Scanning encrypted files (EFS/NTFS)

Discussion in 'NOD32 version 2 Forum' started by Steve_Da_B, Feb 24, 2004.

Thread Status:
Not open for further replies.
  1. Steve_Da_B

    Steve_Da_B Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    16
    Location:
    UK
    When running a scheduled NOD32 scan, it skips encrypted files. I did a test. Put two executables on my desktop, encrypted one of them, then set up a scheduled scan.

    The log shows the encrypted file was not scanned ([4] File cannot be open. It is being exclusively used by another application or operating system).

    If I initiate the scan manually, then it scans the file fine.

    Is there some way of changing the user profile that scheduled scans run under?

    (I'm running Windows 2000, under a created user account (not administrator) with admin privileges. The files are encrypted by this account)
     
  2. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    Steve_Da_B: Could you not use the Windows Task Scheduler to do this (i.e., define a task with a suitable NOD32 command line)? It allows you to set the user account under which the task runs.
     
  3. Steve_Da_B

    Steve_Da_B Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    16
    Location:
    UK
    No doubt I could.

    But I would consider that a clumsy work-around. NOD32 should let you configure the account that scheduled tasks run under.

    I haven't had this problem with NAV or Kaspsersky.
     
  4. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    That may well be, but I was trying to offer you a solution. Ah well, doubt if I will again.
     
  5. Steve_Da_B

    Steve_Da_B Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    16
    Location:
    UK
    Steve:
    Your suggestion is very much appreciated!

    And I will probably end up using your solution unless I hear anything better from people closer to Eset.

    My criticism is of the software, not of your response.

    Sorry if you took offence at my posting.
     
  6. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    No problem, Steve. Point taken ;)
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    When you schedule a scan task, you can select the profile to be used for scanning:
     

    Attached Files:

  8. Steve_Da_B

    Steve_Da_B Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    16
    Location:
    UK
    That's not a user profile, it's a NOD32 profile.

    The problem is that whatever Windows 2000 user profile the scheduled scan runs under, it cannot read my encrypted files -- which I can read when I am logged in.

    Therefore it can't scan them.

    I don't have this problem with manual scans -- it scans encrypted files fine.
     
  9. DiGi

    DiGi Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    114
    Location:
    in the middle of nowhere
    This is normal.

    If you start NOD32 scanner from icon or from NODcc then it run from your account. But planed scan run from system account (same as NOD32krn.exe) - and system account can't open files encrypted in your account.
     
  10. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    This is exactly ewhat Steve_Da_B's issue is! It's only 'normal' (but wrong) because NOD32 fails to offer a way to specify the user account for scheduled runs. In fact, by default it should really run scheduled scans under the logged-on user, with the optional facility to specify a different user account. Have a look at the Task Manager to see how it *should* be done.
     
  11. Steve_Da_B

    Steve_Da_B Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    16
    Location:
    UK
    Absolutely.

    The "normal" behaviour of NOD32 means effectively I can't run scheduled scans -- whereas I can do this with other AV progs, such as KAV and Norton.

    I think it is entirely reasonable to (a) have your main account as not the administrator account and (b) have some of your files encrypted, and expect your AV program to be able to deal with this.

    I can of course run scheduled scans from the windows scheduler, but this means the application window popping up when I am working -- and for me the advantage of NOD32 is low footprint/fast/little impact on system performance, which means it would be ideal for running scheduled scans from NOD32 as I would hardly notice the impact.
     
  12. Steve_Da_B

    Steve_Da_B Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    16
    Location:
    UK
    So now I am running my scans from the windows task scheduler to get around this problem.

    Would be interested to know if anyone else considers this an issue -- having NOD's scheduled scanner being able to scan files encrypted under my account would be good. Being able to configure what scheduled jobs run from which accounts would be even better.
     
  13. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    I agree. NOD32's shortcomings have always been the "niceties". It is a rather crude av in terms of its abilities to do things like this. Anyone who comes to NOD from other major av will be surprised and frustrated perhaps or unhappy that such a highly rated av could be so crude in its GUI and abilities. Version two is a big step forward from version one but Eset still has a long way to go to catch up with the major av in this regard. NOD makes things like running scheduled scans (which are so simple with NAV for instance) complicated and in the case of which you are speaking not doable. I gave up on trying to run scheduled scans with NOD32 along with a whole bunch of other important things that NOD can't do or does poorly or forces you to implement in a complicated manner ....all these things are done easily and as a normal part of the av with other vendors.
     
  14. Steve_Da_B

    Steve_Da_B Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    16
    Location:
    UK
    And the shame is, sorting out these "niceties" (though being able to run a scheduled scan that scans all my files is more of an "essentiality" than a "nicety") should be easy.

    The hard work is done, NOD32 scans my system an order of magnitude faster than other AVs, it has the reputation in terms of picking up viruses... (and despite my, and others, criticisms of the UI I way prefer it to Kaspsersky's UI).
     
  15. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    You don't need to use the Windows Scheduler to run the scanner - you can schedule a task to run external application nod32.exe in the NOD32's Scheduler/Planner.
     
  16. Steve_Da_B

    Steve_Da_B Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    16
    Location:
    UK
    I can indeed.

    And do you know what happens? It doesn't scan my encrypted files because of the (non-configurable) user account that NOD runs its scheduled jobs under.

    Which brings me back to my original point really.

    At least when I use the Windows task scheduler I can decide what account the task runs under, so I can use my account and scan my files.
     
Thread Status:
Not open for further replies.