[feedback] build 560

Discussion in 'ESET NOD32 Antivirus' started by andy2008, Nov 7, 2007.

Thread Status:
Not open for further replies.
  1. andy2008

    andy2008 Registered Member

    Joined:
    Sep 21, 2007
    Posts:
    33
    I know most people are quick to complain about bugs, but even slower to post feedback when a bug is fixed. Just wanted to say thanks to marcos for passing our feedback along. I can confirm with the new build the following bugs have been fixed for me.

    https://www.wilderssecurity.com/showthread.php?t=190071

    https://www.wilderssecurity.com/showthread.php?t=189952

    https://www.wilderssecurity.com/showthread.php?t=189934

    There is one bug that does still bother me which is:

    https://www.wilderssecurity.com/showthread.php?t=190470

    Is this something which has been replicated? since installing 551 ive not noticed it however it seems as though its still an issue for some.

    Also are there any plans for a way to use v3 with live messenger ? i know people say use the command line scanner but I was under the impression the cls cant do heuristics and offers less protection ?i wouldnt want the on demand scanner to be seperate because that always caused problems for me on my laptop. Integrating the on demand scanner was a good move, but my old AV at least i could point it to the .exe and use messenger to scan files through it. Surely there must be a way?

    Anyway many thanks
     
  2. ASpace

    ASpace Guest


    Completely unnecessary . No need to do a second stupid scan . If it is already on the drive , it has already been scanned by the web-protection (because the traffic which Windows LM uses is HTTP) and by the real-time file system
     
  3. andy2008

    andy2008 Registered Member

    Joined:
    Sep 21, 2007
    Posts:
    33
    true, guess i didnt think of it that way. The thought did cross my mind. Being a developer im always use to visual notification that an action has been performed/carried out. Perhaps the nod32 notfications could be expanded upon to indicate messenger file transfer scanning has been performed ? what i dont understand is i tried sending myself the eicar test file through live messenger and it was allowed to transfer.

    Basically I have 2 internet connections with different isp etc. On one computer i had live messenger running and setup a second account, which i used on another laptop running live messenger on the second internet connection. In effect I was talking to myself on 2 different accounts.

    Anyway as i said nod 32 on the receiving computer didnt pickup the eicar test file through msn messenger o_O
     
  4. rogervernon

    rogervernon Registered Member

    Joined:
    Jul 16, 2006
    Posts:
    289
    All Eicar detected with me except the SSL .txt file!
     
  5. andy2008

    andy2008 Registered Member

    Joined:
    Sep 21, 2007
    Posts:
    33
    yup same here. Im talking about live messenger though.

    Steps to reproduce

    1) setup 2 windows live accounts
    2) Login to one of the windows live accounts
    3) On a seperate pc running NOD32 v3 run windows live messenger and sign in with the second account
    4)On the first computer add to contacts in live messenger the second account(which is running in messenger on the pc which has NOD32v3)
    5)Sownload the eicar test file on the pc which isnt running NOD32
    6)Initiate a file transfer from the first computer to the second computer by opening up a chat window between the 2 accounts
    7)Watch as the Eicar test file succesfully transfers to the computer running NOD32v3

    I accept that everything should be scanned as the file transer is nothing more than web traffic, but its not. Now what if its not the eicar test file ? what if someone sends you a file through live messenger which isnt as harmless as the eicar test file ?

    In nod32 v3 i could configure the on demand scanner to do a pass over on the file, all there is in verison 3 is the ecls which as far as i know does not provide substantial protection.

    See the problem here ?
     
  6. nodyforever

    nodyforever Registered Member

    Joined:
    Oct 30, 2007
    Posts:
    549
    Location:
    PT / Lisbon

    Test ssl eicar:

    to me it passed that I am to one in SSL others 3 they did not pass


    The tests only pass if I will do scan to each filing cabinet


    It does not detect automatically
     
  7. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    The setup needs a bit of cleaning up...

    Setup - POP3 - Email clients

    Firefox gets listed in here automatically, but the software doesn't detect Outlook and you need to add in Outlook, or possibly for that matter any email client. It would be nice that all email clients are automatically detected, BECAUSE in the Email Clients window it says:

    If an application is not marked as an email client, email may not be scanned.


