How lean and mean is your security setup?

Discussion in 'other anti-malware software' started by Kees1958, Jan 8, 2013.

Thread Status:
Not open for further replies.
  1. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Reference - my PC specs:
    Pentium E5200 Dual Core @ 2.5 Ghz with 2 GB RAM, having 5.1 Windows 7 Experience index (Ultimate 32 bits)

    Mean - my security setup
    SRP, UAC, ACL combined with AppGuard and Kingsoft Free Cloud Antivirus (details)

    Lean - my launch results
    Tested with passmark apptimer, 5 runs (download link) of browser, e-mail and media player

    C:\Program Files\Google\Chrome\Application\chrome.exe - 5 executions (opening startpage.com)
    0.4373
    0.3904
    0.4529
    0.3903
    0.4529

    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE - 5 executions (opening two mail boxes)
    0.3436
    0.2965
    0.3123
    0.2966
    0.2967

    C:\Program Files\Windows Media Player\wmplayer.exe - 5 executions (media folders contain 300+ GB data)
    0.1246
    0.0935
    0.0934
    0.0935
    0.0935

    What is yours?
     
    Last edited: Jan 8, 2013
  2. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    Hi Kees...you wrote in both posts Kingston Antivirus...is it correctly? Not Kingsoft AV? :shifty:
     
  3. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    o_O you are totally correct - edited :blink:
     
  4. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
  5. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,935
    Location:
    London On
    Good Evening ! WSA Essentials...AppGuard...Voodoo Shield. Light with a Bite! Sincerely...Securon
     
  6. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,509
    Here's mine for Chrome opening to StartPage. I'll try later to see if AppTimer can be set to test Sandboxied Chrome.

    Reference - my PC specs:
    AMD Phenom II X3 720 Processor @ 3.2 Ghz with 4 GB RAM, having 5.9 (hard drive is 5.9, everything else scores 6.9-7.4) Windows 7 Experience index (Home Premium 64 bits)

    Running WSA-C and MBAM, with what's in my internet line in my sig: Router NortonDNS Chrome: WOT Ghostery ABP LastPass

    C:\Users\name\AppData\Local\Google\Chrome\Application\chrome.exe - 5 executions
    0.3119
    0.3118
    0.3112
    0.3119
    0.3118
     
    Last edited: Jan 8, 2013
  7. Bodhitree

    Bodhitree Registered Member

    Joined:
    Dec 5, 2012
    Posts:
    567
    Interesting testing with this, only other security app installed is Admuncher in all of these test cases.

    Bullguard2013 - Max Settings
    C:\Users\Unknown\Downloads\chromium\chrome-win32\chrome.exe - 5 executions
    0.2181
    0.2441
    0.2336
    0.2181
    0.2337

    Webroot2013 - Default Settings
    C:\Users\Unknown\Downloads\chromium\chrome-win32\chrome.exe - 5 executions
    0.2598
    0.3119
    0.2650
    0.2649
    0.3110

    Webroot2013 with scan files when written or modified off.
    C:\Users\Unknown\Downloads\chromium\chrome-win32\chrome.exe - 5 executions
    0.2650
    0.2650
    0.2806
    0.2754
    0.2754

    Edit: I decided to run clean snapshots, and do more testing..

    EScan v14 -the Re-Write. (They are skipping from v11 to v14 in a week)
    C:\Users\Unknown\Downloads\chromium\chrome-win32\chrome.exe - 5 executions
    2.0467
    2.0313
    2.0469
    2.0412
    2.0151

    MalwareBytesPro (and only MBAM, no other sec product or firewall, clean system)
    C:\Users\Unknown\Downloads\chromium\chrome-win32\chrome.exe - 5 executions
    0.3275
    0.2449
    0.2498
    0.2626
    0.2343

    Nod32 Internet Security w/Advanced Heuristic+Threatsense maxed.
    C:\Users\Unknown\Downloads\chromium\chrome-win32\chrome.exe - 5 executions
    0.2493
    0.2522
    0.2493
    0.2496
    0.2494

    BitDefender IS 2013
    C:\Users\Unknown\Downloads\chromium\chrome-win32\chrome.exe - 5 executions
    0.2493
    0.2755
    0.2497
    0.2443
    0.2495

    Kaspersky IS 2013
    C:\Users\Unknown\Downloads\chromium\chrome-win32\chrome.exe - 5 executions
    0.4369
    0.4372
    0.4212
    0.4368
    0.4055
     
    Last edited: Jan 9, 2013
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Dear members, would you mind providing your system specs for reference?

