Are we protected?

izi

Even Rome wasn't built in a day. Its sample will be added to update 1.613 shortly.

Updated on mine 12:42pm CST.

Time***Module***Event***User
1/28/2004 12:42:06 PM***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***

Wonder really why some get the update b4 others
I'm still on version

Time***Module***Event***User
28.1.2004 19:54:08***Kernel***The virus signature database has been updated successfully to version 1.611 (20040127).***
27.1.2004 20:19:27***Kernel***The virus signature database has been updated successfully to version 1.611 (20040127).***
27.1.2004 19:15:34***Kernel***The virus signature database has been updated successfully to version 1.610 (20040127).

Net(cable) always on during day time. Any reason why please
***

{QUOTE-> quoting: visitor link=board=39;threadid=20606;start=0#msg125032 date=1075321245]
Wonder really why some get the update b4 others

Net(cable) always on during day time. Any reason why please <-QUOTE}

Please give this one a go: Update Setup

server > choose automaticly. servers: http://temp.eset.com/nod_upd/

regards.

paul

Hi Paul
it is there

thought you rember me from last time
(NOD repeat update problem)
NOD is still repeating (see log above)but twice
cheers

It's a quite weird problem which hasn't been reported by other NOD32 users that it updates twice to the same version. Maybe you could try downloading the NOD32 installer from our website (already has v. 2.000.9 incorporated), completely uninstalling NOD32, and re-installing it.

deleted my post - paul

I am NOT going to reinstall NOD32 again
BUT to FORMAT and reinstall XP from scaratch again
BUT heared that even after FORMAT original programs remain (like a ghost image) on the HD and can cause problems and some one suggested I need "killdisk" or similar program. Is this true
Thanks

{QUOTE-> Posted by: Marcos Posted on: Today at 03:56:26pm
It's a quite weird problem which hasn't been reported by other NOD32 users that it updates twice to the same version. Maybe you could try downloading the NOD32 installer from our website (already has v. 2.000.9 incorporated), completely uninstalling NOD32, and re-installing it.
<-QUOTE}


Now twice1.613 BUT 1.612 is missing


Time***Module***Event***User
28.1.2004 23:51:05***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
28.1.2004 22:51:40***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
28.1.2004 21:51:18***Update***Update attempt terminated with error (Server connection failure)***
28.1.2004 20:51:18***Update***Update attempt terminated with error (Server connection failure)***
28.1.2004 19:54:08***Kernel***The virus signature database has been updated successfully to version 1.611 (20040127).***
27.1.2004 20:19:27***Kernel***The virus signature database has been updated successfully to version 1.611 (20040127).***
27.1.2004 19:15:34***Kernel***The virus signature database has been updated successfully to version 1.610 (20040127).***

I have seen the double updates with Spybot Search and Destroy, several times, though not with Nod32.

FDisk and Format, then reinstall Windows will do the trick, you really shouldn't need to do anything else.

Cheers ;D

{QUOTE-> Posted by: Marcos Posted on: Today at 03:56:26pm
Maybe you could try downloading the NOD32 installer from our website (already has v. 2.000.9 incorporated), completely uninstalling NOD32, and re-installing it. <-QUOTE}

After Marcos suggestion

Time***Module***Event***User
29.1.2004 8:16:01***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 1:50:37***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 0:51:04***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***



Before Marcos suggestion!!

Time Module Event User
28.1.2004 23:51:05 Kernel The virus signature database has been updated successfully to version 1.613 (20040128).
28.1.2004 22:51:40 Kernel The virus signature database has been updated successfully to version 1.613 (20040128).
28.1.2004 21:51:18 Update Update attempt terminated with error (Server connection failure)
28.1.2004 20:51:18 Update Update attempt terminated with error (Server connection failure)
28.1.2004 19:54:08 Kernel The virus signature database has been updated successfully to version 1.611 (20040127).
27.1.2004 20:19:27 Kernel The virus signature database has been updated successfully to version 1.611 (20040127).
27.1.2004 19:15:34 Kernel The virus signature database has been updated successfully to version 1.610 (20040127).

