Preliminary questions about NOD32.

Discussion in 'NOD32 version 2 Forum' started by Terry Sleeper, May 4, 2007.

Thread Status:
Not open for further replies.
  1. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    Greetings from Manchester, UK.

    I am currently running the 30-day trial edition of NOD32. I have a few questions that experienced users may be able to answer:

    1. Is NOD32, which is described as a AV program, as good at dealing with malware as it is with viruses? If I buy a licence for NOD32 should I ditch my beloved Spyware Doctor? Would NOD32 render the latter superfluous?

    2. What do the following terms mean (they occur during scanning):
    - "Error occurred while scanning active boot sector of the 1. physical disk";
    - "Error opening [File locked] [4]"
    Etc., etc. Are these messages normal?

    3. Running a scan in Safe Mode appears to disable certain NOD32 features - anti-stealth initialization, access to the Control Centre. Is this normal?

    I apologise if these questions appear very basic, but I've only ever been used to using a very basic AV program (AVG).

    Thanks.

    Terry.
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    1. NOD32 is good enough in itself, but it doesnt hurt to have additional scanners.

    2. Yes those messages can be normal. see here regarding the first one, and this explains teh second.

    3. Yes thats normal too.
     
  3. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    I am grateful for your fast reply.

    It will stop me worrying (for now).

    Seriously -thanks.

    Terry.
     
  4. nonmirecordo

    nonmirecordo Registered Member

    Joined:
    Jul 19, 2004
    Posts:
    145
    Location:
    Cambridgeshire, UK
    Hi Terry

    You're not that far from me (Cambridgeshire) and I can put your mind at rest regarding NOD.

    I've been using NOD for over six years with no problems. Once you've got it set up to your liking (check Blackspear's extra settings sticky) you can just let it get on with it.
     
  5. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    Thank you for your kind words.

    No doubt I will be posting other questions during the next month (and after). Any other advice you or any other experienced NOD32-ers may give will be most welcome, believe me!

    I must say that I was pleasantly surprised at how relatively easy it was to configure the program after installation. The horror stories in the various reviews of NOD32 do do the program an injustice. The WSF tutorial is excellent.

    Also, it is surprising how few people have even heard of NOD32 (compared to, say, Kaspersky). I only chanced on it via a posting on the AUMHA Forums in respect of a query I had re a "cleaning-up" job.

    One thing I DO like about NOD32 already is that, compared to (say) Kaspersky, it does not seem to "clamp down" on every program that you try to download on to your computer. My preliminary researches on the Net re a really "class" AV showed that these 2 programs are very often bracketed together in respect of cost, performance, efficiency, etc. I did try Kaspersky for a few weeks, but it drove me crazy - it was always wanting to "clamp down" on anything that wasn't Kaspersky! It seemed to particularly detest any other security program of any hue. Yet it has such a loyal following among "tecchies" and others. I do wonder why. So what do I know?

    Thanks again.

    Terry.
     
  6. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    the best advice I can think of is that you MUST take the time to setup nod32 as per the "extra settings" thread:

    https://www.wilderssecurity.com/showthread.php?t=37509

    this will max out your protection, and give you a better understanding of how/what nod32 is doing.

    Regarding the kasperksy thing... I think it's a marketing thing! ;)
     
  7. rogervernon

    rogervernon Registered Member

    Joined:
    Jul 16, 2006
    Posts:
    289
    There is no other tutorial on any computing subject which is more clearly explained or so well laid out than Blackspear's posting regarding setting up NOD32 for optimal protection. Brilliant.
    I always employ the automated method, using the MS DOS batch file posted on these forums.
    It save so much time that it's a pity, in a way, that it is not part of the original download from Eset!
    http://www.cosgan.de/images/more/./bigs/a025.gif
     
  8. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    Thanks to both you guys - I did indeed follow the advice you outlined and, so far, all appears to be going sweetly.

    I am obliged to you for your advice.

    Terry.
     
  9. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    13 days into the 30-day trial period with NOD32 and I have another preliminary question.

    Do any NOD32 users find that additional scanners they may be using pick up bits and pieces of gunk which NOD32 appears to miss? NOD32 has not found anything to remove since I initially ran it, yet my trusty old Spyware Doctor program keeps finding items which it does not like.

    Is this normal?

    Terry.
     
  10. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Please list them, it may simply be cookies which are harmless text files.

    Cheers :D
     
  11. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    Thanks - I will when I next run SD.

    Are you saying that this is a milder version of the "hard sell" scam whereby a program prompts the hapless customer to purchase it by "finding" so-called "nasties" that other programs have not? Or is this just a function of the way that SD works - i.e. it prompts the removal of harmless cookies? (I note that, in this respect, another program, Ad-Aware, is best configured NOT to remove what that program calls "negligle objects").

