Shell Power for NOD32 2.0

Did you do a copy and paste of the password, or type it manually?

I suggest the former. Also, an accidental space at the beginning or at the end of what you copied could already cause trouble (as I've found myself...)

 

IMPORTANT NOTE: The latest version of the virus definition database must be downloaded immediately after the installation has been completed to ensure the highest detection capabilities of the system.
The username/password for NOD32 version 1 is valid also for version 2.

SUCCESS!!!!! Thanks to Mr Wilders and Mr Klein!!!

Now does this note above mean there is something else I need to download? You guys are great and I feel very fortunate to have found this site!!!

 

Just installed this shell extension, and I cannot log on to the eset server for updates, anyone else have this problem?

I get the message [move][glow=red,2,300]server connection failure[/glow][/move]

 

[move]
Disregard previous post have located and fixed the problem[/move]

 

Is this shell extension (and more properly, the "/ah" parameter in general) no longer needed, now that NOD32 2.0 has a "/heurdeep" command line parameter, and also the capability to enable "deep heuristic" right within the interface?

The "/ah" parm isn't documented, so far as I can tell. My guess is that "/heurdeep" replaced it.

 

/ah isn't yet documented but that's the new advanced heuristic option in NOD version 2. Previously NOD 1 only had the Safe, Standard and Deep Heuristics sensitivity levels. Those are still available in NOD 2, but Advanced Heuristics is, well, advanced.

 

Just so this is clear to me...

Would someone kindly confirm that:

• deep heuristics is not the same (as thorough?) as advanced heuristics (/ah)?
• advanced heuristics is typically available only as an on-demand activity, using Paolo Monti's shell extension?
• /ah is not available (for whatever reason) as an option during NOD32's continuous on-access activity?
• /ah as a constant on-access option is unfavorable because of the slowdown likely to be experienced, regardless of OS or environment?

Many thanks
Optigrab

 

Many, many thanks LWM, you've cleared things up for me nicely! My only follow-up comment:

It seems that various comments that praise NOD32's advanced heuristics capabilities (sometimes as a counterpoint to NOD32's supposed 'weaknesses') really imply careful use by the user. Users relying on the on-access scanner alone -deep heuristics or not- are not taking advantage of this lauded strength of NOD32. One must continue to rely on the 'safe hex' habit of on-demand scanning consistently.

I apologize if I'm very late to the party with this observation. I installed the /ah shell option quite a while ago, but apparently didn't fully understand the importance of relying on it.

Thanks again
Optigrab

 

I really hope those comments aren't accurate. A user should not have to use undocumented and difficult-to-use tricks in order to get good performance from his anti-virus software.

 

Hi Nameless,

I didn't mean to imply that a user wouldn’t get "good" performance out of NOD32 with regular heuristics. I'm not qualified to make such a statement and my impression from lurking here at Wilders is that users (like myself) feel they are protected with NOD32's on-access scanning.

What I did mean is that I've read many instances of NOD32 fans touting its advanced heuristics as a particular strength that sets it apart from other fine AV's. A NOD32 user must be aware that this advantage applies to their situation only if they consistently rely on 'on-demand' scanning with advanced heuristics.

The expert who believes that "safe hex" practices should be maintained regardless of how good the AV is, probably wouldn't consider this surprising or an inconvenience.

Regards,
Optigrab

P.S. I made a mistake in the post that you quoted. I meant to say:

 

I can't imagine NOT using advanced heuristics nor can I imagine not practicing safe computing. In fact, without advanced heuristics, I don't know if I would have NOD32 any longer as I do not use IMON as it is redundant and unnecessary, but I do use advanced heuristics and it is absolutely necessary IMO. I NEVER, EVER open a downloaded file or an email attachment without first saving it to disk and then scanning it via advanced heuristics. This is safe computing and should always be practiced by all users.

IMON causes, as all av email scanning programs do, a lot of problems. My ISP, Road Runner, asks that we turn off all email scanning as does Microsoft recommendations for Outlook Express. AV scanning of OE mail is the number one breaker of OE. Just save those attachments to disk and scan via advanced heuristics before opening. Much better for the health of your email program.

 

Advanced heuristics are that powerful? Good to know!

I also don't run IMON. I run Apache 2 on my WinXP system, and I've found that running IMON makes images fail to deliver properly from Apache (even if I try browsing locally). Users see lots of those lovely red Xs, and constantly have to refresh the page. That sucks.

Getting back on topic... I, for one, really hope that AH is built into the interface sometime soon. I hate having to use a command line or shell extension to invoke it. For one thing, when you use the command line, you override all other profile settings. And since not all options are configurable with command line options, you end up having to take the defaults on certain things. That sucks, too!

 

Well, just for the record, I have zero probs with IMON & OE

 

I also have not had any problems with IMON & OE.

Putting all of your faith in the advanced heuristics is not wise.
I have used it to scan zipped files, archives, etc and it has not always caught the critters lurking within.


gj

 

And, for the record, I just installed NOD32 2.009, and found the problem with Apache was still there. I then added APACHE.EXE to IMON's exclusion list, and it corrected the problem--even with IMON set to its maximum efficiency setting. (Was the option to exclude applications available in NOD32 2.006?)

 

No, it is with new packet worm filer one of new features in 2.000.9

 

Why does everybody (and also ESET) says IMON is only about checking e-mail?
Every Monday, when I check the Remote Administrator console in my firm I see things like this, broughten buy laptop users:

 

Yes, IMON blocks/logs some exploit attempts too..

That is a (quite) recent addition to IMON. More features are also expected soon.

Best regards,
Anders

 

Just to be clear:

Using this shell adds the Advanced Heuristic on top of the other, pre-defined settings for the Context Menu profile, correct?

In others words, if I add features in the Context menu Profile (e.g. deep heuristics, more items to diagnose - email, archives, etc.) - all that will get added on top of using the advanced heuristic?

When I use it, this definitely appears to be the case. I assume advanced and deep heuristic are separate and additive?

-Adam

 

Is this shell extension relevant to the current NOD32 v2.000.9 release? I see a right-clickable shell context option in Windows Explorer that can run scans on individual or multiple selected files manually. After the scan runs on the selected files, the "Setup" tab shows my default profile settings for "Deep" heuristics as expected.

Am I missing something here? Does this shell extension (dated June 2003 by the way) do something that the current NOD32 release does not?

Thanks in advance,
Spin

 

Hi Spin

The Advanced heuristics shell extension is still applicable to the latest release of NOD32. Please refer to my posts above and particularly LowWaterMark's reply, excerpted here. The shell extension offers "Advanced heuristics", as opposed to the "deep heuristics" setting that you've mentioned.

Regards
Optigrab

 

I found a registry key for Nods32 scanner HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Modules\NOD32\Settings\Config001\Scanner\adv_heur_enable

I changet the value 0 to 1. Am I now using adv.heur as defaul with on-demand- scanning?

Jaska

 

After reading all posts within this thread I've got a question about parameters. Default is /ah /all /shext ... What should be added to scan all kind of files / all types of files including archives, runtime packed files, mail files, mailbox databases, all boot records, memory ...

I want to really scan all things possible using /ah without missing anything.

Thanks