Ohh. Thanks Blakspear
was mad about nod so I went to post the log above
by the way can Fdisk handle HD bigger than 80Gb
Also,Xp CD has Format options only
do I need 9x boot floppy to do Fdisk thing
cheers

here comes another

Time***Module***Event***User
29.1.2004 10:15:53***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 9:16:10***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 8:16:01***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 1:50:37***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 0:51:04***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***

I am sending this as an info
I don't mean any thing else
I haven't seen much of NOD due to this behaviour since installed
Don't have time now. BUT for sure I'm going to wipe clean this XP

here is another one 1.613

Time***Module***Event***User
29.1.2004 12:15:54***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 11:16:09***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 10:15:53***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 9:16:10***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 8:16:01***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 1:50:37***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 0:51:04***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***

Again I don't mean any harm
sending these as info only.
Might be useful for future developments of NOD

another 1.613

Time***Module***Event***User
29.1.2004 13:16:03***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 12:15:54***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 11:16:09***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 10:15:53***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 9:16:10***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 8:16:01***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 1:50:37***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 0:51:04***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***

ohhhhhhh please don't shoot
this is the last one

finally got it
two ours after the version 1.614
appeared on NOD site

Time***Module***Event***User
29.1.2004 16:19:27***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 15:16:09***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 14:21:24***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 13:16:03***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 12:15:54***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 11:16:09***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 10:15:53***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 9:16:10***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 8:16:01***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 1:50:37***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 0:51:04***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***

Time***Module***Event***User
29.1.2004 19:15:52***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 18:15:54***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 17:16:03***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 16:19:27***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 15:16:09***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 14:21:24***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 13:16:03***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 12:15:54***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 11:16:09***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 10:15:53***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 9:16:10***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 8:16:01***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 1:50:37***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 0:51:04***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***

Time***Module***Event***User
30.1.2004 1:16:03***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
30.1.2004 0:16:02***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 23:16:02***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 22:16:05***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 21:15:49***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 20:15:49***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 19:15:52***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 18:15:54***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 17:16:03***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 16:19:27***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
29.1.2004 15:16:09***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 14:21:24***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 13:16:03***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 12:15:54***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 11:16:09***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 10:15:53***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 9:16:10***Update***Update attempt terminated with error (Server connection failure)***
29.1.2004 8:16:01***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 1:50:37***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***
29.1.2004 0:51:04***Kernel***The virus signature database has been updated successfully to version 1.613 (20040128).***

I would think you've more than sufficiently made the point there's a problem with your Nod32 installation... But, then again... if I condemned every program I have seen with a problem in a particular installation, I would be hard put to come up with anything to install on a computer.

There are innumerable causes for such things... a bad program install, a corrupted windows file the program accesses, some type of conflict with another program, needed dll file incorrectly incorrectly overwritten by another program, and so forth and so on.

If you do decide to reinstall, it is sufficient to reformat with the XP install disk and then reinstall XP, there's no need for fdisk. There's also no need to worry about some type of ghost files left on the hard drive after the format.

Take care... Randellx5

Thank you I'm not condemning any thing here, not criticizing nor complaining: I'm laying out things to others may they have a solution
Here is the problem again this morning after full format last nightusing XP CD to format.

Time***Module***Event***User
30.1.2004 11:18:55***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
30.1.2004 10:18:55***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
30.1.2004 9:18:53***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***
30.1.2004 8:18:48***Kernel***The virus signature database has been updated successfully to version 1.614 (20040129).***

visitor,

Thanks for going to all that trouble. It's obvious there's something at hand here; no need to post more event logs - it will not contribute anything new to this thread.

regards.

paul

Paul -

On 1/26, I d/l and installed Nod on my Win98 machine. For the first day or two, it updated 'normally' meaning that if there was not a new update, it stated all was complete. However, since then, it has done the repeat download thing with notification that update was successful. Next hour, it does it again.

I have read the threads on the situation and have checked for other virii, correct server, etc. I assume it would not be a header problem over several updates.

I'll not post an event log, if you're willing to trust me that it is as I say! ;)
However, here is the "Info" list from the program in case that will help. BTW not complaining about the problem, rather just hoping to help! There seem to be a few more pressing issues for the AV community this week! :) HTH Richard
PS: Otherwise very happy with NOD32 !!!!!!

NOD32 Antivirus System information
Virus signature database version:***1.614 (20040129)
Dated:***Thursday, January 29, 2004
Virus signature database build:***4193

Information on other scanner support parts
Advanced heuristics module version:***1.005 (20031222)
Advanced heuristics module build:***1047
Archive support module version:***1.010 (20040126)
Archive support module build version:***1082

Information on installed components
NOD32 For Windows 95/98- Base
Version:***2.000.6
NOD32 for Windows 95/98- Standard component
Version:***2.000.6
NOD32 For Windows 95/98- Internet support
Version:***2.000.6

Operating system information
Platform:***Windows 98
Version:***4.10.1998
Version of common control components:***5.81.4522
RAM:***128 MB
Processor:***Pentium(r) II Processor

Hi visitor,
sorry if I overlooked this info here, but do you have the trial or full version installed?

