how funny is that?

Discussion in 'NOD32 version 2 Forum' started by gue_st, Nov 25, 2005.

Thread Status:
Not open for further replies.
  1. gue_st

    gue_st Guest

    Have you ever been wondering, for example, about some mobile phones - such hightech, but just one thing, you need to press 20 buttons to make a call.
    Or, more simply, footpath in the park - sometimes they are designed in such awkward way that people never use them.

    Why everybody can see that, except designers - are they specially selected dumb or there was a contest for the most stupid design?

    The answer is, do we like it or not, that almost everybody's brains works a bit different if you are designer, than if just a detached observer.
    This is what explains that it usually takes just 20 minutes to find bugs and flaws in software, which were overlooked by developers and testers in hundreds of hours of hard work.

    Forums would be useful for this kind of exchange - to discuss those obvious but missed things. The problem is, stereotype forces developers to seal up and not listen to anybody (because they know better themselves), and users(except some soft-religious fanatics) - to consider developers stupid, whenever they see something wrong. Unfortunately, this is what we are unawares expecting from each other.
    Those who overcome this prepossession, are better in the long run, simple as that.


    I came here of course to discuss something I think is important.

    OFF switch. This would make NOD32 usable where it is currently not. If security would be compromised(which is unlikely, as others do not have this problem), it could be as an option during the setup. It would still be better than no antivirus at all, correct?

    Right click menu for system tray icon. It is really a shame not to have such. To launch on-demand scanner, need to click at least 4 times, to update - also, to disable protection - even more, while all that could be done directly from the right click menu.

    Infected files management. So, what do we do if there is a scanning log with something detected? Ok, there is right click option to clean, that is good. But if it is false positive, then why there is not an option to add it to exclusion list or, delete without attempting to clean? Because it is easier to click through many windows to get it done?


    Could be continued, but funny - after that we have discussed I should write antivirus myself, that I am too much self important, that I am grinding an axe on NOD...all true, but NOTHING about those above things:rolleyes:
    I want to use NOD32 too! Also, every time somebody asks which AV to buy, I have to advertise NOD, because with all this, it is still the best, isn't it?

    Finally, I suspect that the problem is not that Eset wouldn't know these simple, obvious things - of course they do. So obvious that it is impossible to conceive they need to be used also in own program:D
    That is why I will need that axe :mad:
     
  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
  3. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    OFF switch works just fine. DOn't know what you wanto_O

    Well they have it. Honestly i don't know a single AV that doesn't have this feature.
    http://img394.imageshack.us/img394/7448/nod32context9yr.png

    Thats to protect users from their own stupidity. I can say for sure that there would be users adding everything to exclusion and later blaming ESET for infection. You can access exclusions through AMON->Setup->Exclusions tab.
    Simple enough.
    You can also set NOD32 to scan in Cleaning mode where it will ask you for each detected file right away.

    I think you should first get to know your AV very well before asking for new features imho.
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    If you had an alarm at home, would you place a switch outside the door which would disable the alarm just by pressing it?
     
  5. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    I explained him the same some time ago in some other thread. More and more AVs have self-protection. So does NOD32.
     
  6. gue_st

    gue_st Guest

    What OFF switch? There is a switch to stop nod32krn ?

    Sorry, but system tray is usually considered to be on the taskbar, near the clock. So, I do not understand what you are talking about. But you are correct, almost every AV have this, except NOD32. If you find it, please let me know.

    Well, this is something really brilliant! Next best protection is to destroy computer.
    For those, who need special explanation - this feature should be available not for every virus, but ONLY for those "probably...", which are all over the place.
    That cleaning mode is one funny thing, so you expect me to sit by computer and wait until scan finishes and click buttons, right? Or, maybe you suggest to hire somebody for that job?


    That is correct. But you should read better before answering...please:rolleyes:.

    Thanks.
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    gue_st, please refrain from personal attacks or this thread will be closed.
     
  8. gue_st

    gue_st Guest

    You probably have very vague understanding of security devices. If you installed one that cannot be disabled, it could well be your last one.

    If you do not have guts to tell there is nobody able to implement that feature, need to start ridiculing, huh?
    I never said it needs to be uskilfully done.

    Can you tell how many times major AV's that have this feature, have been disabled by malware? Or firewalls, which also can be switched off?
     
  9. gue_st

    gue_st Guest

    You are free to close, of course, but first could you please identify those personal attacks.
     
  10. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    You want one? Norton is the most noticeable one that gets disabled over and over again. McAfee is also targeted alot. Same Trend Micro. There are also others like Kaspersky, F-Prot and BitDefender taht were also targeted.

