Possible Smitfraud fix False Positive ?

Indeed a very minor change and I hope this will be fixed soon!

 

Ok, so OR I have to mail all the registrycleanerbrands (how many are there..??) and tell them not to delete the nod-entry anymore and then hope that they will do so and hope that all users are aware of the problem and will update to the latest version OR Eset could fix it and the problem is away, besides of course the people who don't have an infected-folder and don't know about it and will have problems with it (lost data...) untill the next fresh install of Nod... easy choice I would like to think.

 

A small step for Eset, a giant leap...

 

...for Get.

 

Now there's some arrogance.

 

Ontopic; i had the same problem mentioned here before. Didn't have an infected folder in C:\Program Files\ESET\infected, never noticed untill now and resolved it at the same time ...

 

Have a feeling, that you are one of very many.

 

Have a feeling that there, like back in february, isn't gonna be a response. I surely hope there will be, because otherwise it looks like Eset doesn't mind people losing data and that's hard to swallow. Again: no quarantinefolder -> also false positives down the drain.

 

Glad to say my feeling was wrong. There will be a workaround added for this to the upcoming installers and Macecraft (JV16), and, as I can imagine, others will be asked to add the key to their whitelist.

 

You got what Get wanted.

 

Yes, that's nice for a change, isn't it?

 

Why not simply create the "infected" directory manually? You don't need to uninstall/reinstall/quarantine at all.

It isn't a bug in NOD32. It's what you get when you run registry cleaners. And it's very easily worked around: Create the directory manually if it doesn't exist, if you use registry cleaners.

 

Great, a software installer that demands manual interference afterwards?

FYI: I'm a very happy Nod user (for years), but to act as a fanboy by stating, like you do, that nothing is wrong with the Nod installer and blaming registry cleaning software for this one, is not my idea of serious support. Read this topic and you should know better.

It makes no sense to argue for days and days bout who's to blame. Especially not when a minor change to the installer can help solving the problem.

 

It doesn't demand manual interference. There is only a problem when you run a registry cleaner.

While I'm glad to see that I'm not the touchiest person here anymore, calling me a "fanboy" of NOD32 is very funny, as anyone who has read many of my posts can attest. Anyway, in this case as always, I was simply stating my opinion.

Whatever. I do agree that the directory should be created upon install and whenever the quarantine directory location is changed in NOD32's settings. (I happen to use a non-default directory name, since calling it "infected" doesn't make much sense to me.) So it isn't just the installer that would need to be changed, it's the program itself.

By the way, some "cleanup" utilities detect and delete empty directories. So if your request is addressed, and NOD32 creates an empty quarantine directory upon install (and, as I've added, whenever the applicable setting is changed), someone else will come around, complaining that their "empty folder cleanup utility" found an empty directory. "Why does this empty-folder bug exist in NOD32? I demand a fix!" Then, I guess they'll have to add a 0-byte file to the empty quarantine directory, to prevent those oh-so-helpful "cleanup" utilities from detecting the empty quarantine directory. Then, someone else will run another "cleanup" utility that detects and deletes 0-byte files (and such utilities do exist).

And so on.

 

Ok, "bug" fix: the installer should create an Infected folder, in which a dummy should be placed.

 

When you would've taken the trouble of reading everything, you would have known that I did just that and it doesn't work... ( https://www.wilderssecurity.com/showthread.php?t=119178 (post 12) ..."and also i've made a folder named "infected" in the esetfolder, but it didn't help"...).

Are you seriously comparing this with detecting/deleting a registryentrie that points to a non-existing item?

 

It is too bad that I didn't spend the time it would have taken to go through all these threads, because if I had, I could have already told you that all you had to do was go to NOD32 System Setup, and then the Advanced tab, and re-specify the quarantine directory. This would have recreated the QuarantineDirectory value in the registry, under HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Common, and the quarantine function would have worked fine again.

