource usage by an AV program and what is the tradeoff in protection for that low usage?

 

Here is a chart that shows the resource use of several popular AV's I would just take it as a reference not as gospel.

 

@bigc73542
How old is this chart, and what's the source. According to my experience with the listed products this chart gives faulty data. Besides, what does memory usage say? It's about CPU time and VM memory usage what counts the most.

 

Like I said in the post it is just a reference not written in stone and it is from 2004. and I do use NIS 2005 and do not use anymore than the chart shows.

 

Another Norton rant

Yes, I do hate Norton! I am a technician for a local ISP and it is unfortunately the only thing we sell (but I'm working on that ) I regurally do cleanup on about 10 systems a week, most of which purchase Norton from us because it's what we recommend*. Most of these systems run Celeron processors and have 256MB of ram or lower, where I doubt most consumers on this site use that little still. The performance hit of Norton is muuuuuch more obvious on these lower end systems (obviously) . When I run my cleanup scans, I normally have Nod32's trial version and Ewido's trial version running actively, performance loss? Hardly.

After I finish cleaning the systems, then I'll start to install (er, try to install - It's very common for me to get a variety of error messages trying to install NAV) and the performance hit is instantly noticable. Not only does it take upwards of 15 minutes to install while Nod32 is done in less than 10 seconds most of the time, the computer is slowed down to a crawl. 40,000K completely destroys these low cache systems.

In a consumer environment where the customer often looks for the cheapest PC possible, Norton is DEFINITELY not a good idea to prepackage with.






*is what I'm told to say

 

Well in my shop where I sold and installed norton products for a very long time (12 years) I noticed a slow down on some very old comps and then we would use an alternative antivirus. But now on most computers with at least 500mhz processor and 256 ram you can run the 2005/2006 Nav antivirus, a little stronger machine is preferred but it will work on them. And the detection rates are great with Norton.

http://www.av-comparatives.org/

 

I'm talking systems running XP, Norton Antivirus 2006 and 1Ghz +, the slowdown is very noticable by comparison. I have been here for a little over a year and a half now and it is the worst part about my job.

 

Yep different people have different results. I have not seen the slow down with XP and at least 1gig proc. and 256 ram with Norton 2005/2006. But all computers are not the same so there are bound to be different results. But Norton is getting better all the time and the trouble is a lot of people are still quoting the problems they had with older versions and they don't even equate in the the way the newer version perform. But I do fully realize that there will always be people that have problems with all and any software,that is just the nature of the beast. None of it is perfect, but I guess we can still wish.

 

Of course not, I know better than to second guess professional opinion.

Stuff like this just really annoys me though:

http://service1.symantec.com/suppor...NAV_CTO_Action_comm&error=1603&build=Standard

Of course it doesn't fix the problem at all

 

First off, I think all computers with Windows XP should have at least 512MB of memory, it's one of the places corners should not be cut.
While I was using Norton(for 3-4 years), it caught lots of viruses, definitions seemed to handle even the most recent viruses.
My first major Symantec complaint came when one of their security licenses expired and when I used the Live Update, it really hosed my system(along with tens of thousands of others). Symantec just pretended it wasn't happening, leaving users to figure out and solve the problem. After that, it seemed the Live Update never worked right again so I had to download definitions off the Symantec website, then install them. So I had all this update software running that I couldn't use and it seems that NAV always came with components where you were wondering what it was and what it was doing.
I was much happier with the older versions of NAV, I thought recent versions were not getting better, maybe getting worse, so I jumped the Symantec ship when I replaced my hard drive.
BitDefender is not exactly a lightweight either, but so far it seems to be doing the job and a bit less of a computer "takeover" than Norton.

 

If I had my way, all computers would definitely have atleast 512MB and decent a decent cache on the cpu, but companies insist on pushing those POS, so I continue to wish Norton was less bloated. Live Update has suprisingly not given me any issues in the year and a half i've been installing it (Windows Update on the other hand.... ).

I don't have any complaints about Norton's signature files though. It would be nice if another scanner used Norton's engine.. (maybe even with some advanced heuristics thrown in!!! )