SMPT scan!

Discussion in 'NOD32 version 2 Forum' started by Untouhable, May 10, 2004.

Thread Status:
Not open for further replies.
  1. Untouhable

    Untouhable Registered Member

    Joined:
    May 3, 2004
    Posts:
    3
    Just a quickie, why isnt it possible to just add a SMPT scan to the program so it scans outgoing mail aswell? cant be that difficult, could almost do it myself i had the code :)
     
  2. norky

    norky Registered Member

    Joined:
    May 1, 2004
    Posts:
    172
    Location:
    Lithia, FL
    there's no need to scan outgoing mail since nod32 won't let you have a virus on your hd anyway.

    fyi it's smtp (simple mail transfer protocol)
     
  3. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    What do you mean NOD won't allow you to have a virus on your system? What if you have a live virus in a zipped archive? And you send that to someone and you don't even know there is a virus there as you haven't unzipped it so AMON has not alerted?
     
  4. DiGi

    DiGi Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    114
    Location:
    in the middle of nowhere
    Zipped infected file can't sent self automaticly... And if I want to send it then no av shouldn't block me ;)

    You sent files (zips) and don't know what is it in?
     
  5. ceejay13

    ceejay13 Registered Member

    Joined:
    May 1, 2004
    Posts:
    34
    Location:
    Basingstoke, UK
    I would like to step in here and just say that when I buy 'Security' software of some kind - by security I mean software that will give me peace of mind in my transactions on the internet - I would like to know that all bases are covered.

    Having just got rid of NAV - because it was messing up my system, although it scanned ALL files, I decided upon NOD32 as a replacement mainly because of the reports on the heuristic scanning, assuming incorrectly that it also scanned all types of files for viruses. I now read that zip files aren't scanned and that there are 'enhanced' options that I have only discovered by reading this forum. I am rapidly getting the impression that this software is not an 'out of the box' type of thing and as a 'literate' computer user with little time for 'playing' with settings, I find this dissapointing. I like NODS, I like the interface, BUT, I am feeling a little insecure at the moment because I am not sure what I have or haven't set up!

    I know scanning uses resources, but then, better to be 100% sure you haven't got a virus than only 99.9%. Yes, I do know the odd one will get through if you are unfortunate to be the first to be 'attacked'. That is just plain bad luck.

    At the end of the day, I want THE BEST of all worlds, AV that will scan all files - automatically, because I don't know what the other stupid people (for that read 'inexperienced') that use my machine, will send attached to their mail because they don't know any better. Yes! other people do use my system, they are called 'Family' - before anyone tells me that I shouldn't allow other users.

    There is no such thing as a 'stupid' question or idea, it just means someone doesn't understand something well enough and it is up to the more experienced user to help out - IMHO that's the idea of these forums.
     
  6. Bandicoot

    Bandicoot Eset Staff

    Joined:
    Mar 23, 2004
    Posts:
    297
    Location:
    California
    SMTP scanning is planned to be a feature of NOD32 in the future... can't give you any specific dates at the moment but it'll be later rather than sooner I'm afraid.

    Zipped virus files, by their very nature, can't infect your system but as soon as you try to unzip them, AMON will leap into action and whack them on the nose. If you have NOD32 set up 'out of the box' the default settings are, to a lot of users, more than adequate, but you can always 'beef up' the settings and create your own profile if you wish. It might mean that 'on demand scanning' takes a minute or so longer, but you may feel more secure.

    Regards,
    Bandicoot. :D
     
  7. ceejay13

    ceejay13 Registered Member

    Joined:
    May 1, 2004
    Posts:
    34
    Location:
    Basingstoke, UK
    Thanks for that, I feel a lot happier already :)

    The problem isn't that I can't get around to learning the package, it's the time between loading and learning that is the problem for me. I am not as quick to understand as I was!

    The zip file thing is not too much of a problem, it's just that I prefer to have everything scanned as it leaves my system so that I can be almost certain I am not adding to the woes of the Internet.

    Sorry if I sounded heavy handed, but 'some' of the responses in these forums assume that you need to be au fait with everything before you post. I really do appreciate the help of those who offer constructive comment and even criticism ;)
     
  8. Bandicoot

    Bandicoot Eset Staff

    Joined:
    Mar 23, 2004
    Posts:
    297
    Location:
    California
    Hi Colin,

    Glad you're feeling a little more comfortable already. If you receive a Zipped file, safest thing is to unzip it before you send it on to someone else really, then at least you know you're not unwittingly sending viruses off around the internet. I know that might mean having to Zip it up again, but it's the courteous thing to do, don't you think?

    Heavy handed comments?..... blimey, you should read the way some folks post things on this forum! Don't worry Colin, I'm not a programmer either, so you're not alone.

    Best regards,
    Bandicoot. :D
     
  9. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    That is a lame excuse Bandicoot. Every other AV just about is not crippled like NOD32 is when it comes to zipped files. Why should I be forced to take the time to unzip and then rezip simply because Eset can't see fit to fix this problem? As I have said before, if this isn't fixed by the time my license comes due in October, I will be looking elsewhere and will probably get Kaspersky. This really needs fixing. There are a whole lot of NOD users very unhappy about this and about Eset's dragging their feet in fixing the problem.
     
  10. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    There's a lot of nonsense offered as an excuse for NOD32's failure to scan zip files. The bottom line is that viruses in zip files can propogate through systems with NOD32 installed, in a way that doesn't happen with other A/Vs.

    It is just not good enough to claim that extracting zip file contents will allow NOD32 to catch any viruses lurking there (especially since the advanced heuristics (AH) that are so lauded by some NOD32 users are not even supported by AMON).

