Quest. on Blackspear's Extra Settings for NOD32

Hi, I just read through Blackspear's extra settings for NOD32 and had a couple of questions. Under the section where it talks about the Scheduler/Planning two different types of scans are discussed; the first being the command line and the second being the silent scan. Is there any difference between the two?...or is it just showing you your options? I was just curious if there was a reason you would want to have both set up.

Thanks in advance for any feedback.

 

Hello and Welcome to Wilders !

One is completely silent , the other is not .

The one silent is performed by the NOD32 kernel service , running in the background with low priority . It uses specific profile . The other one is just the on-demand scanner . I mean the Control Center luanches the NOD32 on-demands scanner on specified time and starts scan . Unlikely the kernel scan , this one is obvious since it launches the scanner .

There is no reason to have them both just because they do the same -> scan the whole machine for threats

You are welcome

 

Thanks, I appreciate the fast response.

 

No problems , you are welcome

 

Another difference is that the silent scan, since running in the local system account, can get into folders the currently logged in user does not have access to.

 

Thanks again, I like the silent scan better out of the two anyway so that just adds to the reason.

I did have one other question. Again, in Blackspear's extra settings he mentions to turn on the "Potentially unsafe applications" in AMON, DMON etc. Each time there is the warning mentioned; "enabling this option might result in deletion of Remote Administrative Programs such as those used by Network Administrators" Is this more for people using NOD in a business vs. a home environment? Does it have anything to do with Remote Desktop for example if you use it over your LAN to access other computers? I've already noticed that when running my first scan since changing some of my setting that it found the Divx Installer (DivXInstaller.exe) to be a malicious program which I'm assuming is a false positive if you downloaded the program from know site like Divx.com. At least it shows that it's working.

Anyway thanks again.

 

No , just some tools which you may want to use can be classified as Pottentially unsafe/unwanted malware . In all cases , a home users should have these both enabled because such programs should not appear in their computers

What is the name of the threat detected . I have already seen similar detection , but it seems to be such a programs (unsafe or unwanted) . So the name NOD32 detects it . Thanks

 

I just tried to download the file again from divx.com and this is what I got. When I did the initial scan of my HDD it picked up something similar in the local user temp file which must have been a piece or remnant of the install of divx (i don't have any info on that one since I delete the message).

Link to possible malware removed - Ron

Threat:
"Probably a variant of Win32/Agent.QT trojan"

 

Sorry I got carried away trying to provide info.

 

According to SiteAdvisor , all downloads from the site divx.com are safe and checked but this doesn't mean this is not a real threat . Perhaps if you send this to ESET Tech Support they can check it for you (support@eset.com) and confirm if this file is (bundled with) real trojan

 

Thanks, I think that I sent it along to them already but I will also send it along to the email address that you provided. If the divxinstaller does end up being a false positive then I'm assuming I would stick it in my exception under AMON?...and then I should be set. Thanks again for all the feedback and assistance today.

 

Yes BUT only if . Wait for an answer from them and then they'll inform you that if FP , it will be fixed or you can add it do the exclusions . But don't do it unti you received an answer from the Support