Hi,

Every time I download an .exe file, my computer is almost hanging while Nod's scanning this downloaded file. If I download 15MB exe file, it'll take almost 1 min to finish investigating this file, and it eats up 90-100% cpu usage.
Do u have any way to reduce this issue? I'm using version 3.0.642
Thank you!

The scan time will depend on what computer you have (your specifications) .

1. Open the user interface of the program
2. Press F5 to enter the advanced setup tree
3. Navigate to "Web-access protection"
4. Press "Setup" button
5. Uncheck detection for realtime packers and usage of advanced heuristics
6. Press OK
7. Navigate to "Real time file system protection" and revert the settings to their default one (just to be sure you haven't made any not so good changes) .
8. Press OK

Don't worry that we'll disable Advanced heuristics in the web module . It will remain active in the kernel scanner (start-up scanner) and in the real time file system protection , which is more important! :thumb:

-{ Quote: "Don't worry that we'll disable Advanced heuristics in the web module . It will remain active in the kernel scanner (start-up scanner) and in the real time file system protection , which is more important! :thumb:" }-
Yes, and instead of the one-time one minute lag we get after downloading the file, we get it EVERY time we try to access the file.

Thanks for your quick reply. But sorry it doesn't help! I did the same way you said. I tried to download an exe file. It still hangs. This still happens even I delete an exe file.

-{ Quote: "Hi,

Every time I download an .exe file, my computer is almost hanging while Nod's scanning this downloaded file. If I download 15MB exe file, it'll take almost 1 min to finish investigating this file, and it eats up 90-100% cpu usage.
Do u have any way to reduce this issue? I'm using version 3.0.642
Thank you!" }-

Hello,
Just one question : do you use KPF 4.x as a firewall ?

Regards

-{ Quote: "Yes, and instead of the one-time one minute lag we get after downloading the file, we get it EVERY time we try to access the file." }-
I agree!
With 2.7 I've never had such problems.
HiTech_boy...I understand your piont of view but solution should be in better optimization od EAV not in less protection!

-{ Quote: "Hello,
Just one question : do you use KPF 4.x as a firewall ?

Regards" }-

I'm using Online Armor free edition

-{ Quote: "Thanks for your quick reply. But sorry it doesn't help! I did the same way you said. I tried to download an exe file. It still hangs. This still happens even I delete an exe file." }-
please provid us exe link

-{ Quote: "please provid us exe link" }-

It's DIVX codec
http://www.divx.com/divx/windows/download/index.php

Hi, do you use active or passive mode of HTTP scanner?

Yeah, the solution is not disabling protection. No matter how powerful your computer is, Nod32 Version 3 struggles with that file. It takes several seconds on my QX9650 processor.

There are about 550 files in the sfx archive. Disabling scanning sfx archives should help.

Try cranking up SysInternals' FileMon while the scanning is going on :) Gazillions of temporary files being created and then being read, almost sequentially, one byte at a time ... no wonder it's taking so long!

-{ Quote: "There are about 550 files in the sfx archive. Disabling scanning sfx archives should help." }-

Disabling SFX Archives in Real time scanner does help but not in Web Access.

Off topic, unhelpful post removed.

-{ Quote: "Disabling SFX Archives in Real time scanner does help but not in Web Access." }-
Disable it in web acces protection. ;)

-{ Quote: "There are about 550 files in the sfx archive. Disabling scanning sfx archives should help." }-

How to disable sfx archives ???? Anyone can help ?*puppy*

Hi,
Setup -> Enter entire advanced setup tree... -> Choose modules and click Setup -> Objects -> Uncheck Self-extracting archives

:thumb:

With all respect but your soultions are: disable advanced heuristic, disable SFX, disable active mode, disable runtime packers...until all checkboxes are unchecked...C'mon then, let's uncheck ALL right after installing of EAV ;D

On this forum we all want better EAV...and only way for that is to point out bad things in EAV (and that ESET guys admit they really exist) and not to post workarounds as cover! Version 3 is out for months and I don't see any REAL improvements since the first final realise!

When you check changelog and read this (http://www.wilderssecurity.com/showthread.php?t=201126&page=2) thread, you find out that a lot of bugs had been fixed. Every response and question from Marcos or any other help discovers details about your problem and they forward it to development.

But you have to accept that file with big size causes slowdown and sometimes even bigger problem. Realtime shield "isn't" for scanning these files.

I recommend scan big files via on-demand scanner and after his problem contact forum or support team. SFX archives are used eg. by trojans.

Best regards. :)

-{ Quote: "When you check changelog and read this (http://www.wilderssecurity.com/showthread.php?t=201126&page=2) thread, you find out that a lot of bugs had been fixed. Every response and question from Marcos or any other help discovers details about your problem and they forward it to development." }-
Thanks but I saw changelog long time ago here http://www.eset.eu/support/changelog-eset-nod32-antivirus

-{ Quote: "But you have to accept that file with big size causes slowdown and sometimes even bigger problem. Realtime shield "isn't" for scanning these files." }-
Are you trying to say that I should disable realtime protection every time when I work with large "exe" files?!...is it another workaround? 8)

But again, my main point is:
Advanced heuristic in v 3.0 is the same (yet) as in v 2.7...and I really dont see why EAV v 3.0 is that HEAVY?!
v 2.7 work great on my old PC (P III) but v 3.0 (with practically same engine) slowdown C2D :thumbd:
I liked NOD32 because it's lightweight and advanced heuristic but now I don't know what to think ::)

-{ Quote: "Are you trying to say that I should disable realtime protection every time when I work with large "exe" files?!...is it another workaround?" }-
When you work with large files, not only with archive on hdd, but with downloading files too, there is temp folder. Eg. file is extracting from standard RAR archive into temp folder, then is be copying to final folder. And this is under control of realtime protection. => It takes a lot of time. When I disable shield or enable, result is almost the same (slow). But if problem is really in ThreatSense engine, developers will find a mistake and fix it.

-{ Quote: "Advanced heuristic in v 3.0 is the same (yet) as in v 2.7...and I really dont see why EAV v 3.0 is that HEAVY?!
v 2.7 work great on my old PC (P III) but v 3.0 (with practically same engine) slowdown C2D" }-
AH module (and others) are still developed, actual version is 1070 (20080212). You can try download LookInMyPC (http://www.lookinmypc.com/) and send log to support team.

-{ Quote: "I liked NOD32 because it's lightweight and advanced heuristic but now I don't know what to think" }-
Me too. ;)

-{ Quote: "But if problem is really in ThreatSense engine, developers will find a mistake and fix it." }-
I hope they will. But firts they have to admit (not to me but themselves) that problem exist.


-{ Quote: "You can try download LookInMyPC (http://www.lookinmypc.com/) and send log to support team." }-
I've done this before with ESS and EAV BETA and I can do this again...but ESS and EAV are now "final" versions...plus this problem is not related to my system exclusively (this is well known problem since the first BETA).

-{ Quote: "Me too. ;)" }-
;D

-{ Quote: "Disable it in web acces protection. ;)" }-

I did only real time sfx helped is what I meant. :)

-{ Quote: "Hi,
Setup -> Enter entire advanced setup tree... -> Choose modules and click Setup -> Objects -> Uncheck Self-extracting archives

:thumb:" }-

I don't see modules in the menu. Can you be very specific when and
which are the ones to uncheck ???

Thank you !:P

Modules: Real-time file system protection, Email protection, Web access protection, On-demand computer scan

:)

-{ Quote: "Modules: Real-time file system protection, Email protection, Web access protection, On-demand computer scan

:)" }-

Got it ! :thumb: Thanks :argh: