Nod32 Beta 4 tells me my system OS Is

Where from do you take those statistics? Inside the Wilders' Community you are most likely correct, but taken the number of all Windows PCs? You will not be able to proof that by numbers. If I take only those machines with Windows versions without the latest respective Service Pack I see something different. And one is for sure: An AV (or any "security" software) is no replacement for a properly patched OS as the actual patches are no replacement for an AV program.

Further more, naming a bunch of programs with different levels of quality shows, that even in the case you would be right this listing does not mean anything.

A serious number of those "security" products do only work inside an account with admin privileges and they are senseless, if the user uses a limited account. So those programs do tell the opposite, what you say: There are many unsolved problems because of unsafe configured and used machines out there.

But let us assume for a moment, that you are right with most people have other security software (probably more than one): So, where should be the problem, if they are really able to handle those applications to deactivate the update warning in NOD32? People who are not able to make this setting are most likely the prisoners of their "security" apps. Those who can deal with those apps make the single setting in NOD32 (if they really thinks, that this is right) and that's it.

Again: What makes you think the opposite taking in account, that the Wilders' community is only a tiny minority in the total number of Windows installations? And it are not only "Newbies", who do not have those "security promises" installed.

To remind you: For people, who are able to use those programs there is no way to believe, that they are not able to make this single setting in NOD32. So what is your real problem? I did not find a single word in your post about that.

 

Please see my replies in the quotes above.

Summed up companies like ESET want to give users more bells and whistles and make everything look all great, but underneath it all is a program that lacks real security and protection. I'm now not saying either that NOD32 doesn't provide good protection, I'm just saying that now, they are saying the Security Center gets disabled by malware, and my reponse to them was, well fix the problem and provide better detection and removal of the problem so users don't need more tools is all. This is really ridiculous if you think about it. Now ESET comes along claiming this tool is needed because they can't provide an application to deal with it. Well now of course everyone's reply, what's the big deal, shut if off if you don't like it. Ok sure, no problem, but like I said, it's just a propaganda pitch to the masses to make them think ESET has created this great feature to help them, when in reality it's simply because they can't give end-users a better AV application to keep the Security Center from getting disabled in the first place. I don't know about you, but I call this pathetic.

Since the introduction of XP I have never experienced this problem on a professional level as a Computer Tech, and whatever malware is causing this issue is not a massive scale, more like just a small limited amount of malware is known to cause this issue.

So I hope you now see the real point, give users a program that does what it should, providing better protection, not providing us tools because the program can't handle the protection it's suppose to be giving, therefore more tools are needed for it's lack of protection.

 

I like how you've imagined this whole idea that ESET is somehow really bad at detecting and removing malware and that this feature proves it. Are you kidding?

As far as I see ESET are doing the best job they can looking after and cleaning up after the mess that is security holes in an operating system not designed by them, yet they are getting the blame for it.

Asking you to make sure you're up-to-date isn't much to ask. It will promote good updating schedules which all-in-all is better for everyone.

 

Sorry I guess you aren't seeing the point here. No one has imagined anything. ESET themselves has said that the Security Center can get disabled. Any amount of malware out there that has been written to do this is on a small scale, meaning the amount of malware out there that does this is small, and we're not even talking in the hundreds either, we are talking in the numerics of TENS is all, and there probably isn't even 10 pieces of malware in the wild that can disable the Security Center either.

No one is blaming anyone, but if we are talking about a very small amount of malware causing a problem, certainly ESET should be able to get some updated signatures in place, or heuristics in place to detect this. This is certainly not unreasonable, or beyond their means, yet they seem to be failing to do so, and just opting out an easier path by placing more non-essential tools in the application.

As an end-user you fail to realize that Windows does a fine job already of keeping the system updated, and the Security Center running fine, in fact it has been doing this for users world wide for the past 8-10 years, now all of sudden ESET wants you to think there is a problem? If you want to start talking about who's kidding who, then really consider what I've just said here!

Afterall if this was a major problem Microsoft would be dealing with it, and they're not, because this isn't a problem. ESET is making something out of nothing, and trying to make users feel like they're getting some extra added benefits, and they're not, because the average Windows user is never going to see the Windows Updates, or Security Center fail or get compromised.

This isn't going to promote anything other then a false sense of security, because Windows Updates and Security Center do their job just fine, and will rarely if ever fail or get compromised.

