NOD32 2.5 - Comments & opinions

An easy thing to forget. Glad it helped!

 

i will tell everyone the ram usage went up installing this over the regular nod32 ver 2. i had a few issue with getting online (firewall related) at the time and wasn't sure if it was from the new nod or not. i did a full uninstall of the new beta cleaned the reg reboot and then installed the beta freash, and the ram went back down to almost what it was with version2 very very slightly higher not even 1 mb more. so i would advise as others have said to do a fresh install of the beta!!

 

I can't comprehend how an uninstall/reinstall would affect memory usage. I think it probably had to do with the fact that how much memory the various NOD32 components use depends on what they've done, and what they're doing.

 

yeah im not sure on this either but my memory usage went way up doing the install over the old one. doing a clean install actually brought it lower than before with a little time of usage it came down lower. maybe marcos will be better to answer this one

 

Is there any information on how frequently we can expect the statistical information being transmitted to Eset? I just saw my first one in the logs, so I'm curious....

Time Module Event User
3/31/2005 11:17:36 AM Kernel Statistical information has been sent to Eset.


edit: just found the answer in the help... once or twice a day it says...Doh! RTFM!

 

Possible "bug": if a suspicious file is detected in system restore, after every reboot NOD32 askes about a confirmation to send the files, as they could not be sent. No matter what you click, it will always re-ask again. Please check.

Reply:
Couldn't it be that there is a bunch of fishy files in the system restore folder and NOD32 prompts you to confirm a different file each time?

 

I tried a fresh install of NOD32 as suggested to reduce my ram usage...........and it actually went up from 16k to 17k.
Still running fine on computer though. I think it is one of those good old sayings that goes along the lines of "If its running well, leave well alone"
Now.....................If only I ever took that advice.....................

 

Yeah, there are a bunch of files there, but the problem is that even if I select all and do confirm it (or cancel) many times, after next reboot it asks again for the same files. The files were also already approved for sending yesterday, and the PC is connected to the Internet.

http://www.av-comparatives.org/2delete/nod1.GIF
http://www.av-comparatives.org/2delete/nod2.gif

 

Marcos, the 2.5 Beta is running well on my machine which is an IBM ThinkPad T41p, Win XP Pro SP2.

Could you confirm that the Definitions in the Database are different to those we were using previously in 2.1. I presume this is a new set of definitions but would just like to confirm

Dick

 

No, the virus definitions are the same for version 1, 2.0 as well as for 2.5 and all the future versions.

 

the control center is perfectly blank for me

 

hi
Is there a way of viewing the 'Website access blocking' list? (IMON setup - Miscellaneous)
Or even adding extra web sites manually?

thanks, lee

Reply:
It's not possible to view the list nor add other websites. If you know about a website containing a bunch of malware we would appreciate if you could send it to support@eset.com and we'll add it to the black list.

 

Hello people.. I had installed yesterday the new beta of NOD, but some site cannot open in one PC with NOD.. Why?

I don't see any message of virus or similar..

 

https://www.wilderssecurity.com/showthread.php?t=46209

 

I think it might be the site black list introduced in v2.5.
I've also read the thread you opened in Beta Forum. If you'd PM the site to me, I could check if it works with newest definitions for me.

 

sorry cannot post the link.. but the problem for me its nod... i don't see the option for view blacklist... is there any possible to have a lot of istruction how to set it? thanks

 

No, there is no way to set/view it. If that site is benign, you could try mailing ESET to ask about it's status and possibly unblock it.

 

It would be very nice to have an option to choose to add a "scanned by nod" X- header to both outbound and inbound email as an unobtrusive method of flagging that something has happened

It would be very nice to be able to have the X- header configurable, so that when the scanning is done on the originators PC it could default to
X-Scanned-by-sender: NOD32 2.50.2b ; signature v1.1042 (20050331)

The more paranoid among us (incl me) would want to be able to vary the content of course, so that the NOD version should be available as a substitution variable and similarly for the signature version and date
That would make the configuration look something like

Code:

[font=Courier New]Set X- header in scanned outbound email :	Y / N
[/font][font=Courier New]Set X- header in scanned incoming email :	Y / N
[/font][font=Courier New]outbound X- header name :   Scanned-by-sender
outbound X- header value:   NOD32 %v[/font]
[font=Courier New]incoming X- header name :   Scanned-by-receiver
incoming X- header value:   NOD32 %v ; signature v%s (%d)[/font]

I'm more interested in the option being in IMON for the POP3 side of things, it probably applies equally well to EMON

Why bother with this... one obvious thing is that recording full details on what versions of the signature base for emails that we receive it provides simple information about what signatures were involved if things do get through (for when they are later detected)
If someone wants to expose to the world what signature base they currently have on their PC (or mail server) they could do that as well

If this enhancement is considered, its not a whole lot extra programming effort to make it properly configurable and for those of us that look at mail headers we would appreciate it

Edit:
This beta version is working nicely for me with tbird 1.0.2 and the Web Mail extension (0.3.3)
I have NOD monitoring ports 110 and 2110 (the default for the WebMail extension) and it is still downloading hotmail without issues

 

If this mailheader thing is implemented, please make it possible to alter message body as well: messing up the header drives me nuts, but a discreet yet reinforcing line "Scanned By NOD32" on the bottom of mail would be nice

 

Just a few questions.

1. After reading all the posts, I am a bit confused regarding installation. So is it preferred that you perform a complete uninstall prior to installing the new beta?

2. If the general consensus is no to question 1, after I install the beta over the top of my current version, (I am a licensed user by the way) are there any additional configs that need to be changed? I currently use Blackspear's settings so I am curious if I install beta over the top, will it retain my current settings or will I have to re-configure my NOD.

Thanks in advance for any/all replys.

 

Hi Jaguar,

In my situation I had to unistall NOD, because of language incompatibility.You can´t install the beta over your version if they aren´t the same language.
About new settings, I setup the old ones I had with Blackspear´s settings, and set the new ones to maximum protection.

Best Regards,

DonKid.

 

Hi Donkid,

Thanks for the reply. Im still undecided whether or not I should try out the new beta. Im am one that believes in if it's not broke, don't fix it.

Jag

 

It isn't about the existing release version of NOD32 being "broke", or really about fixing anything; it is about product progression.

Basically, if you want to try the nice new features, and don't mind the possibility of running into a few problems, give it a try. If you don't want the risk, then keep your current version indefinitely.

Personally, I am impressed with the new features. And I find the "2.5" version designation to be exactly right. This isn't worth a "3.0", but it's more than "2.12.5".

 

Nameless,

I did not mean to to say that NOD is broke, I was referring to my pc setup. Once I get things tweaked and the way I like it, I tend not to mess around with things. Kind of like how I treat the servers that I admin in a production environment. I am a firm believer in testing things out in a lab environment, prior to installing new programs or adjusting any settings, applying any new AD policies etc.

Maybe I will try it on a vmware session to see what the hype is all about.

Jag

 

That's what I do very often; test software in Virtual PC. Saves an awful lot of headaches, as I'm sure you know. (How many times have I said to myself, "I'm glad I didn't install this crap on my real system!")

With this NOD32 beta, though, I just took an image and installed. Haven't regretted it. I've only encountered very minor issues so far.