Thanks Marcos
Trail version
I'm being told that format is not enough (it doesn't wipe every thing)
and offered an alternatives killdisk,lowlevelforamat(don't know what that is),SDelete,and GDisk. don't know what to do. can you recommend any. Is there a risk of leaving it updating every hour.
Thanks again for caring

{QUOTE-> quoting: Marcos link=board=39;threadid=20606;start=0#msg125046 date=1075323386]
It's a quite weird problem which hasn't been reported by other NOD32 users that it updates twice to the same version. Maybe you could try downloading the NOD32 installer from our website (already has v. 2.000.9 incorporated), completely uninstalling NOD32, and re-installing it.
<-QUOTE}(first time poster here) Happens to me. Appears to not occur initially but then may (or may not) occur part way though trial period. I reinstalled nod32 & it updated properly for 10-15 days then began to repeat fetch/apply updates on 1.614 (20040129) and continues to do so.
I suspect it is a behavior confined to the trial version - either by design to discourage continual use of the trial version *or* is a bug within the way the trial copy records it's currently installed ref-file. The registered copy does not use whole-ref-file updates, it utilizes incremental updates which are comparatively tiny. If the problem occured with registered copies ESET would hear about it & fix it immediately.

To the frustrated user:
don't wipe your drive & re-install OS - this is a NOD32 issue that is probably confined to the trial version and definately does NOT have anything to do with OS, bad client installation or malware infection. I have occassionally seen this behavior with NOD32, it appears to occur with certain updates suggesting that the version heading in some updates is not properly read by the client when using whole-file updates.
On my client (trial) the last two ref-file releases (1.613[20040128] & 1.614 [20040129]) have been stuck in stuck in perpetual re-apply.***A non-solution work-around is to reduce the frequency of scheduled server hits (in OS scheduled tasks) to, say, daily - then when you see one "stick" you can go back to hourly, if desired.

Hope this clears things up for people. I speculate a little on the topic, but not much as I've been selling my customers on ESET's nod32 for over 3 years and this is *definately* a behavior I have seen before - though I cannot recall if I ever saw it prior to nod32-version 2's release (June 2003).

- FirstTimePostToWilder's (great site!) from 'creature' in NH.

creature,

{QUOTE-> ...I suspect it is a behavior confined to the trial version - either by design to discourage continual use of the trial version.. <-QUOTE}

Quoting Anders, this is most probably the answer to the question:

"this seems to be the full version, but with a limited username and password, for evaluation.

If you want the trial version, I suggest that you either uninstall that version, and download the trial version from the website, or ask the distributor in your area if you can have a temporary username and password for evaluation.'

IMO a counterpunch from Eset in regard to harvesting (temp) monthly user names/passwords which could turn an evaluation version running/updated forever. A wise decision in my view.

{QUOTE-> - FirstTimePostToWilder's (great site!) <-QUOTE}

Welcome - and thanks for the compliment ;)

regards.

paul

Hi Paul.
Perpetual re-application of updates occurs in the trial version as posted to the US (nod32.com) site: it is not a matter of a "full" version being used without a password.
I'm not sure what Anders was reffering to. The full version is password protected both at nod32's download page (can't get the app) and when fetching updates.

It is possible that ESET is using this as a way to ID abusers but it's not a very effective method: they can't go blocking IPs due to the prevalence of dynamic IP assignments. I think it more likely that the client is failing to record some whole-file updates due to a coding error.

Best, Jonathan

{QUOTE-> quoting: creature link=board=39;threadid=20606;start=15#msg126169 date=1075569489]
Hi Paul.
Perpetual re-application of updates occurs in the trial version as posted to the US (nod32.com) site: it is not a matter of a "full" version being used without a password. <-QUOTE}

Thanks for the info - I'll need to dig into that one.

{QUOTE-> I'm not sure what Anders was reffering to. The full version is password protected both at nod32's download page (can't get the app) and when fetching updates. <-QUOTE}

I can't speak for Anders. That said: full versions are distributed at warez sites - as is license info coming with that. (Trying to) put an end to this is overall a wise thing to do IMO.

{QUOTE-> It is possible that ESET is using this as a way to ID abusers but it's not a very effective method: they can't go blocking IPs due to the prevalence of dynamic IP assignments. <-QUOTE}

The method in use at this very moment isn't aimed at IP numbers as far as I know - it's system related.

{QUOTE-> I think it more likely that the client is failing to record some whole-file updates due to a coding error. <-QUOTE}

AS said: we'll have to dig into that one ;)

regards.

paul

To the trial version users having a problem updating NOD32 to the same version - it should be OK now.