    By doing a Chrome or IE or FF or Opera launch test, we can create our own reference:

    How much drag and drain do certain security setups cost or the opposite how lean and mean certain setups are.

    Bodhitree, thanks for testing, some surprises, KAV looks heavy, MBAM also. Escan allways had a name for being light, but Bullguard does also very well, thanks for doing these tests :thumb:
     
  9. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Laptop wife: Dualcore Celeron P4600 @ 2Ghz 4GB RAM, Windows 7 Ultimate (32 bits) experience index 4.6

    Running WSA compleet with some GPO hardening
    C:\Program Files\Google\Chrome\Application\chrome.exe - 5 executions, opening google.nl
    0.4206
    0.3738
    0.3738
    0.3579
    0.4050

    Edit: Laptop allways felt a little faster than the Desktop while CPU specs are simular (bottem end dual core's, P4600 Celeron CPU Mark 1533, E5200 Pentium CPU Mark 1493), AppTimer benchmark confirm's this.
     
    Last edited: Jan 9, 2013
  10. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    The problem is, testing on different systems is meaningless, as hardware is vital factor. Even the same CPU and RAM, will give different results on different motherboards.

    Such tests can have sense, only with different security setups on the same hardware.
     
  11. treehouse786

    treehouse786 Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    1,388
    Location:
    Lancashire
    i agree. an old pc with an SSD will get better loading results than a beastly machine using spinning hard drives.
     
  12. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    True, but you really deny impact of security overhead. Would be interesting to see how fast or slow your reasonable high spec system is, because you use Comodo (the program which hides all his overhead). Try it, you will be flabergasted on your results :p
     
  13. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Not entirely true, the laptop has a hybrid harddisk (4GB SSD/250GB HD), it boots in 60% of the time of my desktop, while difference in this test is way less, see pic.

    Also seeing your using Comodo, equally interested in your browser launch times :p
     

    Attached Files:

  14. Bodhitree

    Bodhitree Registered Member

    Joined:
    Dec 5, 2012
    Posts:
    567
    You might want to read closer on the Escan results, it added a full 1.5 seconds to application launch. Bearing in mind this is the latest and greatest v14 incarnation of beta for that. I stopped using MBAM last year because it kept getting heavier, now I see with this test it actually is about as heavy as a full IS suite these days. I highlighted the 2.XXX result on Escan so you don't miss it. The system I tested on is a QuadCore 3.2Ghz Desktop, 8GB CL1 Ram, GTX460OC 4GB Graphics, 7200RPM Sata2 3.0GB/S drive, highly optimized in every category.

    I did try some fast security testing with various ones installed. I was able to infect the BD system in 3-4 minutes, including a variety of BHO's and PUPS, and I got a BSOD after 15 minutes. In all fairness BG2013 is only half-arsed with PUPS/BHO's, it's strength for me is in the URL filtering from Commtouch, and Novashield. I was unable to infect the NOD32 system after 15 or so minutes of trying hard, and 100 URL/Files tossed at it, it even blocked the PUPS/BHOS like Butterscotch and BearShare, which really impressed me. At this point based on above performance, and some testing with these suites installed, Nod32 would be my second choice it is only marginally heavier then BG2013.
     
    Last edited: Jan 9, 2013
  15. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I 've never denied the impact! If anything, i 've been bitching about performance hits for years. :D People call me paranoid because i complain about CPU usage and i/o reads all the time. :)

    I even did so recently about Comodo:

    https://www.wilderssecurity.com/showpost.php?p=2168605&postcount=2

    The good thing, is that now that i have an SSD, even if it's a low performance SATA3 model, i can afford slower applications, because you don't feel the lag so much. But i can still feel the lag with Comodo when i open quickly folders. That's always my "sensitivity" test. I can both feel a lag and hear different clicking sounds with the headphones when something (like Comodo), is lagging a bit.


