A few observations and questions -

Discussion in 'ESET NOD32 Antivirus' started by iravgupta, Aug 31, 2010.

Thread Status:
Not open for further replies.
  1. iravgupta

    iravgupta Registered Member

    Dec 17, 2009
    I recently trialled NOD32 4.2. Here are my observations -
    1. System boot performance is fast.
    2. On-access scan performance is insanely good.
    3. Overall system reponsiveness is very good.
    4. I realized that all processes spawned by NOD32 were true 64-bit. Even the GUI. Awesome.
    5. NOD32 was able to scan emails downloaded via deltasync protocol in Windows Live Mail, something I am 100% certain that no other AV has managed to do.
    Now some questions -
    1. Is this forum the only official NOD32 support forum?
    2. Are product updates like 4.0 to 4.2 pushed out automatically?
    3. Is there an email notification service where I can register to get notified about updates - definition and product?
    4. If enabling advanced heuristics can seriously degrade system performance, why is this option even present?
    5. If I get infected, can I expect an ESET technician to help me get my system cleaned up?
    6. Does it make a difference as to which web browser i use, i.e. does NOD32 work better with some browsers than others?
    7. Why only some of the mails in Windows Live Mail were tagged as scanned by ESET when I have set it to scan all messages, I even manually scaned all messages but the text appears in only a few.
    8. Can the rescue disk be made to work with USB drives?
    Last edited: Aug 31, 2010
  2. cool1007

    cool1007 Registered Member

    Oct 19, 2009
    Not really, unless I'm mistaken, please correct me if that's the case. The ESET service component or ekrn.exe still reads in my process list as 32 bits application, so it's not a 64 bits as it should (the GUI process does appear as a 64 bits app)


    No, you have to check the announcements in this forum or the official ESET homepage in the download section for product updates. There is a reason for it, it's not laziness :p.

    Not that I know of.

    I would personally use it, only if and after I get confirmation of infection with normal settings, as a tool to find any virus leftover or suspicious files left behind by a virus. Perhaps someone more knowledgeable can give you a better answer.

    Absolutely. I have used the service myself. They used to reply pretty fast (6 months ago), usually in a day or two at most. I haven't tried it out more recently though.

    Not that I have noticed. I use both Firefox and IE8, they both are responsive and it's like if I had no AV installed (though if I browse dangerous links, I get the ocassional NOD32 pop up saying that a malicious script had been deleted, so I know it works). Another friend of mine also uses NOD32 together with Google Chrome with no difference in perfomance.

    I'll leave question 7 and 8 to someone else, because I have no experienced those topics myself. Good luck, and I hope you give ESET a try (you can also use a trial version and evaluate yourself the pros and cons of the product, it's much more effective than relying exclusively in third party opinions :))

    Last edited: Aug 31, 2010
  3. tomi

    tomi Registered Member

    Mar 30, 2009
  4. Hollowstriker

    Hollowstriker Registered Member

    Mar 28, 2010
    To add on to this. Even product updates like 4.2.58 to 4.2.64 are not pushed out automatically. Your daily updating process will only involve:

    a) Virus database definition updates-
    e.g. 5411 (20100831) to 5412 (20100831)

    b) Module updates-
    e.g. Anti-Stealth support module: 1020 to 1021 (20100811)

    For product updates like 4.2.58 to 4.2.64, you will have to download and install it yourself using the installer from http://www.eset.com/download

    You can see a long discussion of why it is not pushed out automatically here.

    Not that I know of. But I think the closest you can get:

    a) For definition updates:
    It is avaliable as a RSS feed as per this thread. The page itself can be found here: http://www.eset.eu/support/update-xy1 (there's a small RSS button that you can click at the extreme bottom left).

    b) For product updates:
    News about it is always posted here (http://www.eset.com/support/news) soon after the updates are released. Additionally, in the official ESET NOD32 forum, a thread like this is often created to indicate the new release.

    Note that it may take up to a few days from the date the news is released to the time when the ESET website actually gets updated with the latest version as indicated by threads like this.

    From my personal experience, it would seem that ESET NOD32 has a problem with Firefox + large downloads/packed downloads. When your download is close to completion (about 99%/'A few seconds remaining'), ekrn.exe (the main ESET executable) will spike to 100 CPU usage while the file is being scanned. Firefox may also appear to 'hang' for a few seconds while this is happening, but once it is finished scanning, Firefox will be usable again.

    To try to lessen the effects of this, you set your about:config preferences in Firefox (browser.download.manager.scanWhenDone) to false. The real-time scanner will still pickup any malware that you download without this scanning.

    Perhaps using IE/Chrome/Safari may help with this issue as well, but I haven't really used these browsers long enough to make a conclusive statement on this. You might want to try this out yourself by downloading 'problematic files' such as:

    CCleaner installer - http://www.piriform.com/ccleaner/download
    Windows XP SP3 (300MB~) - http://www.microsoft.com/downloads/details.aspx?FamilyId=5B33B5A8-5E76-401F-BE08-1E1555D4F3D4

    See these threads for further information about this issue:
    ESET - You are losing my business
    Nod32 causing downloads to freeze

    You can refer to SOLN2103 for detailed information regarding this.
    Last edited: Aug 31, 2010
  5. iravgupta

    iravgupta Registered Member

    Dec 17, 2009
    I cannot see an ekern.exe. Whats wrong?
  6. elapsed

    elapsed Registered Member

    Apr 5, 2004
    NOD32 would be pretty weak if the ekrn process was run under your account, try clicking that button in the bottom left and you'll have more success with AV product processes.
  7. xMarkx

    xMarkx Registered Member

    Dec 1, 2008

    ekrn.exe is a system process. In order to see it in Task Manager, click "Show processes from all users" (located at bottom left of Task Manager) and then confirm with the UAC prompt (if you have UAC enabled). You should then be able to see ekrn.exe in the processes tab of Task Manager as well as the other processes running that were not visable before.


  8. iravgupta

    iravgupta Registered Member

    Dec 17, 2009
    Thanks funky, I see your patronizing tone is still in top form.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.