Beta 4 !!!

Discussion in 'NOD32 Early v2 Beta' started by puff-m-d, Mar 28, 2003.

Thread Status:
Not open for further replies.
  1. MickeyTheMan
    Offline

    MickeyTheMan Security Expert

    I switched backed to reg version for time being, but just noticed that i can't use Web2Pop as it won't initialized saying another app using port 110 and yet Port explorer does not show anything there.
    Just wonder if this somehow could be related
  2. controler
    Offline

    controler Registered Member

    I am not that familier with Port Explorer Mickey
    but doesn't it sure sound like NOD is holding on to that port?
    You would think Port Explorer would see it though.
    Does Web2POP start-up with NOD disabled?
  3. spy1
    Offline

    spy1 Registered Member

    You can add XCleaner to the list of programs that have a problem with NOD's latest beta (although I haven't really noticed any difference in the program's performance).

    See this screenshot and the one following.

    Attached Files:

  4. spy1
    Offline

    spy1 Registered Member

    And this.

    Attached Files:

  5. spy1
    Offline

    spy1 Registered Member

    Of course, there's also the notification from HijackThis's results:

    Which I guess doesn't affect me since I'm not on dial-up.

    Mickey - Are you on dial-up? Pete

    Attached Files:

  6. controler
    Offline

    controler Registered Member

    To run the LSP installer

    Copy the LSP installation code in a DllRegisterServer function.
    Add a registry subkey to the HKEY_LOCAL_MACHINE\COM\WS2\LSP registry key.
    To this subkey, add a registry entry named DLL. For the value, insert the path to the DLL with the DllRegisterServer function.
    When Winsock loads, it enumerates all keys under the subkey HKEY_LOCAL_MACHINE\COM\WS2\LSP. For each subkey that has a DLL property, it performs a LoadLibrary function call on the value in that property. If successful, it then calls DllRegisterServer for the DLL.
    Value Description
    S_OK The registry entries were created successfully.
    SELFREG_E_TYPELIB The server was unable to complete the registration of all the type libraries used by its classes.
    SELFREG_E_CLASS The server was unable to complete the registration of all the object classes.


    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wcekernl/htm/_wcesdk_Win32_LoadLibrary.asp
  7. MickeyTheMan
    Offline

    MickeyTheMan Security Expert

    I'm on cable and have disabled everything non essential including regular nod version and We2Pop still reports something listening on port 110 and won't initialized
  8. MickeyTheMan
    Offline

    MickeyTheMan Security Expert

    Web2Pop not related to nod after all. After making several adjustments not related to nod, got it to load.
  9. Karl
    Offline

    Karl Guest

    The install issue I reported seems to be specific only to one system...I retried it on a clean win98 (not SE) and everything works fine... just to let you know.
  10. puff-m-d
    Offline

    puff-m-d Registered Member

    Hello all,

    I have two suggestions and/or problem with beta 4 that have previously been discussed with previous beta releases:

    1.) I invoke NOD32 through my download manager to scan the files immediately after download. The problem is still there that the scan settings are not saved and/or the scan profile that I have saved for NOD32 is not used. Many times I download a file that is not a default file type (especially *.zip files for instance), and then have to rescan after changing the scan profile to scan these non-default file types.

    2.) If you disable AMON for whatever reason, IMHO there really needs to be some type of notification in the system tray to remind you that AMON is indeed disabled.

    So far, these are the only problems/suggestions that I have come across for the beta 4 version.

    :D Keep up the great work guys !!! :D

    Regards,
    Kent
  11. tosbsas
    Offline

    tosbsas Registered Member

    Like to second that

    Ruben
  12. jan
    Offline

    jan Former Eset Moderator

    Hey Ruben,
    as you wrote:

    >beta 4 is working great so far. No issues any more with SpamPal - it seems and the right click is fixed too.

