Re: Followup re AntiVirus Scanners; Nod32, Kaspersky, etc

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

On Fri, 17 Jun 2005 16:51:23 +0100, Nightowl <owl@[127.0.0.1]> wrote:

>_RR wrote on Fri, 17 Jun 2005:
>
>>Nod32's control panel also allows temp-disabling of 'AMON,' their file
>>monitoring program. I would love to know how to do the same with
>>DMON, EMON and IMON as well. Their disable buttons caution that their
>>entries will be removed from the registry. I presume that would
>>require a reinstall. Anyone know about this?
>
>Hi _RR
>
>I run the current full version (2.5) and only use AMON and the on-demand
>scanner. I have the other modules turned off. For IMON and EMON, this
>just unloads them, and enabling them again is simply a matter of
>clicking on a Start button.
>
>DMON when you disable it does give a warning that it will be
>"unregistered from the system", but I have just tried this out in your
>honour :-) and it doesn't seem to be so. After rebooting DMON wasn't
>running but I enabled it again just by clicking on Start, no reinstall
>needed.

Good to know, thanks! I could have sworn that IMON and EMON gave the
same type of message. Good to know I don't have to reinstall.

>>Another couple NOD32 anomalies: It sometimes reports "Error occurred
>>while scanning active boot sector of the 1 physical disk." (or the "4
>>physical disk"). Not sure what that's about, as I've run chkdsk
>>several times w no problems reported.
>
>This one used to drive me crazy wondering if there was something dire
>wrong with my HD until I found what it was. . . NOD32 was trying to look
>at a Zip disk and there was no disk in the drive. When it starts up the
>scanner tries to look at the boot sector of *all* your disks. Does this
>make sense for you? Do you have a Zip or similar drive?

Good observation, and I wish that was the case. If they're using the
same numbering system as the Disk Management console, those are hard
drives. Both relatively new, and tested (I run Check Disk surface
scan on all new drives a couple times before trusting them). Neither
are boot drives. One is a SATA and the other is standard ATA, and I
have other identical drives in the same system that were not flagged,
so I don't think it's a drive geometry issue.

>>Also, NOD32 often reports problems opening some ZIP or RAR files. It
>>seems to get to others OK. Not sure why it would be inconsistent.
>
>I do sometimes get reports of "archive damaged" when I do a scan, though
>WinZip has no problem with the file. I don't know why this is. . . in
>fact I think I'll email Eset about it and find out :-) I can vouch for
>the fact that their tech support is very good and very fast.

Good. If you're a registered user, they'll listen to you. I'm just
trying out NOD. Everyone seems to like the program, and I agree about
the speed and functionality. But the archive errors, the unexplained
boot sector errors, and the fact that Kaspersky and Trend caught
(well, CLAIM to have caught) numerous things that NOD missed...those
are factors for me.

If I could verify archive errors, boot sector errors etc that would
put a different perspective on it, but my tests with WinRar, etc bear
out your own test results. This would also seem to indicate that
those files were not tested.

And I've got to find another program to test boot sectors now. I'm
betting that's a false alarm.

I think Eset/NOD needs to work a bit on presentation and UI. Even the
misleading unload message(s) from IMON, EMON, etc would indicate that.

>I've been using NOD32 for three years now and am very happy with it.
>It's fast, light on resources, very frequent automatic updates and
>excellent detection. Hope this helps!

Certainly does. Those are the main factors for me. The other
artifacts and possible missed files were a surprise, but those bear
further investigation. (I did notice that a number of Kaspersky's
'finds' were in an old quarantine folder which NOD may have ignored).

.

Relevant Pages

  • Re: Are computer forensics people as stupid as they seem?
    ... already a contiguous file on disk. ... I fully document how to do it with DCPP, people have tried it and I ... which lets you encrypt your entire HD (except for the boot sector ... I have used two drives: the one I am preparing and another ...
    (alt.privacy)
  • Re: Cannot boot after resizing with Partition Magic 8.05
    ... problem) with the six boot disks routine and that failed for me too on disk ... fixes the boot sector in partitions. ... >> I just purchased Partition Magic 8 and I've used it several times ... >>> the start it was going to do FAT 32 which is what I had the drives ...
    (microsoft.public.windowsxp.general)
  • Re: Boot sector virus - NTFS?
    ... >>McAfee told me that you cannot get a boot sector virus on a disk formatted ... The boot sector is code run well before the ... > partition on Hard disk has been accessed to find what file system is in ... > While this has an option to work with multiple drives it might be most ...
    (microsoft.public.windowsxp.general)
  • Re: Boot sector virus - NTFS?
    ... >McAfee told me that you cannot get a boot sector virus on a disk formatted ... The boot sector is code run well before the ... partition on Hard disk has been accessed to find what file system is in ... While this has an option to work with multiple drives it might be most ...
    (microsoft.public.windowsxp.general)
  • Re: 3B2 Disks
    ... being able to read the disk in its present format. ... 2 MFM drives on a custom controller. ... SCSI came much later as an add on card. ...
    (comp.sys.3b1)