    Sure, it is possible to manually scan zip files using the NOD32 command-line scanner, but (a) AH is only available to such an action via an undocumented switch (or Paulo Monti's third party extension) and (b) this requires a manual action which, by virtue of human nature, will not always (or even usually) happen.

    This deficiency in NOD32 is very real when compared to other A/Vs, and is perceived as such by many buyers.
     
  11. Bandicoot

    Bandicoot Eset Staff

    Joined:
    Mar 23, 2004
    Posts:
    297
    Location:
    California
    NOD32 does scan zipped files. Nobody's forcing you to do anything. I just feel it's not good practice to send zipped files on blindly.
     
  12. DiGi

    DiGi Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    114
    Location:
    in the middle of nowhere
    Personaly i have no problem - i don't want scan SMTP (why?) and I don't want AMON scanning archives (haha, "great feature, special for 20mb+ archives, good bye my computer).
    Maybe NOD should scan keypress - you can type "format c:" and destroy own disk! Another risk!!

    Downloaded archives will be scanned by IMON, and when I move them anywhere then it should be only "another data file". When I unpack it then NOD catch file. If I burn CD then I should know WHAT I burn... And i should made scan if I want.

    I can't be infected by moving archives so don't kill my CPU-time by scanning it. Same when I sent files why to scan it? If AV don't catch INCOMING virus then it don't catch when virus is sent.
     
  13. thecrow

    thecrow Registered Member

    Joined:
    May 8, 2004
    Posts:
    23
    NOD32 can scan all packedt files

    u just have to tell it too first

    for some stupid reason scanning archived files is off by default

    im trying out kaspersky right now it it doesnt support .rar files ? :eek:
     
  14. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Well of course NOD32 on demand scanner can scan archives. And as Rodzilla has pointed out it is stupid for Eset to water down the default settings. They should be at the highest possible and then the user waters them down if they want that...not the other way around. However, the problem is NOT what the on demand does...it is what the resident scanner DOESN'T do.

    I want the option to have AMON scan, using adv. heuristics, the zipped files as they arrive. I didn't buy a very fast box with tons of RAM to not use it! I also have an old W98SE box and, therefore, I want this as an OPTION that can be turned on or off as the user wishes. I would not use this on the old box which is much slower.

    Not everyone uses IMON. I don't trust IMON plus I see the majority of problems reported here are caused by IMON. (I will look at the HTML part of the new IMON as long as I can turn off the email scanning). Since I don't use IMON, downloaded archives are NOT scanned by IMON. I have no idea there is a virus in there because AMON doesn't peep until I unzip. I can use, and do, Paolo's extension but that is not the point. (And don't get me going on quarantine which is quarantine to all AV vendors EXCEPT Eset which doesn't know what quarantine means and thus we have a dangerous situation). I want AMON to be strong not weak. I want it powerful. But I think this should be a choice we have as I well understand that older boxes would be slowed too much so it should be an option.

    I guess what it comes down to is Eset going to continue going off on some strange path of its own...totally different from other AVs? I really like the fact that NOD32 gets along (as long as IMON is not used) with my computers and the applications on them. It is the ONLY AV I have used that I can say this about. Even KAV which I am interested in, currently could not be used on this XP box because its latest version trashes any computer that has an NVidia card with Nview Desktop Manager enabled, whereas, NOD32 is very agreeable with my applications (except IMON). And there is the crux of the matter. Eset has seen fit to give IMON all the power and IMON causes lots of problems on lots of computers.
     
  15. pepito

    pepito Registered Member

    Joined:
    May 2, 2004
    Posts:
    57
    Location:
    Australia
    Interesting.

    As a test (to see what everyone is talking about) I downloaded the first zip file at http://www.eicar.org/anti_virus_test_file.htm

    As I expected NOD32 didn't complain while downloading or saving to my computer, fine no problem, but the following is a worry.

    As somebody here suggested, I did a right-click NOD32 of the downloaded winzip archive. NOD32 came back with:
    number of files scanned: 1
    number of viruses found: 0

    This message reads to me that NOD32 scanned 1 file but found no virus. But there definately is one if you open the winzip archive and scan the .com file inside it.
     
  16. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Do you have NOD32 marked to scan archives in the "Setup" tab.?

    Does ok for me.

    http://webpages.charter.net/gunn1943/eicarzip.JPG
     
  17. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    A lot of users need and like an e-mail scanner. I would just as soon see them continue to work to make IMON more compatible and also enhance it for other areas like checking downloading files using AH.
     
    Last edited: May 13, 2004
  18. pepito

    pepito Registered Member

    Joined:
    May 2, 2004
    Posts:
    57
    Location:
    Australia
    I didnt then but I do now (and it picks it up).

    The problem is that the message which comes up with the default setting is that 1 file has been scanned which isnt really correct. On seeing that you would assume that the file is clear.
     
  19. JimF

    JimF Registered Member

    Joined:
    Apr 17, 2004
    Posts:
    54
    Location:
    Allentown, PA USA
    Trying to be all things to all people is what makes NAV the mess that it is. Although it must be good marketing, since they sell a lot of it. But by sticking to the real problems, NOD32 is the best in the business.
     
  20. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    The only thing wrong with NAV (assuming you are not putting it on an old box) is its tech support which is absolutely horrible. That is a huge problem for them and what drives most people away. It drove me away. If they hadn't moved tech support to India and it was good like when I first got NAV 2001, I'd probably still have NAV.

    I suppose by your reasoning you also think the "King" of AV (KAV) is also a "mess"?
     
  21. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Please stay on topic - NAV and KAV are not the issue here. Feel free to open an new thread on "Other antiviruses" in case you wish to discuss other AVs.

    regards.

    paul
     
Thread Status:
Not open for further replies.