Also let's paint another picture here. Let's say the Security Center and Updates failed because of an exploited system, how long do you think it's going to take someone to realize their system isn't getting updated? One week, one month, one year? But now what was this exploit, what was it designed to do? Just because malware was deisgned to take one thing down in a system, doesn't mean it was written to do other things, or cause other problems. Or the simple fact that just because you have this problem, doesn't even mean you're going to get further infections at all, maybe some, or maybe nothing at all. So really the point I'm trying to make is, no matter how long the system has gone before an update has occured, has nothing to do with getting infected with malware, because you could have a completly up to date system and have problems, or a system that has not been updated in months and have no problems, this is all going to depend on the malware out there, what your doing, and the AntiVirus, Security and Malware applications you use.

The words of wisdom spoken in this scenario are, it's better to have your system up to date at all times for maximum protection, of course this is the best thing you can do, but just remember there are no guarantees, and just remember many of those updates and fixes are only for known problems, and that there are still many problems out there yet to be discovered, so it's always a cat and mouse game.

And one last thing that everyone seems to be missing here is that Windows is an Operating System, it's not a AntiVirus, Spyware, or Malware program, so no matter how many updates and fixes you do, they will never ever fix this problem called Malware in Windows if it continues to work the way it does.

OS security in an operating system only goes so far, and in the case of Windows that is very limited, that is why users need AV and Malware applications to do the job the OS can't do, and that is to DETECT these problems. So that is one of the biggest reasons to not let this Update tool fool you, because even with an updated or not updated system, most of the updates you do to the system will have nothing to do with these problems, that is why this tool is useless.

Do you realize that most of the updates you do for Windows are for security exploits-holes against hacker attacks, not malware getting into your system? Sure there are cases of where these exploits can be used with malware too, but the majority of Windows updates are for fixing holes in software against security attacks, not virus and malware issues.

If you think that people really need to keep a system updated to avoid viruses, spyware and malware, guess again. You could use your computer with not one update ever and never have a problem, simply because you use good AV, security and Malware protection applications, and you know how to avoid problems. Then you can be someone that keeps their system always up to date, hasn't got a clue about Internet safety, just uses only one AV application, and always has problems.

The truth being said here is that really updates aren't the end all to the problem fixing, it's more then just that, and this Update tool in Nod32 is not needed at all. People are just being fooled here is all, with all of this.

Even if the average computer user fails to update their system for several months, the probability of the lack of updates will not endanger, or make their system necessarily more vulnerable then it was several months prior. This is something people are also failing to realize, that a lack of updates for a few months isn't going to bring people's systems to their knees, or even cause one bit of problems at all. This is just another reason why this tool is also not needed.

I've said a lot here I hope users will really understand that basically the point of my reply here summed up was that Updates aren't the end all fix to the problems here, If you think they are, then ask yourself, why did Microsoft create their own Malware application called Windows Defender? Users need to start understanding what Updates are and what they're fixing and patching, and how little this relates to all the viruses and malware out there.

Here's Microsoft's Offical Updates site, telling users what Updates are:

http://www.microsoft.com/windows/downloads/windowsupdate/learn/windowsxp.mspx

Did anyone CATCH the WORDS there Security & Reliability? End-Users over the years seem to think that this security always means security against viruses and malware and it doesn't, or they seem to think that if they have this security they won't get infected, or even worst they are better protected, and that's not always true either.

Of course these updates are better then nothing, but most users don't realize that these updates are for security holes and fixes, bugs, etc, that are for protection against hacker attacks and exploits against software as I've mentioned before. Yet for some reason everyone seems to think that if you keep your system updated you're not going to get viruses and malware, SORRY WRONG!

Start READING your Updates and see what these things fix and how little many of them have anything to do with Viruses and Malware!

Now after all I've said, do you really think that if someone has an updated system, and then runs no firewall or antivirus and malware programs they are now safe? Ok so you now see the extreme side to this foolishness, which I hope you can finally see, and that Updates aren't going to keep you completly safe, or are the end all, or that you need an AV telling your updates are not up to date. What you need is just an AV keeping the nasties off your PC!

Of course keep your system updated, but don't let companies like ESET fool you into thinking you need this tool. Tell them to give you an application to protect against Virusues and Malware like it's suppose to and to the best of their ability!

Oh one last thing, when you have your system up to date and you get infected, then send ESET an email complaining how pointless this tool has been in helping you!

LOL... Can you see the stupidity now? I hope your eyes are finally open, it's not that complicated!

P.S. The biggest problem with Windows is that users run the system as the Admin. This is the real problem in the Windows world, and all the Updates in the world isn't going to fix this until Windows starts changing their tactics with OS user intervention. Windows needs the ability like Unix/Linux to run the system as a user then change to admin to do the things you want, then when done, back to the user account.

