Wilders Security Forums - Extra Settings For Nod32 v2.5 - Revised 17-06-2005 PDF

Wilders Security Forums - Extra settings for Nod32 v2.
5 - revised 17-06-2005
Wilders Security Forums > Official Eset NOD32 User Name User Name Remember Me?
Antivirus Forum > NOD32 version 2 Forum
Extra settings for Nod32 v2.5 - revised 17-06-2005 Password Log in
Register FAQ Members List Calendar Member Introductions Today's Posts Search
Page 1 of 4 1 2 3 4 >
Thread Tools Search this Thread
June 22nd, 2004, 09:16 AM #1
Join Date: Dec 2002

Blackspear Location: Gold Coast, Queensland, Australia
Posts: 8,648
Global Moderator
Extra settings for Nod32 v2.5 - revised 17-06-2005
Welcome to Extra Settings for Nod32.
This thread aims to give you more of an understanding of Nod32, its setup, and use...
As Nod32 is an ever changing product, you may find this thread has the odd setting disjointed from
where it logically ought to appear. This is just part and parcel of a continually improving product.
Furthermore, when we learn new things about Nod32, they will also be added to the end of this thread.
Hence, it remains a Work in Progress.
If you become lost or are unsure of anything, dont hesitate to start a new thread with your question in
the main Nod32 Forum
All the best
Cheers
Blackspear
Please Note: There are 4 pages to this thread; this page, as well as Page 2 and Page 3 and Page 4
All pages can be located by clicking on the links at the top and bottom of each page (as per screenshot).
Table of Contents
INSTALLING NOD32
AMON
DMON
EMON
IMON
http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (1 of 27)8/14/2005 9:29:38 PM

Wilders Security Forums - Extra settings for Nod32 v2.5 - revised 17-06-2005
NOD32
PROFILES
UPDATE
SCHEDULAR/PLANNER
WINSOCK REPAIR
TOTALLY SILENT SCAN

Attached Images

__________________
Security - where do I start?
"Illegitimis non carborundum."

translation:
"Don't let the bastards grind you down."
U.S. General Joseph W. "Vinegar Joe" Stilwell (1883-1946)
Last edited by Blackspear : July 29th, 2005 at 10:30 PM. Reason: Work in Progress - Thanks Bubba :)
June 22nd, 2004, 09:16 AM #2
Join Date: Dec 2002

Posts: 8,648
Global Moderator
Extra settings for Nod32
INSTALLING NOD32
Double clicking on the Nod32 executable file that you have downloaded begins the setup process.
1. Click Extract.
Attached Images
__________________

translation:

Last edited by Blackspear : May 15th, 2005 at 05:04 AM. Reason: Work in Progress
June 22nd, 2004, 09:18 AM #3
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. I recommend making a Typical install unless you have previous knowledge of Nod32 and are
comfortable wandering through a computer's settings.
2. Click Next.
Attached Images
__________________

translation:

June 22nd, 2004, 09:18 AM #4
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Click on the Radio Button that says I agree.
2. Click Next.
Attached Images
__________________

translation:
June 22nd, 2004, 09:20 AM #5

Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Please LEAVE Server as Choose automatically, I say this for many reasons:
* If a particular server is down, Nod32 will NOT be able to roll on to the next server.
* Experience shows us that you will have fewer or no problems with updating using this setting.
* Let Eset do their job and balance loads on the servers.
2. Place in the Username (UN) that your Reseller/Distributor or Nod32 email has provided.
3. Place in the Password (PW) that your Reseller/Distributor or Nod32 email has provided.
ONLY a UN and PW provided to you by Eset will work. These are not personalized entries created by
you.
4. Click Next.
Attached Images
__________________

translation:
Last edited by Blackspear : June 17th, 2005 at 10:25 PM. Reason: Work in Progress

June 22nd, 2004, 09:20 AM #6
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Leave this Radio Button as is, UNLESS you use a modem that dials onto the internet.
2. Click Next.
Attached Images
__________________

translation:
June 22nd, 2004, 09:21 AM #7

Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. You have purchased Nod32 for its ability to protect your computer, lets help Eset to continue in its
efforts to do so by leaving Enable ThreatSense.NET Early Warning System ticked.
2. Click on Advanced Setup.

Attached Images
__________________

translation:
Last edited by Blackspear : July 15th, 2005 at 08:09 AM. Reason: Work in Progress
June 22nd, 2004, 09:24 AM #8

Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Make a choice, I would hope that you participate and as such choose the lower or middle option.
As the information sent is anonymously, you may like to add your email address in Contact email
(optional), in case Eset would like to ask/advise you further about what you are sending.
2. Click on OK.
Attached Images
__________________

translation:
Last edited by Blackspear : June 17th, 2005 at 10:26 PM.
June 22nd, 2004, 09:25 AM #9

Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Click on Next.
Attached Images
__________________

translation:
June 22nd, 2004, 09:25 AM #10
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Leave this ticked so the resident scanner (AMON) will start automatically upon booting your system.
2. Click Next.
Attached Images
__________________

translation:
June 22nd, 2004, 09:26 AM #11
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click Next.
Attached Images
__________________

translation:
Last edited by Blackspear : May 15th, 2005 at 05:14 AM.
June 22nd, 2004, 09:28 AM #12
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click this Radio Button to restart your system.
2. Click Finish to complete the installation.

