%computername% resolution on alert

Discussion in 'NOD32 version 2 Forum' started by b1nary, Aug 3, 2006.

Thread Status:
Not open for further replies.
  1. b1nary

    b1nary Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    6
    quick question,

    i have configured NOD32 and deployed it on a few test PC's via RA and all is sweet. :cool: the problem is I did some test runs using eicar files and nod did intercept them . Now, i have configured for alerts and the like to be sent via SMTP to my email... (i really want to be on the ball with alerts etc) and upon reviewing the email i noticed the entry is:

    4/08/2006 9:30:05 a.m. - IMON - Internet monitor Program Virus Alert triggered on unknown: http://blahblah....

    can anyone provide as to why the name resolution is failing... how is the %computername% being resolved (is it the same as XP environment variable computername or via WINSo_O ) any pointers? As i did open up command prompt typed "echo %computername%" and that threw the PC name i was testing on so the windows variable is fine...

    cheers
     
  2. b1nary

    b1nary Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    6
    bump....anyoneo_O
     
  3. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    Is it in the RAC where you have configured the alert, or on the client PC?
     
  4. b1nary

    b1nary Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    6
    i used the configuration editor of NOD32 to create a custom install where by nod32 on PCs will notify me via email of alerts etc.

    I am wondering why the name is not getting resolved when the email alert is sent from NOD client...
     
  5. alglove

    alglove Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    904
    Location:
    Houston, Texas, USA
    What settings do you have for NOD32 System Tools --> NOD32 System Setup --> Notifications? Include the data in the SMTP section and in the Advanced section.
     
  6. b1nary

    b1nary Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    6
    The default composition of threat message warnings which is:
    %TimeStamp% - %ProgramName% Program Virus Alert triggered on %ComputerName%: %InfectedObject% infected with %VirusName%.

    and other messages is:
    %TimeStamp% - During execution of %ProgramName% on the computer %ComputerName%, the following warning occured: %ErrorDescription%

    SMTP settings are correct I tried changing a variable i.e. NOD32 System Setup -->SETUP, NOTIFICATIONS TAB-->SETUP and clicked on use local Alphabetical characters and applied seetings and then nod prompted to test email notifications and i recieved 2 email one for virus alert and one for alert.

    I will test with eicar and see if this works... will update on this here...

    *EDIT... Still no luck...
    here is what i received in email:
    8/08/2006 8:50:54 a.m. - IMON - Internet monitor Program Virus Alert triggered on unknown: http://www.eicar.org/download/eicar.com.txt infected with Eicar test file.
    8/08/2006 8:51:36 a.m. - AMON - File system monitor Program Virus Alert triggered on unknown: C:\Documents and Settings\Administrator\Desktop\eicar.txt infected with Eicar test file.

    hmmm maybe I will have to ask my reseller about this issue... as i mentioned I have a standalone install of NOD32 on the email server also with NOD32 for KERIO and whenever that one has a trigger I do get the email with %computername% properly resolved...
     
    Last edited: Aug 7, 2006
  7. b1nary

    b1nary Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    6
    :) solved... i just changed computer name restart changed back and it worked....ran eicar test file and works like a charm..my poor test PC must have confused.... :cautious: thanks all.
     
  8. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    Thanks for posting back to let us know you got it fixed :)

    Cheers :)
     
Thread Status:
Not open for further replies.