 

@DasFox:

If there is anything, which cannot impress me, than it is your kind of "arguing" with 20 years of experience. What do you want as reply: 25 years, or even some more?

This kind of "arguing" is even more stupid, as you placed it at the question about statistics. And for statistics somebody must not even have a single day of pc experience, but he must know how to collect and how to interpret them. Your stoically "simple fact" tells me, that you missed something in those 20 years.

I do not have the motivation to go into every detail of your post. Mainly because I got the idea, that you do not have the truth in the quality of NOD32 as AV-product. That is so far your decision. But you should have been able to find, that this topic is about something different. That means, that "your bad" is not only missing the option in NOD to disable the warning, but obviously you have not learned in your 20 years of experience how to post ON topic. So far regarding 20 years of experience and the value of 20 lost years.

One point is interesting: In your answer to me you argue, that the average user does not even know about user accounts (this was your reply to my point, that most "security apps" you mentioned do not even work in LUA), in the answer to elapsed you told on the same day, that using accounts with admin privileges is the biggest problem. So what is your point regarding this? IMO the great advantage of V4 over V3 and before is the fact, that ESET has overcome this old mistake, that it cannot be changed from inside a LUA.

 

How is monitoring of the patching service status a bad thing? There are plenty of malware apps that will go through and set up restrictive group policy on the machine to kill automatic updates, the security center, windows firewall, along with other built-in security mechanisms. Home users have a hard time correcting these kinds of restrictions. Once you get that level of control, it is easy to mask the symptoms and users could be going for months or years with their computer attached to a botnet, not realizing that something is going on in the background. Computer security is about layers of protection because no single thing is going to cover all of your bases. You cannot have a secure system without patching functioning correctly, it only makes sense that another security product that you run would watch for that.

 

Interesting thread. I have never really cared for Nod at all, but I know many who love it. I think what DasFox is trying to relay here is that for a respected AV like Nod to give a tool that is doing something along the lines of an OS update (if I understand it correctly) is really only a topical fix. DasFox is pointing out that if the OS itself cannot or has not or will not create a fix for the exploit, then perhaps ESET should create it. I don't think that is an out of line opinion at all.

True, perhaps it is easier or cheaper or whatever to include another tool in the app. But still, it does make more sense to handle the problem themselves if they can.

Personally, I use RyanVm's update packs. I don't care for sp3 at all, so I am still on sp2. As a matter of fact, I hate updating my OS. But, as much has already been stated here, my level of experience is such that I could run the original xp without any service packs and probably still be ok. Just because I know how to live without services that create holes, or know what not to do or where not to go. I don't think for a personal computer needing updates is that important. But only because of the level of knowledge. Throw up a server, or be in a business environment, or your typical button clicking novice, and the story is completely different.

Still, why does ESET not spend the time to fix the exploit in thier security app instead of this other tool? Don't know, don't care. But it is a very intersting read.

Sul.

 

ESET aren't making this feature as some kind of compromise so they "don't have to improve against threats". This feature is a bonus to help against attacks. Calling it stupid just shows how ignorant to common users you are DasFox, because even after all your experience, you're completely blind to 90% of computer users.

 

Windows isn't an open-source operating system, Eset has absolute no control over the patching of exploits in the OS or from any other vendor that may be running software on a system. How exactly would you suggest that Eset patches a dll for, lets say IE7, that allows for arbitrary code execution without access to source code? Antivirus software will always be a reactive measure catching the stuff that tries to get in after an exploit has been run. It is up the vendor of the software to patch exploits in their code, antivirus vendors have absolutely no access on that level and demanding that they somehow magically get it is about as fruitful as wishing for your own unicorn for Christmas. So yes, it is an out of line opinion because it is entirely unrealistic.

And the stuff about hating to update your OS is just precious. You trust developers to build an OS for you but don't trust or like the subsequent updates? Disable services all you want but nothing short of pulling the network cable out of your system is going to keep exploits in the kernel, networking stack, or required processes/services from being an open target.

 

Umm, lets see. If there is a bug, that Nod can identify in it's heuristics or virii signature, or whatever, and they were to, umm, maybe, umm, handle it, like alert the user, quarantine it, kill the process, umm, maybe that would constitute them making thier app handle the threat? Maybe?

