EAV 5.XX - Where is the off switch? {solved in next release}

Discussion in 'ESET NOD32 Antivirus' started by VXB, May 20, 2012.

Thread Status:
Not open for further replies.
  1. VXB

    VXB Registered Member

    Joined:
    Oct 2, 2010
    Posts:
    18
    Hi guys,

    I'm a long time user of NOD32, started with 1.x back in the days when I was working in the labs for a competitor in the AV industry... Shhhhhhht it's still my little secret. LoL

    The main reason I went for ESET back then was its small resource footprint. v2.7 was last time it was still a good reason. 2.7 is still running on my XP boxes... I start crying couples of months ago when an terrible message poped on my screen saying 2.7 was about to be terminated by its creator.

    I've recently installed 5 on a win7 64bit. The ekrn.exe service is sucking up ressources and sneaking on the drives even when the real time protection is disabled.

    So back at reason for the email - Where the heck is the off switch on this thing?

    Thanks
     
    Last edited: May 20, 2012
  2. VXB

    VXB Registered Member

    Joined:
    Oct 2, 2010
    Posts:
    18
    Re: EAV 5.XX - Where is the off switch?

    Self reply

    STICKY FUTURE OF CHANGE OF EAV

    3. Provide "Disable" and "Exit" items on the ESET system tray icon pop up to allow users to temporarily disable all ESET functionality or exit ESET completely.

    Put it on the shortlist for 6.0 :) please please please
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Re: EAV 5.XX - Where is the off switch?

    1, v2 provides much lower protection compared to v3 or newer. For instance, it does not support generic script signatures so protection against script malware is low.

    2, There's already an option to disable protection modules temporarily and this won't change for security reasons.
     
  4. VXB

    VXB Registered Member

    Joined:
    Oct 2, 2010
    Posts:
    18
    Re: EAV 5.XX - Where is the off switch?

    1- I'm well aware of the lower protection of 2.7. But thanks for the advice. If I need to go fast, I prefer light equipment than heavy and bulky one that limits my ability to move.

    2- Why so much IO activities from ekrn when the modules are supposed to be disabled? I'm asking for a kill switch (temporary is fine by me).

    Correct me if I'm wrong but it seams that the current disabling is more an IDLE function than anything else. It doesn't release drivers, IO filters, kill services or free up resources. EAV is still monitoring but simply skips the AV scanning. Not good enough for me. When you guys suggest to temporarly uninstall EAV when it still interfere with other product installations even when "temporarly disable". Then it tells me "temporary disable" is still pretty intrusive.

    As I can see in the forum. People are still asking for the option to turn EAV OFF instead of a pretend to sleep mode.
    I'm just another one of them.

    The closest thing I found of turning it off is disabling the EAV services and reboot. But this also kills the ability to run a manual scan.
     
    Last edited: May 21, 2012
  5. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    You can avoid the startup of the <real-time protection driver> by entering into advanced setup.

    This way you can start scans and keep the product's self-defense
    that feature is available since your days with v2 :)
    greetings
     
    Last edited: May 21, 2012
  6. VXB

    VXB Registered Member

    Joined:
    Oct 2, 2010
    Posts:
    18
    Re: EAV 5.XX - Where is the off switch?

    Roger that, even with real time disable you still get a lot of IO activities from the other modules.

    Meanwhile I just intalled v6 beta on a virtual machine. Then I clicked the "disable temporarily" feature and start browsing for religious sites drive by infected sites. The next thing I noticed was EAV blocking all the interesting ones.

    Once again. I'm hoping for a real off switch. But I don't think the ESET folks will provide that since they claim "disable temporarily" is what we asked and got. This feature is one step toward what we are asking but not quite there yet.
     
    Last edited: May 21, 2012
  7. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Well, in my case I didnt noted any impact on performance caused by the filesystem traffic or web traffic even with both filesystem and web protection initiated and enabled
     
  8. VXB

    VXB Registered Member

    Joined:
    Oct 2, 2010
    Posts:
    18
    Ok for sake of argument. Now how about interferences with other low level applications?
     
Thread Status:
Not open for further replies.