''In-depth analysis'' feature ?

Hi all,
This is my first time posting here. It's a great site and I've been reading here for some time now before I became a member. I'm a fairly new PC user and more mature in years but I'm enthusiastic and willing and able to learn.

I'm using Nod 32, and thanks to Blackspears extra settings, I had no problems configuring the settings.

I do have a query, however. It concerns the ''In-depth analysis'' feature. When this particular scanner has finished it's business and I enter the Actions, Setup, Profiles area, I find that the default setting still apply though the Nod 32 scanner indicates that the scanner is cleaning. My question is: should I apply the same configuration, i.e. Blackspears, to the In-depth analysis scanner?

Thank you all for the interesting and informative forum that we have here.

Riverrun

 

The in-depth analysis profile uses factory settings that cannot be altered. You can customize other profiles and save them, personally I have never used the in-depth profile.

 

OK Marcus, that settles that. Thanks for the reply.

 

When I got into Indepth scanning, there appears to be a lot of options I can change (just like a regular scan) and these can be saved to the In Depth profile. Is this profile ignored?

T

 

Hi tsher. I'm wondering about the same issue. Is it best to optimse these features in accordance with Blackspear's setting on to leave them as they are? Certainly, when the 'In-depth scan' is finished, the option is there to change them.

River

 

It is the same . It is important to make sure all options are checked so that all optioned are maxed

 

In the past few days Nod 32 has installed a new feature, namely: Update Function: gethostbyname, parameters: , return value: 11001. It seems to act as a pre-downloadmanager, almost. I'm not sure that I like it; sure slows things down!
I guess that it's an added function of the IMON scanner.

I'd like to know a bit more about it, what it's purpose is and how it protects.

These questions are important to me because upon my recommendation we have recently installed Nod 32 on 13 PCs at work.

 

Cheers HiTech!

Will do that now.

 

No ! This indicates that NOD32 was unable to connect to ESET update servers.Error 11001 shows no internet connection.

NOD32 combines all its modules to ensures overall protection . IMON is the internet scanner which scans all HTTP and POP3 traffic (~web and mail~).It works in the early Winsock level protecting you from threats . If something is detected by IMON it will block the connection so that malware will not write itself on the hard drive . You visit malicious site and IMON terminates the connection to it s you are protected

Glad to read

 

OK, this makes sense to me as my internet connection is not always on. Thanks again.

 

I assumed that the ''In-depth analysis" was a complete system scan. I am running it now and it has taken almost 30 minutes so far.

Best,
Jerry

 

Hi Jerry,
Yes it's a complete system scan but with all parameters maxed for best detection rate

 

It's a very effective scanner indeed, much more so than the ordinary one in my, admittedly limited, experience. I found a bunch of stuff on one lady's PC in work the other day and at that stage, I hadn't located Blackspear's settings, so the scanner wasn't even optimised. I'll have to tweak Nod 32 for her a la Blackspear when I go to work on Monday and scan again just in case there are more infections hiding in some poke or corner.

By the way, my firewall is sending me the following persistent message: Someone on address 211.191.232.14 wants to send an ICMP packet to your machine.

Is this a Microsoft update or something more sinister?

It goes on to say that it's a tcpip kernal driver. I understand what the acronym means though that's not much help as it doesn't elucidate the provenance of the TCP and that's what concerns me.

I'm wondering if it's not a security update. So far, I've denied it access in case it's something malicious. Thought I'd check here first.

Cheers all,

River

 

Hi uc-icq,
Thanks for the reply. I was wondering how it differed from scanning the hard drives.

Riverrun,
I can really relate to that. It does very little for me since I do not know what the numbers mean specifically. It is too bad that we are not given more info regarding the applications so that we can make a good decision.

Best,
Jerry

 

Jerry , the "In-depth analysis" scan is the deepest one from all integrated profiles. The difference between it and the "scan local drives" is the the local drives profile does not scan archives,run-time packs,emails and doesn't use advanced heuristics . The deepest scan uses them all

 

Hi HiTech_boy,

Thanks for the clarification. My last scan with that type took about 32 minutes. That is not a problem, but was much longer than the "scan local drives."

FWIW I am really liking the performance of NOD on my machine. Thanks for all the help.
Regards,
Jerry

 

Riverrun,

The server at the IP Address you posted doesn't seem to be willing to divulge very much information so I would keep blocking it if I were you;

"Initiating server query ...
Looking up the domain name for IP: 211.191.232.14
(The domain name for the specified IP address could not be found.)
Connecting to the server on standard HTTP port: 80
No response was received from the machine and port at that IP. The machine may be offline or the connection port may be stealthed.
Query complete."

I suppose there could be an 'innocent' explanation for this but there is no point in taking chances.

 

Good advise Togg. Some friends of mine have since clarified the matter and I've blocked that address for good.

Thank you for your response.

River

 

Hate to dredge up an old thread but......

....it doesn't *appear* as if all the options are the same as Blackspear's settings for the "regular" Control Center Profile.

I noticed, for example, that when I looked at Control Center Profile - In-Depth Analysis, the boxes next to E-mail files and Potentially unsafe applications were not checked. Also, in that same profile under "Actions", all of the items in the dropdown box (e.g. E-mail, Files, Archives) were showing "Prompt for an action". Is this normal or should I change this to conform to Blackspear's settings in the sticky (for the regular Control Center Profile)?

Thanks!

 

Hi prius04, you can not alter the "In Depth" profile, an changes need to be made to other profiles.

Cheers

 

Hi, Blackspear! Still a bit confused......sorry.......but I think that might stem from the fact that, under "NOD32", there is an "In-depth analysis" function and a "Run NOD32" function.

After clicking "Run NOD32" and then the "profiles" tab, there's a profile called "Control Center Profile - In-depth analysis". Is this not the same as the "In-depth analysis" function?

It's strange because I ran an in-depth analysis on my wife's laptop and it sure seemed to follow the defaults for the "Control Center Profile - In-depth analysis" (e.g. it would prompt me for an action when it found something suspicious).

 

It "use" to be that you could not change the default profile of "In-depth analysis", however having tested it again this has now changed

Cheers

 

Uh-Oh! Time to update the Blackspear settings thread!!!