Of course this is just conjecture, as I already stated I am not completely sure on the specific details. It would seem though that if there is a bug floating around waiting to exploit, is that not the job of Nod? Patch the OS, fix the exploit, still there will be another. So, to me, the very job of an AV is to stop known exploits, if possible. That of course means that this topic in question is triggered from a type of bug that Nod would watch. If it is some other exploit, some other method that an AV cannot deal with, then I concede the agrument completely

Yes, lol, it is so precious that I don't want to update my OS. So what? There are many users, nay, advanced users, who don't really like sp3. You like tea, I like coffee? So, no need to be rude about it. Not like this is life and death stuff here anyway, just opinions.

Sul.

EDIT: Upon further examination, I still agree with DasFox. Not that having Nod be able to check for critical updates is bad, but why do it at all? If Nod knows of an exploit, that is fixed by service pack A or patch B, why not just include that in your AV engine? If Nod is unable to detect the presence of an exploit that has been fixed by a patch, why don't they just say so? Now, to be true, a system would be wise to have critical patches for known exploits. Nod should just state 'we cannot cover you on issues related to these service packs. ensure you have patched these critical areas with these patches'. Would be more straight forward.

But this is all fruitless without a concrete example. Nod, is there a known bug that should be detected by your AV (or anyones AV) that exploits areas that would not be exploitable with a hotfix or something? If there is such a bug, does Nod catch the bug even without the hotfix? If it does not catch the bug, why not declare it so the user must say 'maybe I should put that hotfix on'. Without a known example of a bug in such an instance, all this debating means nothing. Comes right down to 'do you like tea, or coffee'.

 

Well thankfully you can turn it off from warning you.

 

Did you ever understand the difference of an AV-program and the task to find security exploits? At least your writing tells the opposite. AVs are no bug-finder.

So, this matches:

2 "experienced" people together.

And also this matches with it:

Another known malware catapult. (Quite obvious you are connected to the Net.)

Many users: maybe. Advanced users: No, only stupid ones. Inclusive those using a not licensed Windows. Comparing Service Packs with tea and coffee: The best way to tell, that you don't know anything about it. (I mean Service Packs, I do not care about drinks on this place.)

 

Ah, one of those. Pity that. Maybe we could all download your DNA so we could also share the only correct viewpoint on the planet. Really, you are gifted, to be able to glean such insight from forum posts. ROFL dude.

lol, I never said that an AV should find an exploit. I said if they can handle the bug that uses the exploit, why worry about the patch. I said if they cannot handle the bug that uses the exploit, they should clearly state that fact, and inform the user they should patch up because the AV cannot defend it. I don't know what you are referring to.


Oh, and I do like coffee better than tea.

Attention all users of Wilders !! According to this post, if you are not fully updated with all MS service packs and patches/hotfixes, you might just be

late.

 

Further more you don't know, what a bug in an OS is and what an AV program does. 2 different things! Bugs in a closed software can only be patched / handled by the owners of the source. The duty of an AV program is to prevent the intrusion of software (maybe executables, maybe data) into a system, reagradless of it's state.

This time you have understood. (Didn't hurt, did it?) But I fear, you will never understand the real meaning. Keep rolling on the floor and get dirty.

In the consequence: If you prefer to keep your malware catapult, it sounds logic that you do not want to get "annoyed" by the information about that state. IMO NOD32 is about preventing such mistakes, but of course it can only prevent mistakes, if the user does not have the intention, to connect with his unsafe machine to the Net and distribute his dirt. The number of zombie pcs is horrible, they "belong" to people as you, who prefer to make silly jokes about that.

 

DUDE ! LOL, not a bug, a bug. Too funny. Now I see why you keep coming back with that. I don't mean that an AV should find and handle a software bug. I mean bug, as in virus,trojan,malware, what-have-you. I write code in a few different languages/scripts, and I know what a bug is. YES. You are 100% correct, it should find virii bugs, not software bugs.

Umm, if I knew nothing about winders, then you would be correct. But, I have spent years now heavily modifying my RETAIL PAID FOR (would not want you thinking I run pirate ) XP Pro. My unattended dvd installs my stuff, without many of the things I cannot stand about the OS gone. Are you really implying that without patches being up to date, it is just a matter of time before my rig becomes a 'Malware catapult' ? Please. It is just not so. I KNOW what is going out on my machine. I KNOW what is coming in on my machine. I am ANAL about that stuff, although I have been less so since I NEVER have problems. Emphasis, lol, not yelling btw.

Come on, I have router logs accumulate, I have fw logs accumulate. I go over these logs. I send repeating scans incoming to my ISP if they ip is in thier subnet. You are not talking to a noob here. And I daresay there are many here who would feel the same. I don't care what patches I have on or not, I choose to take care of the matters myself when possible. Sometimes it is not, but many patches that fix exploits are only needed if you run a standard install. And I most certainly do not.