    Now whole point of protecting from disabling is that when updates are available you can clean it right away (of course missed sample got in in the first place). Now ask any Norton user that got infected what happened. Ressurecting Norton was a real pain in the rear(i know it). Sometimes it was even dead after complete reinstallation. Do you want that? Kaspersky Lab vent even so far that noone can change any files inside KAV folder, cant erase or change its registry keys, you can't even terminate it's processes and drivers unless you manually disable the AV. But NOD32 can also do that. It's process cannot be terminated no matter what you do. But you can disable AMON completely anytime you want.

    This is how NOD32 looks by default:
    http://img188.imageshack.us/img188/3110/nod32default2ut.png

    And like this when you disable additional self-protection layer:
    http://img188.imageshack.us/img188/9363/nod32unload5aw.png

    You can do it by clicking Setup, going to Security tab and Checking (adding checkmark) to "Allow manual stopping".

    But i higly advise you NOT to do that. Trust me i'm handling with malware every day and i had to turn that one off only once when i was testing KAV2006 beta while having NOD32 installed. I'm sure you won't need that.
    Unchecking "File system monitor (AMON) enabled" should be enough for you if you want to pause scanner.
     
  11. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    See that little checkbox that says "Enabled" in the above screenshots? Very simply.............uncheck it. Yeah...there ya go. Once for each module, if for some reason you want to shut down your AV.

    But NOD32 is very quick and light, you can leave the modules up and running without bogging down your PC like most other AV products (pretty much the only reason I've seen users want to kill the AV..to speed things up).

    You clouding things with overcomplication..just like your "20 buttons to make a cell phone call" comment...mine is pretty simple, usually 3x buttons for phone book entries, or a whopping 8x buttons for local calls.
     
  12. Rosan

    Rosan Guest


    Simple as that... one of the most beaultiful things NOD32 have. Simplicity. At least for me... ;)
     
  13. gue_st

    gue_st Guest

    You see, this "unless" makes the whole point - KAV CAN be completely manually unloaded!

    Exactly, NOD32 process (nod32krn) cannot be terminated manually. Disabling AMON is not enough.
    I don't know how to explain, I am trying again and again. I do not exactly need babysitting, I have of course noticed that "Unload AMON" button everybody is pointing.
    But, do you have any idea of what kind of load to the system it is to manage 120+ audio tracks, adio sequencer with few million lines of code, bunch of virtual instruments and effects, and possibly video too, if you are composing for the movie. All that at the same time, and with 2 or 3 ms latency.
    You are not going to get it work on home computer, it requires special components, and quite a bit of tuning to get it work properly. Even few bytes of memory can be critical, but we are talking about running process, which needs at least 3MB of physical memory if paged off,and needs to be handled by processor.
    So, if I am saying there will be no running nod32krn during the recording session, trust me, there will be not.

    Also, you may be wondering why you haven't heard about this problem before. Quite simply, because normally audio workstations do not have any antivirus software installed at all! Normally, you have another computer in the studio with AV running, to check CD's, external drives etc., and also for scanning the DAW through network, if necessary. On this special computer, of course, there is no need to disable anything, so NOD32 can be happily running.

    What is the problem, is the home audio workstations. Not everybody can afford that kind of studio setup. So, you want similar perfomance from cheaper equipment, plus, may need to check email or surf internet on the same computer. The stress on this kind of system is, without any doubt, even bigger.

    Finally, everybody keeps telling that this inactive service doesn't consume anything, but you may be really surprised to see how huge is the effect of disabling, for example, 5 inactive services. Then you could realize that "inactive" and "doesn't consume" statements can of course be applied to office computer, but not to DAW(audio workstation).
     
  14. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    gue_st,

    What's your work objective? If a solution that works exists, and according to your first post there is, why not go with it? Whether an AV is light or not is more or less moot if its unloaded, yes?

    As far as the loading and unloading NOD32 is concerned, it's actually fairly trivial to do if you want to. The functionality is available to you today, but it's not part of the program itself. As a matter of fact, I just stopped the NOD32 GUI, unloaded the NNOD32 kernel module, started typing this, restarted the kernel module, and finally just restarted the NOD32 control center. Down and up with no magic involved. How? Use the native functionality of the OS (XP Pro in my case), reconfigure the default recovery settings on the NOD32 kernel service as appropriate to your needs, and go to town. Not a recommended course of action in my opinion, but it is doable.

