NOD32 V2.5 - Early Warning System

For anyone else still wondering after reading this thread (like I was till I realised the main point)

I can only get an entry in my log like the one described elsewhere in this thread if :-

1. I say OK when asked to submit info.

OR

2. I manually change the setting to send the information without further confirmation.

Either way I have been made fully aware that information is going to be communicated and I actively choose to take part in it. In fact I've removed all filters so that if theres a file detected that may help ESET further improve NOD32 then it can be sent regardless of if it is a .doc file or whatever.
Thankyou ESET for your concern for my privacy. I trust you.

 

NOD32 User, I fully agree. After all an AV is like a shield - and who would buy a shield from a blacksmith when he thinks the smith included a hole in it? As for me I lay my truth both in the shield and the smith.
Though I see Izi's point, and it would be nice to see a report, I don't fear that Eset intrudes my privacy.

Regards,
SA

 

Izi - and you believe that shown texts?

Application can shows you "Can I send >this<?" and will send ">this< and that and one credit card as bonus - and user IP is detected by server of course"...

 

For those inquiring about the statistical data transmitted to Eset, here is an example of a statistical package. There's really nothing confidential in the data so we highly recommend that you leave the submission of statistical information enabled, which will help us provide you, our clients, with immediate reaction to the most prevalent threats.

# version=1
# utc_time=2005-04-02 19:46:50
# local_time=2005-04-02 21:46:50 (+0100, Central Europe Standard Time)
# utc_time_from=2005-04-02 18:59:11
# utc_time_to=2005-04-02 19:46:50
# country="Slovakia"
# language="ENGLISH"
# osver=5.1.2600 NT Service Pack 2
# engine=5417
# components=2.50.2
2005-04-02 18: moduleid=4e4f4d41 virus="~OK" count=426
2005-04-02 18: moduleid=484f4d49 virus="~OK" count=1
2005-04-02 19: moduleid=4e4f4d41 virus="@INFECT=inf@TYPE=Trojan@NAME=Win32/TrojanDownloader.Small.NBX@CLN=BAA" count=2
2005-04-02 19: moduleid=4e4f4d41 virus="~OK" count=2202
2005-04-02 19: moduleid=484f4d49 virus="~OK" count=482

 

Thanks Marcos!

Best regards,

izi

 

@Marcos or anyone else

Does the "Early Warning System" also send statical information about infected websites? I just wondering if that is how the "website access blocking" database/list gets updated.

 

Hi, Marcos

May be so.

But that does not stop it sending Information.

I have Suspicious files Never Submit, unchecked


I also have Statistics Enable submission of anonymous statistical Information, unchecked

Which in turn automatically, unchecks Enable Early Warning Sytem.

Yet the Log shows:- Statistcal Information has been sent to Eset.

No real big deal to me, but what is meant to be optional is plainly not working on my system. [please test on yours to see]

The only worry is the personal Information it might be sending, because it is not doing as you say it should be.

Take Care,
TheQuest

 

Can someone tell me what 'port' E.W.S. uses
thank you

 

My last two sends of statistical information went via ports 1055/1057 and 1268/1270

Just to add I am completely relaxed about the EWS, which as fas as I am concerned seems entirely beneficial to me as an end user. If I didn't trust Eset, I wouldn't be using NOD32.

 

Hi, Someone or Other.

Could anybody tell me if the new 2.50.7 Beta is still send information when it is meant to be stopped [optional], as in my post above #32.

The reason I ask is because Marcos has not answered my question to Him, so I have had to go back to Build 2.12.3 [no Spying].

Spying may seem a harsh word but if it can not be turn off [optional] as stated what other word to use, may be it is a little Bug, but still a worry that a Bug sends Information that it should not be sending.

Paul says in Post #13 by definition it is not spyware because of the opt out option and can be disabled, well it could not be disabled.

No Insult meant to you Paul.

Take Care,
TheQuest

 

The answer can be found in NOD32's help file:

Note:

After disabling Early Warning System, the files that have already been confirmed for submission may still be submitted at a later time.

This regards statistical packages as well.

 

Hi, Marcos

Thank you for your quick reply this time.

But it sent information every time it did an update, why was it sending data [information] every time, from your quote above it should send the data once after disabling.

Or am I misunderstanding something somewhere.

Take Care,
TheQuest

 

No, the data is never sent all at once if there is a huge amount of collected data.

 

Hi, Marcos

I can not understand how that could happen? because I only Installed a clean OS on the 15_2_05. what could it possiblely be collecting.

And I also have a 2.2Mbps connection so the data [out] should go once, am I wrong.

I will try the latest beta when I get back to my own system.

Take Care,
TheQuest

 

Hi, Marcos

You edited your post from:-

To:-

Any reason.

Take Care,
TheQuest

 

Hi, Marcos

Have it sorted now with 2.50.7 Beta, the opt out option are now working.

Thank you very much once again for your time.

Take Care,
TheQuest

 

Once again, a question from those of us with lots of users scattered all over the place...

During the upgrade from 2.12.x to 2.5.x, is there a way to suppress the opening questions about the Early Warning System? I really don't want my users to have to figure out how to answer these. I know that once they're updated and reboot, the first pull of the XML file will set things the way I want them, but I don't want them to have to click on anything when it first comes up.

I can accomplish this by pushing a registry file down prior to the upgrade, but it would be preferable to have the upgrade read the new version of the XML mirror file (with my preferred settings) during the upgrade process.

 

As many said before, ThreatSense.net isn't a spyware or something like that.
Look at the help files, I found the following:

Example of file information submitted

# utc_time=2005-04-14 07:21:28
# country="Slovakia"
# language="ENGLISH"
# osver=5.1.2600 NT
# engine=5417
# components=2.50.2
# moduleid=0x4e4f4d41
# filesize=28368
# filename=C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C14J8NS7\rdgFR1463[1].exe

 

Ops, sorry, I didn't realized that Marcos posted this info before

 

I like to see for every sent data to ESET in my Logs. I turn off ThreatSense.net.