I will concede and agree that peeps who go to Best Buy and get a new computer, and then start using it without any real knowledge are the ones you refer to as having 'Malware catapults'. Lord knows I have fixed hundreds of thier computers.

Well, happy new year, and here is hoping Nod or any AV can catch all the virii 'Bugs' they can.

Sul.

 

Please refrain from personal attacks and start behaving normally. The new version 4 has introduced a new feature for notifying the user about missing OS updates. Those who are not interested in using it, simply disable it and that's all. It's much easier than posting here long posts full of personal attacks and inappropriate wordings.

 

I have stopped using software when they start to implement functions they have no business to mess with before and this definitely going to stop me from renew my license.

 

Umm, yeah! What he said.

ANYWAYS...

It's a dumb feature for the most part (and redundant bloat) from a business domain perspective (WSUS + scheduled MBSA scans anyone?), but as long as I can disable it on my clients from the RAS, I'm happy.

On the other hand, it's a pretty good idea for the average home/wokgroup user. Since I've seen plenty of infections that shut down, mimic and generally interfere with XP's Security Centre.

"I don't install Windows updates because my friend told me that they can screw your system up"

"Is your friend a computer technician?"

"Well he likes to surf Tom's Hardware and SlashDot all day, does that count?"

"No." <click>

Since there's plenty of genital-waving going on here, I'll swing mine. I've literally built thousands of Windows PC's, workstations and servers personally in the last 10+ years (professionally -- like with a paycheck and stuff), and serviced any number of them that developed problems over the years, both hardware and software.

I have yet to have a Windows Update ever _cause_ Windows to have a significant problem.

98% of the time they simply reveal problems in other peoples' software (or infection), 1% of the time they reveal bad hardware -- which are what's REALLY _causing_ the problem.

The last 1% is reserved for when Microsoft 'accidentally' pushed out Windows Desktop Search as an auto-install update (yes I'm STILL bugged by that).

 

There seems to be something wrong with the configuration of that feature, or it works totally different than expected:

I have set, that NOD shall warn me about critical updates. If I now click on "here" on the warning page and open the box, where NOD lists the missing updates, than things as Windows Search, WMP 11, .NET Languagepacks and more things, which are definitly not "critrical" are shown.

With "critical" I would understand those updates that are in the important section of Windows update.

 

Weighing in to the debate here from a business IT admin perspective, I believe that this feature is not necessary for a business environment. Low resource usage is one of the reasons we choose to go with ESET and I believe that this feature is just added bloat!

In a business environment you don't want your antivirus software warning about windows updates for the simple fact that updates are sometimes rolled out in a progressive nature (ie. not automatically) to allow for testing and evaluation. This delay would cause users to freak out cause their getting warning's that update xxxx isn't installed and their whole world is now falling apart and they demand that it be fixed yesterday..... an IT admins nightmare

In saying that this feature may have its merits for "some" home users so as long as it can be disabled I don't see a major problem but ideally I would rather ESET focus their development efforts on improving detection instead of adding "mostly" unnecessary features or bloat

 

My guess is it will be disabled by default in the Business Edition. Stop throwing the word "bloat" around. It's not bloat. YOU think it's bloat because you won't use it. A perfect example of bloat would be if ESET added something like "banner protection".

 

What's the next step, missing browser updates? It's better that you look at your court and optimize engine, so we can enable AH by default without drastic performance decrease.

 

And what magical coding wizardry do you propose so sandboxing an executable isn't a resource intensive? An insecure OS makes AV products pointless because you have an open door to trojans and rootkits to hide themselves and disable scanning engines. A patch verification system is jack squat in implementation time compared to working on new signatures and heuristic routines and the payoff can potentially be huge for home users. If the feature so offends you turn it off, but it is pointless to complain at this point considering the work is done.

 

That would make sense to disable it by default for the business edition and yes I do think that it is bloat because I can't see the merit of it in a business environment. Not disagreeing with you on that one

A smart way to implement these sort of "added" (but not critical) features IMHO would be to implement them as add on modules instead of integrating them into the core product. I am not a software developer so don't know the feasibility of such an approach but it could involve giving the user the option of installing the module as part of the installation process. The advantage of this is that you can have these added non essential features if you want to without adding to the overall bloat (here goes that word again ) of the product.

 

The only "bloat" here is a small amount of disk space and GUI real-estate to keep the inactive feature. If the module is disabled, it will not be consuming memory, CPU cycles, or I/O time. This isn't bloat, period. It is an extra feature that is easily disabled if you do not want it.