NOD32 + Vista Ultimate + New KB patches = :(

Ok... I've got a fun one.

I installed both KB938979 and KB938194 on my PC, which runs Vista Ultimate 32-bit. I got both of the files directly from the MS download center. I PROBABLY should have staggered the installs, but I installed the larger one first, rebooted, second one, rebooted again. The good news is the patches do fix a handful of issues that I have been having for months, but I noticed some bad things.

The first thing I noticed was that unzipping stuff with Winzip was horribly slow. I was going to e-mail them, but I decided to do more digging. It turns out that if I turn AMON off, the Winzip slowdown goes away completely.

Then, today I was downloading some files directly in Firefox, only to have the whole system crawl again. It turns out the file I was downloading was a self-extracting executable. Clean, but SFX. I had IMON enabled and allowed it to check out all things HTTP. Turn off IMON, problem goes poof.

While the 'slow down' was happening, I noticed in the task manager that nod32krn.exe was chewing up all of my available CPU time.

So... anyhow, that's the beef. Pre-patches, normal. Post-patches, NOD32 chokes on compressed files. Any idea as to what in the world is going on?

Thanks,

-T

::Edit

I forgot to mention that I am running NOD32 2.70.39

 

Disable sfx archives so that advanced heuristics doesn't emulate every PE file in it which takes considerably much time, depending on the structure of files.

 

I'm not entirely sure I understood your response. Do you want me to stop IMON from scanning SFX files on the way in? What happens when I extract them? That also still leaves me with the problem of archives in general being painfully slow to extract while AMON is enabled.

 

Applied both those patches on Home Premium. I did both consecutively with just one reboot, no problems so far.

 

Maybe you could leave sfx archives enabled, but always bear in mind that advanced heuristics emulates a scanned file in a virtuall environment which is a time consuming operation. AH can be disabled in all modules, but I wouldn't recommend to do so.

 

I was in the process of removing and reinstalling NOD32. It didn't help, but turning off AH made the problem go away completely. I think it's totally weird that something with one or both of those MS patches is driving NOD crazy when the AH feature is turned on.

 

Remember that Vista is a new OS and still has plenty of problems to be ironed out. Not defending MS, just making an observation.

 

heheh - I have a FREE copy of Vista Ultimate sat here on my desk which I will NOT install until SP1...

 

Heh heh - I too have a free copy of Vista Ultimate - which I will NOT install because Fista is a steaming pile of dung which offers nothing significant over XP, and more importantly, has nothing one needs to upgrade over XP.

Heads of computer companies saying "the entire industry is disappointed with Vista", the divided public opinion, the startling "air of hope" re Vista SP1 (suggesting maybe it is generally accepted that Vista itself needs some fixing), and that I have used Vista since RTM (being in IT) and it has nothing over my very streamlined and thoroughbred XP installs i.e. nothing I can't do with XP that I would need Vista for..

No, I look forward to Fista dying a painful public death, and maybe Windows 7 will redeem the series.