After a NOD32 scan is there a way to view only the threats...

Discussion in 'NOD32 version 2 Forum' started by HandsOff, Jul 26, 2006.

Thread Status:
Not open for further replies.
  1. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    ...and not the warnings.

    I just did an in depth scan of all my partitions and 4 threats were detected, and though I went through the log for quite some time I could only find three of them. If all of the warnings were not there I could find the missing one easily. In this case I had about 600 screens of warnings with pretty near 50 lines per screen. So I was looking for one red entry in a field of 30,000 entries.

    The warnings are do to the fact that I have a lot of encrypted archives. However I have a lot of unencrypted archives as well, and they are intermingled.

    ---

    As an aside about how encrypted archives are check, what happens (it seems) is that the checker tries to expand them without the password and WinRAR reports that the CRC's don't match. Unfortunately if an archive has 500 components it will persist in trying to expand each component. Maybe that wouldn't happen if I encrypted the file names as well as the file contents. I guess there is one sure way to find out...


    -HandsOff
     
  2. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    I think there is no way to hide those Error opening certain file warnings.
     
  3. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Just click on Logs and select the Threat Log instead of the Scanner Logs the single entry you speak of should be listed there.
     
  4. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    For some reason they are not listed in the threat log. Did I set it wrong? Maybe not, though.

    I can imagine thinking that NOD32 reports its findings as soon as they are found, and thus logging them separately would be a duplication. I don't mind having them listed in the NOD32 activity log, but not being able to list just the threats detected is...

    ...well, I've been pretty civil lately. We are on the same team, but NOD32 moderators should be capable of seeing the difficulty in my situation. I have to look through 30,000 lines for 4 lines. You know, the problem of not designing flexability into something like logs is that there is almost zero chance that you will be able to anticipate every situation faced by users. I think it's fair to say that upgrading this feature would be so simple even Norton could do it (LOL - just kidding Norton). Also, I have no idea how many people silently have wished in silence for this feature. I doubt I'm the only one who would like to see it, but if I am I guess you could just pretend you never saw this thread.


    -HandsOff


    Hey Pykko, did you make you Eye-con (avatar) yourself? It's very good IMHO!
     
  5. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    But what if an infected file is running and blocking access to it? If those blue error messages were filtered out you would never find it out.
     
  7. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    The thing is how many people actually read all the [4] locked files, let alone try to understand what particular file is being locked and why. I know for certain the average user does not ever look at these files, and I think it would be more useful to have an option available of only viewing infected files in a log.

    Cheers :D
     
  8. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Hi Blackspear-


    I think that is what I meant! Since the 30,000 locked files are reported along with the four threats (you call them infected...I call them history (Well, 3 are history...I never did find number four, and did not delete it - I am living on the wild side!)

    But I digress...yes, I want only to see the 3 or 4 infected files! It is nice to have the capability of listing the locked ones, but not if it means having them listed all of the time along with the threats.


    -HandsOff
     
  9. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Or, maybe at the end of a scan have the option to click a button that would only show infected files, so NOD32 goes back through the log and relists only those files.

    Cheers :D
     
  10. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Yes, something like that! I can imagine someone thinking how hard could it be to find red entries among non-red ones...I don't have to repeat the numbers!


    -HandsOff
     
  11. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Probably AMON; DMON; EMON; IMON.
    They usually end up in there when one of those modules catch something.
     
  12. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    -----------------------------------------------------------------
    I am guessing that new features or changes for future versions are based on more than how many people would use them. As I suggested before a change that was relatively easy to impliment might have priority over one that many people want, but which would require a huge amount of coding and testing. I'm also guessing if Eset considered a new feature to be great new capability it might be worked on even if no one requested it. Another factor, possibly, would be modifying a feature that does not seem to be generally well understood by the majority of users.

    In this case:

    - I'm pretty sure there is confusion about the threat log -coverage

    - if the is an innumeration of NOD32 comments, i've not seen the key

    - It seems simple enough to list the threats separately.

    - I suspect that more people would like to see the capability I asked about

    - Since identifying threats is the most fundamental job of the product I doubt anyone could possibly suggest that it is not a significant enhancement of the overall effectiveness of the product.

    Blackspear, I know you said that it has already been requested - I was just re-reading the responses and seeing if I understood everyones points.


    -HandsOff
     
  13. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    That's ok, I have now linked the suggestion to this thread to show discussion on the matter.

    Cheers :D
     
  14. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Thanks Blackspear-


    I wonder if the detected threats have something unique in the wording, as well as being red in color. Then I could save it to a file and do a search. That might work.


    -HandsOff!
     
Thread Status:
Not open for further replies.