    Incidentally, why is NOD32 now telling me that my 30-day trial period is up? I have only had it installed since 1st May!! Some mistake, surely . . . .

    Terry.
     
  12. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    We'll need to wait and see what it is flagging.


    No those really are scams, to me this is simply you not understanding what the program is flagging.


    Spot on.


    This message appears when you have not entered the Username and Password that has been provided into the correct area, in which case NOD32 reverts to a Trial version and advises of such.

    Trial Version conversion to FULL version

    Cheers :D
     
  13. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    I have upgraded to the full version (1 year licence).

    Just for info.

    T.
     
  14. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    This is odd:

    (i) Windows is driving me nuts advising that "ESET NOD32 is out of date" (which it isn't - see below);

    (ii) the NOD32 Control Centre is advising that the program was last updated on 14/09/07. This should, of course, be 14/05/07. Is this a common error after installing the full paid program?

    Are the two above connected?

    Terry.
     
  15. ASpace

    ASpace Guest

    Check your system data/clock
     
  16. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    Thank you for that - I am a fool!

    Date changed and Windows warning stopped.

    T.
     
  17. ASpace

    ASpace Guest


    You are welcome
     
  18. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    I have yet more(!) questions:

    (i) without blinding me with science, what is the difference between the NOD32 "on-demand scanner" and the "In-Depth Analysis" checks?;

    (ii) what does the latter do that the former doesn't?;

    (iii) allowing for different usages of computers by different people (surfing habits, file-sharing, etc.), what would be a sensible frequency to run the two different types of check? Daily? Weekly? Monthly?

    Thanks in advance.

    Terry.
     
  19. ASpace

    ASpace Guest

    The on-demand scanner is the scanner which performs manual scan of your whole hard drives / other media or selected file . In-Depth analysis is a profile which would run the most in-depth scan (with max technologies enabled) of your hard drive.


    Your real-time protection (AMON,DMON,EMON and IMON) will keep your computer safe from active threats . I would perform "In-Depth analysis" when I suspect infection or twice a month. ;)
     
    Last edited by a moderator: May 15, 2007
  20. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    Re: Preliminary questions about NOD32 - nasty bug?!

    I am concerned about relying solely on NOD32 to locate and clean my computer. Since my first initial use of the program, prior to buying it, it has not yet found any infected file(s) to clean. This strikes me as odd, as (on past experience with other programs) there is always SOMETHING to be got rid of.

    For example, today (Monday May 28th) I ran a check using the "on demand" scanner and NOD32 said all was OK.

    I then ran a check with Panda Active-Scan - again, nothing to report.

    However: pyware [D]octor - on a quick scan, not a deep one - found the following:
    "Trojan.Downloader.Ruins(Trojan.Flush.A[Symantec]) - threat level high."

    SD then recommended a thorough cleaning in Safe Mode and got rid of the bug.

    My question is: why did NOD32 not find this? Especially if, as SD stated, the threat level from it was so high as to warrant a cleaning in Safe Mode? Would a NOD32 "In-Depth Analysis" check have found it?

    Or - call me cynical - is it just that my licence for SD is up shortly and this is a gimmick to encourage me to renew?!

    I am perplexed - can anyone advise?

    Terry.
     
  21. ASpace

    ASpace Guest

    I personally find Spyware Docton unrealiable application . Panda and NOD32 are much more reliable scanners .

    I would recommend you not to remove the files found but insteal submit them to VirusTotal (www.virustotal.com) . If it happens that more vendors flag this (excluding Fortinet) , submit the sample to email samples at eset dot com
     
  22. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    That's odd, it's detected by NOD32 as well as its other variants.

    a variant of Win32/Small.FB (NOD32v2)
    Trj/Ruins.MB (Panda)
    Trojan.Flush.A (Symantec)

    (I've removed results from other scanners and left only those you mentioned)
     
  23. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    Thanks for your reply - yes, it IS odd - as is, as I stated above:

    Since my first initial use of the program, prior to buying it, it has not yet found any infected file(s) to clean. This strikes me as odd, as (on past experience with other programs) there is always SOMETHING to be got rid of.

    I cannot help but think that I must not have configured NOD32 properly.

    Anyone any ideas?
     
  24. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Could you please send that file to samples[at]eset.com with this thread's url in the subject?
     
  25. Terry Sleeper

    Terry Sleeper Registered Member

    Joined:
    May 1, 2006
    Posts:
    35
    Whoops!

    Too late - I removed the file. Sorry.

    However, I still don't understand why NOD32 has found not one infected file, nothing to remove at all, in a period of nearly 4 weeks.
     
Thread Status:
Not open for further replies.