    Anyway, for your joy... Avast with only File Shield and Behaviour Shield installed, Comodo and WinPatrol (shadow def running in background but not enabled).

    Phenom II x6 1090T, 8 GB DDR3 1600 MHz, low performance SATA3 SSD (WEI: CPU 7,5, RAM 7.5, Drive performance 7,9)


    C:\Program Files (x86)\Windows Media Player\wmplayer.exe - 5 executions (has kept only the last mp3 i played in library's memory).
    0.0586
    0.0535
    0.0498
    0.0485
    0.0498


    C:\Program Files (x86)\SRWare Iron\iron.exe - 5 executions
    0.2318
    0.2210
    0.2060
    0.2185
    0.2227


    C:\Windows\system32\notepad.exe - 5 executions
    0.0861
    0.0710
    0.0710
    0.0698
    0.0711


    When i will unistall Comodo (i hope not soon), i will re-do in order to compare.

    All 3 show the first execution slower, probably because i use "balanced" power plan and so the CPU is down to 800Mhz at the first execution, while it probably doesn't make it in time to drop back to 800 in the successive executions, so it performs better.
     
    Last edited: Jan 9, 2013
  16. Bodhitree

    Bodhitree Registered Member

    Joined:
    Dec 5, 2012
    Posts:
    567
    Ugh my power settings were balanced as well, they should have been high performance. I think when I restored an old snapshot it set them back. Time to fix that!

    Also, I found cheap SSD's to not be that much faster then fast platter drives. I need about 1 terabyte of space, so an SSD isn't workable for me. But I can toss the browsers into ram depending on machine and probably boost the speed quite a lot. I did that in the past but don't worry about it these days.
     
  17. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,509
    Would our different speeds of internet connections affect the score when testing browsers with AppTimer?
     
  18. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    I want my Setup to be MEAN against Malware; not Lean against Timers...;)
     
  19. Bodhitree

    Bodhitree Registered Member

    Joined:
    Dec 5, 2012
    Posts:
    567
    You can have both, really as a few of the top products seem to be very similar to Windows without a product installed, yet some seem to grind a system down to nothing.. But I generally won't compromise speed for security, as I use RollbackRX which allows me greater flexibility in the unlikely event against an infection. Just play it safe, and infections are unlikely. I come from Linux, and only run Windows due to gaming. Linux is far superior in speed, partially because of the lack of overhead on the system from security applications. So I tend to go for light and snappy, as it grinds me to use Windows that feels sluggish.

    I have considered running Windows without any security software simply because of Rollback capabilities. It is something I am seriously considering, as avoidable of porn/cracks/torrents generally eliminates a huge amount of potential threats. Also I use an enterprise level security appliance/router, which filters packets for malware. So I don't need to go insane with software applications to be honest.

    I think a lot of people will find the true nature of the impact on their system if they run these tests, and will be absolutely shocked. Especially guys around here running MBAM along with other apps, or stacking security applications. I'd like to see some postings with results from those type of system. I reported WSA starting to get heavier a few patches back, but most said I was exaggerating, when I had actual throughput benchmarks showing a 12-15% loss in speed. The above shows, WSA is actually quite heavy in terms application performance.
     
    Last edited: Jan 9, 2013
  20. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Yeah, because in real life, what really matters isn't the max consecutive read or write speed, that SSD manufacturers advertize, but random 4k read/write speeds, which are way lower than the advertized speeds, even for fast SSDs. I 've seen some more expensive SSDs than mine, having similar 4k read/write performance. The top speeds manufacturers advertize, come out only when you do humongous tasks that require continuous disk access, like imaging your disk of a full antivirus scan. Moreover, SSDs with time show a performance degradation compared to when you have just installed them, which is natural. But in anycase, even a low performance SATA3 is clearly faster than mechanical SATA3 drive. With SATA and SATA2, the difference may feel less.


    Me too, although i have images at the place of Rollback, which gives me event viewer errors so i don't use it now. The bad thing, is that with SSDs, you don't want to restore images often, because they write a lot on the SSD and you don't want that. Avoiding drag is also why i always install Avast with just file and behaviour shield. I don't want the extra drag and specially i don't want http scanners that inevitably will slow down browsing. Comodo already makes up for any security gaps Avast may leave and it's as much of extra drag as i can endure.