    For newbies I think there is the assumption that AV apps work for email protection, and somehow NOD32 needs to automatically detect and add in and mark the POP3 email client/clients on the users PC.

    Now that's really great for the newbies who install this thing, and don't look at the setup, and think it's working for their email client, when it might not be. :rolleyes:

    Also under the Web browsers section after I added in Outlook for my POP3 client it gets automatically added into the "Web Browsers" section, hehe. :blink:

    A little fixing of these issues would be nice, no more browsers in the email section, and no more email clients in the browsers section, and email clients getting automatically detected and added...

    PEACE & Thanks for the listen ;)
     
  8. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,741
    Location:
    New York City
    I agree. Currrently you have to open Thunderbird or Outlook after installing NOD32 for NOD32 to list them as email application. I believe the same situation exists for web browsers. As you stated, this should be done automatically.
     
  9. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825

    YEAH an agreement. :thumb:

    Also making sure apps that aren't suppose to be aren't being listed automatically in the wrong sections too. I mean what's with firefox doing in the email clients? LOL.... :blink:
     
  10. Zarra

    Zarra Registered Member

    Joined:
    May 6, 2007
    Posts:
    21
    Location:
    US
    You guys have my attention on this. Where is Outlook located so I can add this to my email client list? I have 3 computers but only have the new Nod32 version installed on one computer (the gene pig) using XP, Outlook 2000 and IE7. I tried doing a search in windows explorer but had no luck.
     
  11. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    Look for Microsoft Office under Program Files. Here is the path for Office 2007:

    http://img219.imageshack.us/img219/4163/77349990ac8.jpg
     
  12. Zarra

    Zarra Registered Member

    Joined:
    May 6, 2007
    Posts:
    21
    Location:
    US
    Thank you. I can find Outlook (2003) on my Vista laptop but I can not find it on my XP desktop. Maybe this is a hint to upgrade Microsoft Office to a newer version. Anyways it has to be there so I'm going to find it.

    Edit: I found it. There is so much stuff under Office that I was able to find it after changing the view from icons to detail.
     
    Last edited: Nov 7, 2007
  13. poutine

    poutine Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    371
    Location:
    England or Quebec
    The integration in Outlook Express needs a complete overhaul, its truly horrible, my sent mail now doesnt show any account details, the NOD32 icon sometimes doesnt even load into O.E , i think actually the whole thing doesnt load into O.E occassionally. When i close O.E it hangs for a few seconds... its a mess really, couldnt be much worse.
     
    Last edited: Nov 8, 2007
  14. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    Glad you found it, all Office versions use the path:

    C:\Program Files\Microsoft Office
     
  15. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    I wouldn't use Outlook Express, you're better off using Thunderbird, it's better and more secure. :D

    http://www.mozilla.com/en-US/thunderbird/
     
  16. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    More programs keep adding themselves into the Email section even though I have picked my email client. :(

    http://img260.imageshack.us/img260/4189/43496015be7.png

    Firefox was the only application there when I first opened up the Setup, after I picked Outlook, later IE, and Autounpack were automatically added in, this is really goofy. o_O
     
  17. poutine

    poutine Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    371
    Location:
    England or Quebec
    That may well be the case, but the least it should do is work properly within Outlook Express. It doesnt. :(
     
  18. remargon

    remargon Registered Member

    Joined:
    Sep 20, 2006
    Posts:
    10
    Hi,

    I'm using ESET Smart Security (RC1) and tried to do this steps. With Web Access Protection enabled the eicar was detected imediatelly. However I was far away: disabled the Web Access Protection (to simulate a "possible" bypass) and tried to configure the scan with ecls in MSN settings. Without parameters ecls doesn't clean nothing, and even create a log!!! And is not possible to add parameters in MSN settings for scan (only the path for the executable is accepted).

    I'm assuming the Web Access Protection in your machine could let the eicar be transmitted trought MSN because you are using default settings. As I've done some modifications in mine settings, this may turned my real-time protection more efficient. But I really wanna know if there is another way to set ecls to scan received files from MSN (and others). Anyone have some idea?

    Thanks.
     
Thread Status:
Not open for further replies.