Speeding up AMON/Risk assessment

Discussion in 'NOD32 version 2 Forum' started by Blutarsky, Oct 26, 2006.

Thread Status:
Not open for further replies.
  1. Blutarsky

    Blutarsky Registered Member

    Joined:
    Oct 17, 2006
    Posts:
    148
    I'm using happily NOD32 on my XP Pentium M@1.6Ghz notebook.

    In the past I've used to complitely disable antivirus monitors, to speed up my PC and scan on demand suspect files. Till a few month a go, when I've discovered my PC had some trojans.

    So I've changed my antivirus (was using a freeone) to NOD32, took a while to clean up my disk, even if booting in safe mode blablabla. I had to use Kaspersky rescue disk CD ROM to boot and clean the infamous trojans left out.

    Then I've unistalled KAV, installed NOD32, indeed enabling AMON. Zone Alarm free also.

    Now I'm back again to speeding up my PC and I was thinking about AMON: what if disableing 'read/execute' and leave 'write' option?

    It should be enough protection or is it too risky?

    What am I risking?
     
  2. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Sounds a little risky to me. I use nod32 on a laptop as well and i've found no noticeable performance increases by trying to tweak certain nod32 settings.
     
  3. Blutarsky

    Blutarsky Registered Member

    Joined:
    Oct 17, 2006
    Posts:
    148
    What risks?
     
  4. ASpace

    ASpace Guest


    It is too risky . You disable essential part of NOD32's overall protection and you risk of being infected . Since you had trojans (which are installed because as said "the client wanted them") it seems you are not a safe surfer .

    What you risk ? You risk of being infected again , loose your data , no privacy and many other things

    NOD32 is unique softwares which uses no more than 20 mb RAM of the whole RAM , one core for all the protection . With cimputer 1.6 Ghz you will notice no change with or without NOD .

    You can read more about computer threats ,what are they and what could happen if not protected here

    To sum-up I strongly recommend you don't touch the default settings and leave it work for you . :thumb: :thumb: ;)
     
  5. Blutarsky

    Blutarsky Registered Member

    Joined:
    Oct 17, 2006
    Posts:
    148
    I didn't say I want to disable AMON. I've said I could customize AMON, leaving only the 'write' scan....

    Doing so you should speed up 'reading' processes like application launch (thousands dlls and other files envolved, 14,000 since this morning boot), boot time, etc.

    Nevrtheless I would retain the 'write' scan: it means that all data written on the hard disk is checked out. The only thing to be aware is execution of remote apps, like stuff on network drives.

    I am a safe surfer! But I was relyng on a not-soo-good antivirurs! I always used to check suspect files, never allowed execution of script from the internet, blablabla....
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    It's a pretty high risk. Imagine that NOD32 wouldn't detect a particular threat, but it would with the next update. So in your scenario AMON wouldn't block the threat upon execution.
     
  7. Blutarsky

    Blutarsky Registered Member

    Joined:
    Oct 17, 2006
    Posts:
    148
    Humm..... :|
     
  8. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    if AMON is slowing your down on your 1.6Ghz laptop, I'd look at other causes for the bottleneck - like the disk.

    I run NOD32 with all modules enabled except EMON (no exchange mail used) on a 500Mhz laptop running win2k - it's a star... I really don't have any performance issues that I can attribute to the AV solution at all...

    hth

    Greg
     
  9. Blutarsky

    Blutarsky Registered Member

    Joined:
    Oct 17, 2006
    Posts:
    148
    Maybe it is enough to schedule a weekly scan (deep) of your PC. Doing so you would trap threats sooner or later. In this case you would only have one week risk.....
     
  10. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I would never do that as there is no noticeable impact on system performace with AMON running. Better to be fully protected.
     
  11. Blutarsky

    Blutarsky Registered Member

    Joined:
    Oct 17, 2006
    Posts:
    148
    My travelstar 7K100 @ 7200RPM definitely isn't the problem!

    NOD is fast (and it's one of the main reasons I've decided to stick to it)
    Nevertheless, it is perceivable the overhead of AMON, once enabled, on application launch and boot.
     