    Or if they restore an image with freshly installed Windows and no security and navigate quickly through the folders. Then you see really the difference, everything just seems to be snappier, folders open quicker, windows pop up smoother... If you have the same installation for 1 year, clogged with remnants and drivers from uninstalled applications, running AVs and a bunch of other security applications, then it's like you get addicted to clutter and slugginess and you can't feel the drag.
     
    Last edited: Jan 9, 2013
  21. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I think that program times the speed to launch the application, not the time that the application needs to load an internet page. In my case, my default page is the speed dial, so it doesn't actually load anything.
     
  22. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Here's why even on SSDs, if you overdo it with resource hog applications, you will feel the impact.

    This is one of my storage drives. It's a SATA 2 mechanical drive, made for capacity, not speed and very fragmented. Anyway:

    2.png

    Here's my SSD (SATA3 but cheap), advertized as having about 500 mb/s read speed and 450 mb/s write speed. Uh, yeah, whatever.

    1.png


    Now the first number is what SSD manufacturers use as pubblicity and even that, is bollocks. Even on expensive models, it's bollocks. Better than mine, but way lower than advertized. Instead of 500 it's 200...

    The problem is that the highest number in the first score, is something you will see only in rare occasions, like imaging your entire disk, when it will have to do massive consecutive reading. In fact, imaging and restoring images is noticeably faster.

    But unfortunately, the most real-world scenario is the random 4k speeds. SSDs are several orders of magnitude faster than HDDs there too, but the imaginary speeds of "500 mb/s", in this case become more than imaginary.

    So, fact is, that in real life use, my SSD is at 19 mb/s realistic read, not at 500 mb/s as the manufacter advertizes. Way faster than my SATA2 HDD, but, considering background processes, the pagefile that is on the SSD and the impact of security applications, isn't a speed that you can't possibly feel the lag no matter what you do. And the more applications you have running that need to read and write at the same time, the more you will feel the lag. Scanning with the AV for example, definitely brings the SSD to a very noticeable slow down. If the manufacturer's claims about 500 mb/s were real in realistic use, there would be no problem. :D

    And a last issue is latency. Again, better than HDDs, but SSDs still are affected by latency and the more NAND modules have to be accessed at the same time, the worse it gets. So. as you pile up more scanners, HIPS or whatever applications that need to read or write to the disk, the performance degrades more. Plus, TRIM in time tries to distribute the wear equally on various areas, so files get naturally fragmented. The more files it needs to access at the same time and the more they are fragmented, the more the drag. This is why SSDs with time feel "slower" than in the day you purchased them and first installed. Even the built-in controllers can't do magic tricks to perform multiple access to different NAND modules at 0 latency.
     
    Last edited: Jan 9, 2013
  23. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    Win8 Pro 64-bit, AMD P340 DualCore 2,2GHz, 2GB DDR3 1333MHz, HDD 5400RPM ( WEI: CPU 5.1, RAM 5.5, HDD 5.8 )

    C:\Users\...\AppData\Local\Google\Chrome\Application\chrome.exe - 5 executions
    0.3269
    0.3112
    0.3269
    0.3112
    0.3269

    C:\Program Files (x86)\Windows Media Player\wmplayer.exe - 5 executions
    0.0604
    0.0620
    0.0767
    0.0774
    0.0615

    C:\Windows\System32\notepad.exe - 5 executions
    0.0926
    0.0773
    0.0774
    0.0774
    0.0772

    Security pasive: as mean as possible ( BlackViper services disabled / DEP default on / OpenDNS / UAC at max / WiFiRouter ).
     
  24. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    :D were not that different in regard to CPU% (spikes) and disk I/O

    Anyway your CPU is about three times as fast as mine (PC Mark vantage 12164 versus 4243) and Comodo and WinPatrol take you down to "only" 50% (twice as good) the launch times for Chrome.

    Were pretty nerdy about this, or to qoute Raj Koothrappali "what would normal human beings be doing at this time" :argh:
     
  25. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    @TOMxEU that is lean man, but is it still mean (with nothing)? ;)
     
Loading...
Thread Status:
Not open for further replies.