    Cheers,

    Blue
     
  15. gue_st

    gue_st Guest

    Not really. Of course, solution always exists, everybody knows that.
    But for myself, while composing something, I like to drink beer, browse forum and it is ok most of the time. Because, with 10ms latency, I could also play games too, while running 50 audio tracks, but lightness of AV would still be an important issue, of course. But it doesn't mean I don't do any serious recording on the same computer, and then AV needs to be disabled.

    Interesting. Which version you are using? Here, with 2.50.41, there is no possibility to stop nod32krn service, whatever the recovery settings. Sop, start and all the other things are greyed out.
    Or, do you have some special , Moderator rights on your computer?

    But, even if so, would you feel comfortable to tell some real composer(and I mean, the real one) that he "JUST" needs to disable gui, go to "services" find NOD, disable it...not me... am I doing something wrong?
     
  16. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    The current one
    That's because of the current state settings you have. No more, no less
    No, do you? Look, I'm a paying customer like anyone else here.
    Here is what to do...
    • Quit the NOD32 Control Centre in the usual way, using the native Quit button.
    • Select Start>Control Panel>Administrative Tools>Services. Go to the NOD32 Kernel Service and double click on it
    • Yes, everything on the initial screen is greyed out.
    • Select the Recovery tab. For First, Second, and Subsequent failures - set to Take No Action. Specifics depend on whether you want one, two, or many unloads possible in a session.
    • Bring up the Task Manager and Kill nod32krn.exe. The default configuration (Restart the Service) in the previous bullet forced a restart whenever the kernel service was stopped, the changes made above prevent this.
    You're on your own for any configuration dependent secondary or unintended consequences. Personally, I don't recommend this course of action.

    Later,

    Blue
     
  17. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    The only real performance hit from antivirus software comes from real time file protection. In the case of NOD32, even though it's one of the lightest out there in the case of slowing down systems, that module is AMON.

    Losing sleep over this pursuit of killing the krn service is..well...not really worth the bother, just disabling the AMON should be your only goal.
     
  18. gue_st

    gue_st Guest

    Thanks,
    but in case you think you know better, try running Nuendo with 100 audio tracks + some virtual instruments + 20 effects at 2ms latency, then you will see yourself, is it worth the bother or not.
     
  19. gue_st

    gue_st Guest

    Thanks alot,
    Sure, it works this way, and , quite obvious that your knowledge in this is better than mine.
    But, are you really serious even mentioning thiso_O
    Nod Kernel service then stays unprotected, and how much time you need to spend on this, you are completely correct - whou would recommend anything like that? :rolleyes:
    Or, are you saying that this can substitute normal(protected) "off" switch?
    Or, are you saying that almost all audio professionals are wrong, or stupid, or what?
    Sorry, I am too dumb to understand.

    If you forgot to make doors, you are now saying that you can perfectly climb through windowso_O
     
  20. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    About 30 seconds - less time than responding to you.
    You do realize that you can dynamically do this anytime desired? Right? No need to have that as the standard configuration. Like I said, it's an approach, ignore it if you wish.

    As for the state of audio professionals, I don't believe I said anything of the nature that you've implied.

    Later

    Blue
     
  21. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,040
    Interesting thread. Sounds like what is really at issue isn't a couple of Nod setting but inadequate computer resources to do the job. An investment in more memory, might well be the best solution.
     
  22. gue_st

    gue_st Guest

    Of course, you didn't; and I didn't really want to imply anything like that.

    But, honestly, have you seen a composer?
    And now, imagine you need to explain your approach. I don't know, if you have tried.
    I have.
     
  23. gue_st

    gue_st Guest

    That is correct.
    Adequate resources would be at least 250GB of memory.
    But till then, it is just a fiddling with what you have. Quite unfortunately, in fact.
     
  24. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    But you did.
    My one last comment in this thread, then I'm out of here.

    You came with a problem and some constraints. I simply took them at face value, didn't try to argue that all you needed was already present, and provided a quick solution within your constraints. As far as I can see, it's the only one available and the only one offered. I understand all the issues surrounding my comments, hence my admonishment that I don't recommend it. However, if absolutely need to resolve the problem you describe (and, yes, I do get it - I have on occasion performed realtime/high-framerate video image capture, deconvolution, analysis, and processing that took a lot more horepower than is in on a standard PC - yea, I get it, it's not unique to your chosen path) and if there is no flexibility in the self-imposed constraints you note, this is it aside from a forced restart with customized autostart options.

    Blue
     
  25. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    gue_st, you have been given a solution that works within the current version of Nod32. Going around and around in circles for the sake of doing so just makes people nauseous.

    It is time to move on.

    Blackspear.
     
Thread Status:
Not open for further replies.