  12. Red Dawn

    Red Dawn Registered Member

    Joined:
    Jun 28, 2004
    Posts:
    116
    Your right, probably not your hardware, but some software you run that could be the issue of the slowness you state. NOD seldom has issues in terms of speed, with both AMON and IMON setup. At the end of the day though, it's your hardware, your choice, so do what you deem right for your setup, but when something goes wrong, don't blame NOD, you can be a safe surfer and still get hit with junk, that's the net now days.. But then again you may never have any other issues and still get that less then 1 percent speed advantage your looking for, that's a joke of course, good luck, and you made the right choice moving to NOD by the way, :D
     
  13. alglove

    alglove Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    904
    Location:
    Houston, Texas, USA
    Surely your IDE controllers are set up in the Windows Device Manager to use DMA transfer modes for your hard disks and other devices? I assume they are, but I thought I would ask, just in case....
     
  14. i_kenefick

    i_kenefick Registered Member

    Joined:
    Nov 29, 2005
    Posts:
    135
    Location:
    Cork, Ireland.
    You are effectively crippling the on-access scanner by disabling any of these.

    You are risky your data :ninja:
     
  15. Blutarsky

    Blutarsky Registered Member

    Joined:
    Oct 17, 2006
    Posts:
    148
    Guys, I didn't explain it properly!

    My system was performing as a lightning since I was hit by trojans and do something.

    Iv'e moved to NOD32 with AMON fully enabled and set up Zone Alarm.

    Boot now is slower, and it propbabily depends on Zone Alarma and NOD doing the job.

    Once booted up application launch seems slighlty slower..

    Ok I'll setup a small benchmark playing with boot, application launch with ZoneAlarm and NOD32 enabled/disabled and post results!
     
  16. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006

    if you worried about slow down ditch zone alarm that is what is making your boot time slow it is known for it. keep nod32 because it isn't slowing you down. you could try comodo firewall.
     
  17. Blutarsky

    Blutarsky Registered Member

    Joined:
    Oct 17, 2006
    Posts:
    148
    Yes ZoneAlarm probabily slows down boot, but not application launch...
     
  18. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006

    could you uninstall it and try something else?
     
  19. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    This sounds very much like a Winsock issue, seen it happen before with this combination, repairing Winsock and IMON should resolve this issue for you.

    Cheers :D
     
  20. pc-support

    pc-support Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    285
    Location:
    Edinburgh, UK
    Oh yes it does... It's called program monitoring (you know, those pop ups that tell you program X is trying to access the internet/local network/system services).

    Leave NOD alone, it's not doing anything to slow your pc down. Remove it/change AMON settings if you want but then please dont come back here complaining that NOD has let nasties through.
     
  21. Blutarsky

    Blutarsky Registered Member

    Joined:
    Oct 17, 2006
    Posts:
    148
    ........... :oops:
     
  22. Blutarsky

    Blutarsky Registered Member

    Joined:
    Oct 17, 2006
    Posts:
    148
    IMON is disabled on my pc... I'll check Winsock with the suggested utility
     
  23. Blutarsky

    Blutarsky Registered Member

    Joined:
    Oct 17, 2006
    Posts:
    148
    Back again on this topic. Today I've been working on our picture archive, moving pics around our server, creating thousands thumbnails, browsing.

    As a result, browsing pics, even if using good ol'n'speedy ACDC 3.2, is noticeably slower.

    What if configuring AMON to check on execute/write only? Skip read.

    Still to risky? If so, why?
     
  24. alglove

    alglove Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    904
    Location:
    Houston, Texas, USA
    I guess that is less risky than the original method, since most viruses need to be executed in order to actually do anything. This option will still let you pass the virus along to somebody else (copy virus to the server, for example), but at least you will be somewhat protected.

    Another option may be AMON --> Detection --> Extensions, if there is a certain extension you do not want NOD32 to scan (for example, tell it not to scan .jpg files).

    By the way, so you notice the slowdown mainly with network files, or are local files on your hard drive just as slow?
     
  25. i_kenefick

    i_kenefick Registered Member

    Joined:
    Nov 29, 2005
    Posts:
    135
    Location:
    Cork, Ireland.
    This is a really bad idea since there is much malware with .jpg extension.
     
Thread Status:
Not open for further replies.