    I hope you don't have these problems anymore. :)

    Ciao,

    jan
  13. jan
    Offline

    jan Former Eset Moderator

    Hi Terry,
    As you wrote :

    >imon.dll is there in C:\Windows\System and also in C:\ESET\Setup\02

    the imon .dll is there. So the HiJack doesn't display the message correctly. It's difficult to say why - it seem to be due HiJack internal processes. Anyway it doesn't seem to be a major problem.

    Cheers, :)

    jan
  14. jan
    Offline

    jan Former Eset Moderator

    Hi spy1,
    This seem to be the same thing as in my previous post - anyway, both cases have been added to our list of problems and we'll have a look at that when we finish the more important things.

    Thanks, :)

    jan
  15. jan
    Offline

    jan Former Eset Moderator

    Hey Kent,
    There is a new feature in the Beta4's NOD32 on-demand scanner: you can give your profile "Set as default" in the corresponding checkbox in the "Profiles" tab.
    This has been added to the wishlist
    Thanks, :)

    jan
  16. jan
    Offline

    jan Former Eset Moderator

    Hi marti,
    I have seen that delay in the current version of NOD too. After comparing it with the Beta4 I've experienced a big improvement. have you compared it too?

    All the best, :)

    jan
  17. DavidH
    Offline

    DavidH Registered Member

    Hello,

    I am a registered user of NOD32. I have been using this AV without issue for about 14 months now and am currently using NOD32 B4. However tonight, I noticed a problem. The specific issue is that applications will now take about 30+ seconds to load. In fact, IE is now taking about 60 seconds to load but will load a little faster after being loaded once. And, I am having slow shutdowns and startups. The only actions that I have taken lately regarding NOD32 were to update the definitions. The only other actions that I have taken lately were to update my operating system (WinXP SP1) to the latest Critical Updates. In fact, if this helps, I have to admit, that I only noticed the problems AFTER I did the last updates today (19-Apr-2003) to Windows form the Microsoft Update site.

    My System Configuration:
    Windows XP SP1 with all latest Critical Updates and Patches
    Gigabyte GA-7DX Motherboard, all latest drivers and BIOS
    AMD 1200MHz Athlon
    512 MB 266MHz DDR Ram
    Outpost V2 Firewall
    TDS-3 Anti-Trojan (only used on-demand)
    MS Office 2000 with all latest Updates and Patches
    NOD32 B4 Anti-Virus
    PGP 8.0.2 (no encrypted disks)
    FAT32 File System

    I tried several things to see if I could isolate the cause or possible interaction with another application:

    1. Disabled Outpost and stopped the service - NO CHANGE

    2. Uninstalled NOD32, cleaned registry and file system, and re-installed NOD32 with a fresh download of B4 - NO CHANGE

    3. Disabled AMON - this fixed the problem consistently.

    I am not sure why this is the case. But, disabling AMON seems to fix all problems with slow login, application loading, and shutdown. Now, I am not the kind to jump ship at the first sign of trouble and I am perfectly willing to provide any information or logs that might be required to solve this problem. However, I consider an Anti-Virus one of the two most important pieces of software on my PC along with the firewall. And, there must be some sort of active protection. So, I am hoping that whatever is happening, we can arrive at solution fairly easily as I like NOD very much and would really really hate to change now. So, please let me know what other information you need and I will provide it. I am even willing to install a special diagnostic version of NOD if one exists. I have exported about 800K of information from TaskInfo2003 that I would be willing to send to ESET if it would be helpful. What is strange is that I used TaskInfo to monitor NOD32 and see if excessive CPU or memory usage might be involved. But, I saw nothing to that effect. All that I know is that disabling AMON fixes everything and applications load quickly again. Again, I want to emphasize that I only noticed this after the doing the latest updates to Windows XP SP1. For reference, those updates were:

    815485: Recommended Update
    811493: Security Update (Windows XP)
    Q817287: Critical Update (Catalog Database Corruption in Microsoft Windows)

    Thank you for your attention to this matter.

