Hotmail in OE.

Discussion in 'NOD32 version 2 Forum' started by Banger696, Dec 20, 2006.

Thread Status:
Not open for further replies.
  1. Banger696

    Banger696 Registered Member

    Joined:
    Sep 6, 2006
    Posts:
    274
    Is there any way to get NOD32 to scan Hotmail accounts in Outlook Express ? I've had to disable mailbox scans on my weekly scans as it causes nod32 to crash out without error so now have a potential weakness in my security.

    Any ideas ?
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    IMON handles all POP3 incoming traffic ;)
     
  3. Banger696

    Banger696 Registered Member

    Joined:
    Sep 6, 2006
    Posts:
    274
    Well Nod32 doesn't tag the Hotmail as scanned. What essentially happened is some adware found its way to my deleted.dbx file in OE hotmail and my weekly scan picked it up. It couldn't clean or delete the message so the weekly scan crashed out.

    I have IMON enabled and it tags POP3 mail but I thought Hotmail works through http ?
     
  4. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    HTTP traffic is also scanned by IMON
     
  5. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
  6. Banger696

    Banger696 Registered Member

    Joined:
    Sep 6, 2006
    Posts:
    274
    Thanks Bubba, no solution in that thread other than AMON will protect if the file is extracted from email so I guess I will have to rely on AMON.

    Incidentally who do I report to the fact that nod32.exe falls over if it finds malware in a dbx file ?
    Cheers
     
  7. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada

    Aren't DBX files a part of Newsgroups in OE? If they are the only way to remove them is to Delete your Newsgroup Account then do a full system scan and they will not be there anymore!

    HTH,

    TH
     
  8. Banger696

    Banger696 Registered Member

    Joined:
    Sep 6, 2006
    Posts:
    274
    Further investigations have shown that the second action for emails (ie take no action) is not being saved in the control centre profile - I'm thinking this is why nod32.exe either asks for input or crashes out. Have sent an email to support @ eset.com hope thats the right place. Be nice if someone from eset could point to this thread for an update.
     
  9. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    No it doesn't, your case is isolated and localized to your particular machine. I have answered your question in the thread of concern.

    Cheers :D
     
  10. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    I use Mozilla Thunderbird to draw in my Hotmail and it is scanned and tagged by IMON.

    Cheers :D
     
  11. Banger696

    Banger696 Registered Member

    Joined:
    Sep 6, 2006
    Posts:
    274
    Re: in-depth analysis

    Further playing with Nod32 reveals that in the Email setting delete is selected and greyed out and cannot be de-selected. The two options are selected are delete and no action o_O
     
  12. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Re: in-depth analysis

    Please post a screenshot.

    Cheers :D
     
  13. Banger696

    Banger696 Registered Member

    Joined:
    Sep 6, 2006
    Posts:
    274
    Re: in-depth analysis

    Unfortunately I've just re-installed and nod32 doesnt seem to be doing it now, I'm sure I re-installed a few weeks ago so will post a screenshot if/when it starts doing it again.
     
  14. Banger696

    Banger696 Registered Member

    Joined:
    Sep 6, 2006
    Posts:
    274
    Re: in-depth analysis

    How does one post a screenshot on here I have a couple now of the correct settings but also the scan is still prompting me with a dialog box to "leave" the file despite "no action" being selected in email and email folders.
     
  15. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,775
    Location:
    Texas
  16. Banger696

    Banger696 Registered Member

    Joined:
    Sep 6, 2006
    Posts:
    274
    Re: in-depth analysis

    Here we go.
     

    Attached Files:

  17. Banger696

    Banger696 Registered Member

    Joined:
    Sep 6, 2006
    Posts:
    274
    Re: in-depth analysis

    And this is what the settings are.
     

    Attached Files:

  18. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Re: in-depth analysis

    This doesn't make sense, as your second screenshot says "No action", you should not be prompted at all.

    The prompt however, if chosen in your setup as to what action you would prefer upon detection, is correct. You can not remove a DBX file in a scan, you have to manually go to the location specified for the infection and delete it that way. As in, in this case, open up Outlook Express and empty your deleted items folder. Any other automated action would result in the total deletion of the DBX file, this is by design of Microsoft, and you would NOT be impressed if NOD32 was to delete your entire Inbox contents upon detection of an infiltration.

    Those setting are correct for email as well as email folders. It is the job of IMON and EMON (dependent upon what email client you are using) to handle email on arrival. A scan through the "On Demand Scanner" is after the fact, and it has its own settings as described above.

    Cheers :D
     
    Last edited: Dec 20, 2006
Thread Status:
Not open for further replies.