Beta: Amon cannot be disabled?

Discussion in 'ESET NOD32 v3 Beta Forum' started by Mele20, Jul 22, 2004.

Thread Status:
Not open for further replies.
  1. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    What is this message that says I cannot disable AMON? HUH?! I am not about to have an AV that I have to reboot the computer before I can install anything. GEEZ!

    How do I get around this? If not possible then I will definitely not renew my license and I will be going back immediately to the release version. I will never put up with an AV that is not under my control. :( :( :(
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,726
    Location:
    Texas
    Are you talking about the tray icon? I can disable mine.
     
  3. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Just untick the box "Resident Module (AMON) enabled".
     
  4. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    No, I am talking about when you go into Amon and uncheck the box so that it stops running until you recheck the box. Now that box is greyed out and you get a pop up that says you cannot disable AMON. You are told to disable NOD32 control center and then reboot the computer so that NOD does not load as this is now the only way to disable AMON! Then when you want NOD32 to run again you have to enable the Control Center and then reboot again.

    Well, after making the post, I decided to see what happened if I did the three finger salute. I tried killing nod32.kui that way and I got several screens saying I couldn't do this and one saying the process wasn't responding, but eventually NOD32 disappeared from the systray.

    Next, I went to start/programs and clicked on it and started it. Then I went to AMON again and this time the box to uncheck to stop resident monitor protection was not greyed out and when I unchecked the box, I got the usual warning about did I really want to turn off resident protection. I said yes and NOD32 control center in the systray turned red as it should with AMON off.

    I then rebooted hoping to be able to reproduce that weird message I got the first time about how I was prohibited from disabling AMON. I could not get that message to appear again. Instead, I can disable AMON just like I can in the release version. :) :)

    I sure wish I had thought to get a screen shot of that message. The message was from NOD32 so why did I get it? And why after doing c/a/d and killing the process that way do I no longer get it?

    Well, I hope Eset is not planning on implementing this "protection" for AMON. That would really bug me and I would not put up with it. I'm glad things are back to normal...but that was sure weird.
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,726
    Location:
    Texas
    Can not close Nod32krn process

    Posted By Marcos
    Re: Can not close Nod32krn process

    In the future, it won't be possible to kill the nod32krn service for security reasons at all as it's been demanded by many of our clients.
     
  6. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    I thought I had read something about that! Well, how was I able to kill it then? I just killed it again very easily. So, this has not been implemented but somehow I got the warnings that first time?

    I don't agree with this decision at all. I want my computer, including my AV, under my control. If I can't kill a process using task manager then that is a rogue, run away process IMO. I won't put up with that.
     
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,726
    Location:
    Texas
    I would rather have control also. A lot of changes are being forced on software vendors in order to work with the sp2 package. Of which, I won't be installing anytime soon.
     
  8. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    I can close AMON in latest beta without problems.
    Regarding nod32krn.exe protection, it's for protect nod process against trojans and others malware, it doesn't mean that you can't disable them.

     
  9. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Well, for whatever reason it is supposed to be there....it is not working on W98SE and I'm glad it is not.

    As for XP, I have no intention of installing SP2 so if the feature is only on computers that have SP2 that is another reason to never install SP2. Microsoft is getting way too much control and I won't allow that. I suppose KAV 4.5 won't work at all on XP SP2 because you can kill it very easily right from the systray. Not disable...kill. So, I guess that will be incompatible with SP2. So, folks who like KAV 4.5 and hate 5.0 will, I guess, be staying with SP1.
     
  10. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    This talk of WinXP SP2 is a red-herring. Apart from SP2 being a very welcome step in the right direction for overall security, the ability of AMON and/or the NOD32 kernel to be stopped is an entirely separate issue.

    I am all for Eset building termination protection into NOD32, but at the same time it is important they retain the user's ability to start/stop AMON and the NOD32 kernel manually when desired. The two aims are not contradictory or incompatible, and termination protection against rogue processes can be achieved while still offering manual termination via the NOD32 tray icon.
     
  11. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia

    Agreed, good post.

    Cheers :D
     
  12. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I second spm's comment. IMO there's greater control in making it so that ONLY I can disable protection, preferably with a simplified way of doing so. Even without, however, I would rather open up the services console and stop the service manually than allow malware to terminate protection without my consent, simply for the sake of convenience.
     
Thread Status:
Not open for further replies.