    Best Regards,
    David
  18. Tinribs
    Offline

    Tinribs Registered Member

  19. Blackcat
    Offline

    Blackcat Registered Member

  20. DavidH
    Offline

    DavidH Registered Member

    Tinribs,

    You are a lifesaver. I had no idea that a thread had already been posted on the subject and I looked. I just did not associate the thread title of the thread you provided with my specific issue. I thought this was the thread in which to post. Blackcat, thanks for trying to help too. Perhaps you need to learn to type faster. :p Just kidding.

    I removed the update and it worked. Now, I know that everything that Microsoft does is not candy and roses, but I hardly think that they make Critical Updates just for fun. The update that interfered with NOD32 must have some utility.

    So my question is: Will ESET find a way to make NOD32 work with that update.

    Perhaps we users cannot adequately answer that question, but maybe ESET can. And, maybe I did not read that thread well enough. Any ideas?

    And, THANKS AGAIN......I really appreciate the help. :)
  21. spy1
    Offline

    spy1 Registered Member

    David - Do have NVidia drivers? Did you update them? Pete
  22. Technodrome
    Offline

    Technodrome Security Expert

    As I said earlier, NOD32 has nothing to do with this. It slowed down my system without NOD32 being installed.

    So this is Microsoft’s matter and they should address it.



    Technodrome
  23. DavidH
    Offline

    DavidH Registered Member

    spy1,

    Yes, I do have NVidia drivers for my video card and they are updated to the most recent version.

    Technodrome,

    I understand and agree that this may not be an ESET issue. And I am unsure why, but my experience was different than yours. I did not notice any slowdown just due to the update. As long as AMON was disabled, the rest of the system seemed to operate just fine. Anyway, the problem is fixed now and I am satisfied with the solution.
  24. MegaHertz
    Offline

    MegaHertz Registered Member

    David,

    Here is a blurp... from windows-help.net

    • April 23, 2003 •

    Microsoft Kernel Patch Slowing Down Windows XP Systems
    Microsoft is said to be looking into problems that some people have reported after installing a security patch that was issued last week. The patch - which was designed to stave off a buffer overrun that could allow attackers to elevate privilege permissions on users' machines - ended up slowing some users' systems to a crawl.

    It seems that disabling your antivirus auto protect feature fixes the problem, but this work-around means that you patch one hole (the kernel) and opening up another (no auto-protect AV scanning). People have reported that this happens with Norton, McAfee and EZtrust Antivirus.

    If you are having slowdown problems, you can also remove the patch for now, it is listed in Add or Remove Programs and called Windows XP Hotfix (SP2) Q811493. Hopefully Microsoft will fix the patch sooner rather than later. When you remove the 811493 patch, you could be prompted that the removal will cause the 814995 patch not to function, this is a flase "alarm", just uninstall 811493.

    In some cases the patch will not be listed under Add or Remove Programs. In that case, system administrators can use the Spunist.exe utility to remove this patch. Spuninst.exe is in the %Windir%\$NTUninstallQ811493$\Spuninst folder, and it supports the following Setup switches:

    * /?: Display the list of installation switches.
    * /u: Use unattended mode.
    * /f: Force other programs to quit when the computer shuts down.
    * /z: Do not restart when installation is complete.
    * /q: Use Quiet mode (no user interaction).

    Lets hope that Microsoft gets this patch fixed ASAP.
  25. DavidH
    Offline

    DavidH Registered Member

    Hi MegaHertz,

    Thanks very much for the supplemental information. It is reassuring to know that NOD32 was not the only AV affected. I did remove the patch after the initial response by Tinribs. Everything has been working fine since then. I do Microsoft gets it together and fixes this problem as it is a pain to be sure to skip that update everytime I use Windows Update. Anyway, I understand the issue and besides, "I am NOT giving up NOD32". That is for sure. :)

    Have a good day. :)
Thread Status:
Not open for further replies.