Re: Followup re AntiVirus Scanners; Nod32, Kaspersky, etc

On Fri, 17 Jun 2005 16:51:23 +0100, Nightowl <owl@[127.0.0.1]> wrote:

>_RR wrote on Fri, 17 Jun 2005:
>
>>Nod32's control panel also allows temp-disabling of 'AMON,' their file
>>monitoring program. I would love to know how to do the same with
>>DMON, EMON and IMON as well. Their disable buttons caution that their
>>entries will be removed from the registry. I presume that would
>>require a reinstall. Anyone know about this?
>
>Hi _RR
>
>I run the current full version (2.5) and only use AMON and the on-demand
>scanner. I have the other modules turned off. For IMON and EMON, this
>just unloads them, and enabling them again is simply a matter of
>clicking on a Start button.
>
>DMON when you disable it does give a warning that it will be
>"unregistered from the system", but I have just tried this out in your
>honour :-) and it doesn't seem to be so. After rebooting DMON wasn't
>running but I enabled it again just by clicking on Start, no reinstall
>needed.

Good to know, thanks! I could have sworn that IMON and EMON gave the
same type of message. Good to know I don't have to reinstall.

>>Another couple NOD32 anomalies: It sometimes reports "Error occurred
>>while scanning active boot sector of the 1 physical disk." (or the "4
>>physical disk"). Not sure what that's about, as I've run chkdsk
>>several times w no problems reported.
>
>This one used to drive me crazy wondering if there was something dire
>wrong with my HD until I found what it was. . . NOD32 was trying to look
>at a Zip disk and there was no disk in the drive. When it starts up the
>scanner tries to look at the boot sector of *all* your disks. Does this
>make sense for you? Do you have a Zip or similar drive?

Good observation, and I wish that was the case. If they're using the
same numbering system as the Disk Management console, those are hard
drives. Both relatively new, and tested (I run Check Disk surface
scan on all new drives a couple times before trusting them). Neither
are boot drives. One is a SATA and the other is standard ATA, and I
have other identical drives in the same system that were not flagged,
so I don't think it's a drive geometry issue.

>>Also, NOD32 often reports problems opening some ZIP or RAR files. It
>>seems to get to others OK. Not sure why it would be inconsistent.
>
>I do sometimes get reports of "archive damaged" when I do a scan, though
>WinZip has no problem with the file. I don't know why this is. . . in
>fact I think I'll email Eset about it and find out :-) I can vouch for
>the fact that their tech support is very good and very fast.

Good. If you're a registered user, they'll listen to you. I'm just
trying out NOD. Everyone seems to like the program, and I agree about
the speed and functionality. But the archive errors, the unexplained
boot sector errors, and the fact that Kaspersky and Trend caught
(well, CLAIM to have caught) numerous things that NOD missed...those
are factors for me.

If I could verify archive errors, boot sector errors etc that would
put a different perspective on it, but my tests with WinRar, etc bear
out your own test results. This would also seem to indicate that
those files were not tested.

And I've got to find another program to test boot sectors now. I'm
betting that's a false alarm.

I think Eset/NOD needs to work a bit on presentation and UI. Even the
misleading unload message(s) from IMON, EMON, etc would indicate that.

>I've been using NOD32 for three years now and am very happy with it.
>It's fast, light on resources, very frequent automatic updates and
>excellent detection. Hope this helps!

Certainly does. Those are the main factors for me. The other
artifacts and possible missed files were a surprise, but those bear
further investigation. (I did notice that a number of Kaspersky's
'finds' were in an old quarantine folder which NOD may have ignored).

.