Quest. on Blackspear's Extra Settings for NOD32

Discussion in 'NOD32 version 2 Forum' started by sh0k32, Feb 13, 2007.

Thread Status:
Not open for further replies.
  1. sh0k32

    sh0k32 Registered Member

    Joined:
    Feb 13, 2007
    Posts:
    15
    Hi, I just read through Blackspear's extra settings for NOD32 and had a couple of questions. Under the section where it talks about the Scheduler/Planning two different types of scans are discussed; the first being the command line and the second being the silent scan. Is there any difference between the two?...or is it just showing you your options? I was just curious if there was a reason you would want to have both set up.

    Thanks in advance for any feedback.
     
  2. ASpace

    ASpace Guest

    Hello and Welcome to Wilders !


    One is completely silent , the other is not . :D

    The one silent is performed by the NOD32 kernel service , running in the background with low priority . It uses specific profile . The other one is just the on-demand scanner . I mean the Control Center luanches the NOD32 on-demands scanner on specified time and starts scan . Unlikely the kernel scan , this one is obvious since it launches the scanner .

    There is no reason to have them both just because they do the same -> scan the whole machine for threats

    You are welcome :thumb:
     
  3. sh0k32

    sh0k32 Registered Member

    Joined:
    Feb 13, 2007
    Posts:
    15
    Thanks, I appreciate the fast response.
     
  4. ASpace

    ASpace Guest

    No problems , you are welcome ;)
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Another difference is that the silent scan, since running in the local system account, can get into folders the currently logged in user does not have access to.
     
  6. sh0k32

    sh0k32 Registered Member

    Joined:
    Feb 13, 2007
    Posts:
    15
    Thanks again, I like the silent scan better out of the two anyway so that just adds to the reason.

    I did have one other question. Again, in Blackspear's extra settings he mentions to turn on the "Potentially unsafe applications" in AMON, DMON etc. Each time there is the warning mentioned; "enabling this option might result in deletion of Remote Administrative Programs such as those used by Network Administrators" Is this more for people using NOD in a business vs. a home environment? Does it have anything to do with Remote Desktop for example if you use it over your LAN to access other computers? I've already noticed that when running my first scan since changing some of my setting that it found the Divx Installer (DivXInstaller.exe) to be a malicious program which I'm assuming is a false positive if you downloaded the program from know site like Divx.com. At least it shows that it's working.

    Anyway thanks again.
     
  7. ASpace

    ASpace Guest

    No , just some tools which you may want to use can be classified as Pottentially unsafe/unwanted malware . In all cases , a home users should have these both enabled because such programs should not appear in their computers

    What is the name of the threat detected . I have already seen similar detection , but it seems to be such a programs (unsafe or unwanted) . So the name NOD32 detects it . Thanks :thumb:
     
  8. sh0k32

    sh0k32 Registered Member

    Joined:
    Feb 13, 2007
    Posts:
    15
    I just tried to download the file again from divx.com and this is what I got. When I did the initial scan of my HDD it picked up something similar in the local user temp file which must have been a piece or remnant of the install of divx (i don't have any info on that one since I delete the message).

    Link to possible malware removed - Ron

    Threat:
    "Probably a variant of Win32/Agent.QT trojan"
     
    Last edited by a moderator: Feb 13, 2007
  9. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,755
    Location:
    Texas
    sh0k32,

    Kindly refrain from posting links on these forums to direct downloads of possible malware. Submit any samples to Eset instead.
     
  10. sh0k32

    sh0k32 Registered Member

    Joined:
    Feb 13, 2007
    Posts:
    15
    Sorry I got carried away trying to provide info.
     
  11. ASpace

    ASpace Guest

    According to SiteAdvisor , all downloads from the site divx.com are safe and checked but this doesn't mean this is not a real threat . Perhaps if you send this to ESET Tech Support they can check it for you (support@eset.com) and confirm if this file is (bundled with) real trojan
     
  12. sh0k32

    sh0k32 Registered Member

    Joined:
    Feb 13, 2007
    Posts:
    15
    Thanks, I think that I sent it along to them already but I will also send it along to the email address that you provided. If the divxinstaller does end up being a false positive then I'm assuming I would stick it in my exception under AMON?...and then I should be set. Thanks again for all the feedback and assistance today.
     
  13. ASpace

    ASpace Guest

    Yes BUT only if . Wait for an answer from them and then they'll inform you that if FP , it will be fixed or you can add it do the exclusions . But don't do it unti you received an answer from the Support :thumb:
     
Thread Status:
Not open for further replies.