Does adding virus definitions slow down NOD32?

Discussion in 'NOD32 version 2 Forum' started by Culvin, Jan 1, 2005.

Thread Status:
Not open for further replies.
  1. Culvin

    Culvin Registered Member

    Joined:
    Jan 1, 2005
    Posts:
    47
    Specifically, does it make a perceivable slowdown?

    I'm asking because the only thing stopping me from buying and recommending NOD32 is the fact that I've seen it miss too many viruses, namely trojans, that KAV picks up. I've read the other threads where Eset discusses their somewhat slow response time in adding new definitions, and my understanding is that they want to keep their virus definition base "clean." So this leads me to wonder if there really is a noticeable slowdown in performance from adding virus definitions.

    I abosolutely love how light NOD32 runs on a system -- it's just that NOD32 doesn't make me feel safe from trojans while surfing online in its current state.

    If Eset's issue is slowdown, I can completely respect this as they've built a reputation as the lightest, reputable antivirus available. I just wish they'd cover more of the big trojans that their heuristics miss. If there's another reason for the smaller virus base (compared to Kaspersky and Mcafee), like Eset is more concerned with improving their heuristic engine, then I'd like to hear it.

    And yes, I know that good anti-trojans are available. But I end up paying more than if I had just bought KAV, and I lose NOD32's best selling point for me: lightweight, real-time protection.
     
  2. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    You can download a totally free Ewido for instance that can be used for Trojan catching. I know that the guard is missing in the free version, but if you really need it you can always fo a daily sweep yourself of course.
     
  3. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Edwin,

    Since this thread just now got started....and to prevent this thread from turning into some kind of an off topic 'competitors' thread....let's Please stick to the NOD32 question posed by the thread starter and leave other AT's out of this discusion.

    Regards,
    Bubba
     
  4. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    Hi Culvin, welcome to Wilder's. Personally, I feel much safer with NOD's tremendously improved detection of the malware that it sounds like you're describing--which are some of the downloader/spyware trojans that may try to infiltrate through your browser. If so, IMO, NOD32 provides some of the best protection against this kind of threat with it's dramatically improved IMON module--and there are many users around who can substantiate this.
    I would be very interested in NOD32 covering these "missed" trojans as well. Which trojans are these? Do you know if they've been submitted to ESET for inclusion in their database?
    Different AV companies define "viruses" differently. The companies you mention tend to include many definitions that identify files that are technically harmless to your computer, or the computers of others. There are those that appreciate this approach, and those who prefer their AV to identify only the specific file that can "do you damage".

    All of the AV's you mention are good choices for your PC.


    ;)
     
  5. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    The thread starter has doubts, so much is what i picked up from his question. I just informed him what to do so that he can use NOD without any fears... Nothing more, nothing less. It is an answer to the NOD question.
     
  6. Culvin

    Culvin Registered Member

    Joined:
    Jan 1, 2005
    Posts:
    47
    Basically when KAV intercepts malware, usually a trojan trying to get through Java, I'll quarantine it and then submit it to Jotti's malware scan to see how the other scanners do. While I haven't come across too many trojans, at least half them were not recognized by NOD32 but where by Kaspersky and a few others.

    That being said, I'm very greatful to Eset for allowing NOD32 to be apart of that malware scan. A couple popular vendors "requested" to be removed from it, and I'd never buy or recommend a virus scanner that isn't willing to have it's results listed against other scanners the way Jotti's malware scan does.

    Edit: The latest, comprehensive antivirus comparison I've found would seem to suggest that NOD32's detection is lagging just a bit (namely when compared to giants like Kaspersky and Mcafee), especially due to its score in trojans. The comparison is from AV_Comparatives: http://www.av-comparatives.org/seiten/ergebnisse_2004_08.php

    And I appreciate that, but as I said I feel NOD32's main strength comes from it's fairly powerful, yet lightweight real-time protection. Running a dedicated AT real-time along with NOD32 would negate this bonus (and add cost).
     
    Last edited: Jan 1, 2005
  7. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    There is ceratin slowdown with every new signature added,but i belive its almost impossible to mesure its effect. It's simply too small.
     
  8. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    I have both NOD and BOClean running real-time on a game machine
    with no noticable impact on performance. In addition I have a KAV AV on two other machines and one of the free AVs on a fourth machine.

    All of these AVs are good at detecting current infections. However, I
    feel more comfortable with the BOClean/NOD combination running resident over the rest because it stands a better chance of detecting 'zero-day' infections due to NOD's AH.
    https://www.wilderssecurity.com/showthread.php?t=58482

    Also Retrospective/ProActive Test:
    http://www.av-comparatives.org

    Plus I like the NOD IMON HTTP scanner, with AH marked, to stop possible
    infections from ever downloading to the machine by terminating the connection.
    Example:
    https://www.wilderssecurity.com/showthread.php?t=54093
     
  9. -z3r0-

    -z3r0- Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    74
    Location:
    Pittsburgh PA

    What are you saying that Kaspersky is a better overall package than NOD32? I am trying to decide between these 2 and am having a hard time.
     
  10. Culvin

    Culvin Registered Member

    Joined:
    Jan 1, 2005
    Posts:
    47
    Thanks, that's what I've been wondering. Hopefully NOD32's detection will continue to close in on the big guys (Kaspersky, Mcafee, etc).

    I went ahead and posted my opinion on this in your thread so that I don't derail this one.
     
  11. ChaosBlizzard

    ChaosBlizzard Registered Member

    Joined:
    Jan 6, 2005
    Posts:
    44
    One thing you want to make sure you do is keep your JAVA plugin/runtime updated. You don't want a security hole in that application to allow something to execute or overflow. You should notice that the SUN company comes out with quite a few revisions every year.

    Also, I don't see how a small def file can slow down a program written in assembly.. It is one step short of being in machine language, which is needless to say VERY fast.
     
Thread Status:
Not open for further replies.