NOD32 Recommended Settings/AH

Discussion in 'NOD32 version 2 Forum' started by phasechange, Dec 17, 2004.

Thread Status:
Not open for further replies.
  1. phasechange

    phasechange Registered Member

    Joined:
    Aug 10, 2004
    Posts:
    359
    Location:
    Edinburgh
    Hi!

    I just did a deep scan and found a .jar with multiple infections, so I thought maybe the default settings aren't good enough. So I came on here to ask "Should I turn on Advanced Heuristics?"

    In fact I have a follow up questions as AH can lead to false positives does NOD32 say, "blah found by AH but not H" so that you can decide how to treat the message?

    Should I apply the settings from the "Extra settings for Nod32" thread?

    Thanks,
    Fairy
     
    phasechange, Dec 17, 2004
    #1
  2. phaedrus

    phaedrus Registered Member

    Joined:
    Aug 18, 2002
    Posts:
    95
    Yes.

    Trev.
    ____________________
    Useful Links:
    Anti-virus:
    NOD32 Anti-virus ... Avast Anti-virus (Free) ... AVG Anti-virus (Free) ... Housecall (Online Scan)
    Firewall:
    LooknStop Firewall ... Sygate Personal Firewall (Free)
    Anti-trojan:
    TDS-3 ... Trojan Hunter ... A² (Personal & Free) ... BOClean
    Anti-Spyware:
    AdAware SE ... Spybot S&D 1.3 ... HijackThis! ... SpywareBlaster ... DialerWatcher
    Misc:
    System Safety Monitor ... Proxomitron ... Firefox ... SysMetrix ... Rainlender
     
    phaedrus, Dec 17, 2004
    #2
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    Since AMON, the on-access scanner, does not scan within archives in real time, it wasn't intercepted before. On the other hand, if it came from the Internet, IMON would have blocked it because it scans within archives. At any rate, unless files are in archives, they are not dangerous.
     
    Marcos, Dec 17, 2004
    #3
  4. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    I am a Nod32 Reseller and have been for quite some time now (over 2 ½ years). We always tweak Nod32 to the absolute maximum for every customer.

    I am yet to see a false positive with Nod32 using Advanced Heuristics, though it will occur at some time during the future due to the nature of AH's. A new virus detected by AH will be seen as a “Probable NewHeur_PE virus found”, and in such a case we advise to do the following:

    1. Place a tick in the Quarantine check-box.

    2. Select Delete.

    3. Send the Quarantined file to Eset: samples@nod32.com This file can be found here:

    C drive

    Program files.

    Eset.

    Infected.


    Hope this helps...

    Cheers :D
     
    Blackspear, Dec 17, 2004
    #4
  5. phasechange

    phasechange Registered Member

    Joined:
    Aug 10, 2004
    Posts:
    359
    Location:
    Edinburgh
    thanks to you all :)
     
    phasechange, Dec 17, 2004
    #5
  6. redwolfe_98

    redwolfe_98 Registered Member

    Joined:
    Feb 14, 2002
    Posts:
    582
    Location:
    South Carolina, USA
    redwolfe_98, Dec 17, 2004
    #6
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...