Besides, when I said "Why not simply create the "infected" directory manually?", I was not explaining how to fix your problem; I was giving it as advice to serve as a much-easier alternative to uninstalling/reinstalling NOD32, for people who hadn't already deleted some of NOD32's registry values accidentally.

Yes, because it's the same exact type of issue.

I doubt that anyone can tell me what the problem is with having the quarantine directory specified in the registry, but not existing on disk, aside from the chance that you will delete the QuarantineDirectory value with a registry cleaner.

 

So please let me summarize my advice on this whole issue, from a user perspective. I am not stating a political position here; I am just giving advice on how to deal with the way NOD32 and its installer now behaves.

If you are not having quarantine issues related to having deleted a NOD32 registry value with a registry cleaner:

Create an empty quarantine directory, to prevent registry cleaners from finding the QuarantineDirectory value under HKLM\SOFTWARE\Eset\Nod\CurrentVersion\Common, which does not point to an existing directory by default. To do this, click Start, then Run, and issue the command:

Code:

cmd /c mkdir "C:\Program Files\Eset\infected"

The command above assumes that you kept the default quarantine directory. If you chose a different directory for NOD32 and/or the NOD32 quarantine (as I did), just replace "C:\Program Files\Eset\infected" with the correct string. For me, the command would be:

Code:

cmd /c mkdir "C:\Program Files\NOD32\Quarantine"

If the quarantine directory already exists, the command above will do nothing at all.

If you are having quarantine issues related to having deleted a NOD32 registry value with a registry cleaner:

1. Create an empty quarantine directory as specified above.

2. Open the NOD32 Control Center, and select NOD32 System Tools > NOD32 System Setup. Click the Setup button, and then the Advanced tab. If the Quarantine folder text box shows the correct string for the actual quarantine directory you created above, just click OK and you are done. If needed, enter the correct quarantine directory string, or of course, navigate to it so that it becomes automatically populated.

Either way, click OK on the Setup dialog when you are done--and not Cancel.

After that, the QuarantineDirectory registry value should exist under HKLM\SOFTWARE\Eset\Nod\CurrentVersion\Common, and it will be pointing to an existing directory. (If the QuarantineDirectory doesn't exist, you probably clicked Cancel instead of OK in the step above.) The NOD32 quarantine function should work again at this point as well. To verify this, you can manually quarantine a file using the Add button under NOD32 System Tools > Quarantine.

I hope this helps.

 

By the way, I will say that it's pretty far from ideal that NOD32 does not automatically create a quarantine directory and registry value when it needs to. This really is not a difficult problem to deal with... "Oh no, the QuarantineDirectory value is missing! Hey wait, I'll just create a directory named "infected" under my install directory, and then create a QuarantineDirectory value, and point it to that directory!"

 

2 threads to be specific where it was discussed at lenght and at the time of "Nod amused" 1 thread.

Which is always welcome of course.

 

No! Really?

 

@Nameless Then NOD should only be used by advanced users? It shouldn't be that difficult.

 

And how many posts? Never mind...

Is there some call for sarcasm that I may not have picked up on? The nastiness can stop NOW.

No, absolutely not. On the contrary, registry cleaners should only be used by advanced users, and clearly, that isn't the case. Or is this whole issue related to something other than the use of registry cleaners?

We're talking about a self-imposed problem, that occurs after someone carelessly deletes a NOD32 registry setting while using a registry cleaner. The advice I gave was very, very simple. It boils down to only two things: Create a quarantine folder, and go into NOD32's options and click OK after verifying/setting the quarantine folder.

If you're advanced enough to use registry cleaners, you don't even need this advice. There is an object lesson in all of this.

 

Try to be the first to stop, as this is terrible, just sit back and wait for a proper reaction/solution from Eset. I think it's about time for that by now, knowing that Nod32 users experience this problem as a nasty problem.

 

I disagree, sorry. And fyi NOD is getting it solved.