Attached Images
__________________

translation:
June 22nd, 2004, 09:30 AM #13
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Welcome to Nod32, this is the Nod32 splash screen that first appears upon bootup of your system.
Attached Images
__________________

translation:
June 22nd, 2004, 09:31 AM #14
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Your Nod32 Control Centre is located in the System Tray, at the bottom right hand corner of your
desktop.
Double Click on this icon.

Attached Images
__________________

translation:
June 22nd, 2004, 09:32 AM #15
Join Date: Dec 2002

Posts: 8,648
Global Moderator

AMON
1. Click on AMON
2. Click on Setup
Attached Images
__________________

translation:
June 22nd, 2004, 09:33 AM #16
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on the Options tab.
2. Place a tick in Potentially dangerous applications.
WARNING: enabling this option might result in deletion of Remote

Adminstrative Programs such as those used by Network Administrators.
Attached Images
__________________

translation:
June 22nd, 2004, 09:33 AM #17
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on Actions tab
2. Choose a Radio Button that suits your needs.
If you are new to Nod32 or a novice with a computer, you may want to have Nod32 Clean
automatically, however, should AMON find a False Positive it will delete the file even if it proves to
be non-viral at a later date. Though this remains a possibility, it is unlikely for the average user.
Attached Images
__________________

translation:
June 22nd, 2004, 09:34 AM #18
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Click on the Exclusions tab. If you are having issues with a file being continually scanned, you may be
pointed to here in order to exclude such a file.
2. Click OK.
Attached Images
__________________

translation:
June 22nd, 2004, 09:35 AM #19
Join Date: Dec 2002

Posts: 8,648
Global Moderator

DMON
1. Click on DMON.
2. Click on Setup.
Attached Images
__________________

translation:
June 22nd, 2004, 09:36 AM #20
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on the Setup tab.

Attached Images
__________________

translation:
June 22nd, 2004, 09:36 AM #21
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on the Actions tab
Follow the Red Arrows and choose Radio Buttons that suit your needs.
If you are new to Nod32 or a novice with a computer, you may want to have Nod32 Clean
automatically, however, should AMON find a False Positive it will delete the file even if it proves to
be non-viral at a later date. Though this remains a possibility, it is unlikely for the average user.
If Nod32 ever warns of a Probable NewHeur_PE virus found, please do the following:
1. Place a tick in the Quarantine check-box

2. Select Delete
3. Send the quarantined file to Eset: samples@nod32.com
This file can be found here:
C> Program files> Eset> Infected
Note: this folder will only be displayed/made when you first receive an infected file and it is sent to
Quarantine.
NOTE: Quarantine ONLY makes a secure copy of the Virus or Trojan found so it can be sent to Eset for
further analysis, it does NOT isolate the Virus or Trojan.
2. These actions you have chosen are for specific file types, in this instance Files. Clicking on the
dropdown arrow reveals the next step.
Attached Images
__________________

translation:

Last edited by Blackspear : May 22nd, 2005 at 06:54 PM.
June 22nd, 2004, 09:37 AM #22
Join Date: Dec 2002

Posts: 8,648
Global Moderator
The same advice for each choice can be found in the post that covers DMON> Actions tab.
1. Clicking on the dropdown arrow reveals the next step.

Attached Images
__________________

translation:

June 22nd, 2004, 09:39 AM #23
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Attached Images
__________________

translation:
June 22nd, 2004, 09:39 AM #24

Join Date: Dec 2002

Posts: 8,648
Global Moderator
2. Click on OK.
Attached Images
__________________

translation:
June 22nd, 2004, 09:40 AM #25

Join Date: Dec 2002

Posts: 8,648
Global Moderator
EMON
Note: EMON is now installed by default for use with Microsoft OUTLOOK (not Outlook EXPRESS)
1. Click on EMON.
2. Click on Setup.
Attached Images
__________________

translation:
Page 1 of 4 1 2 3 4 >

Wilders Security Forums > Official Eset NOD32 Antivirus Forum > NOD32 version Previous Thread | Next Thread
2 Forum
Posting Settings
You may post new threads

You may post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On Forum Jump
HTML code is Off NOD32 version 2 Forum Go
All times are GMT -4. The time now is 08:29 PM.
-- Default Style Contact Us - Wilders Security - Archive - TOS/Privacy - Top
Powered by: vBulletin Version 3.0.8

Copyright 2000 - 2005, Jelsoft Enterprises Ltd.

Page 2 of 4 < 1 2 3 4 >
June 22nd, 2004, 09:41 AM #26
Join Date: Dec 2002

Posts: 8,648
Global Moderator
Re: Extra settings for Nod32
1. Click on Scanner.
Place a tick in Scan plain text message bodies and Scan RTF message bodies, I know, but they said
the same thing about jpeg files
Attached Images

__________________

translation:
June 22nd, 2004, 09:42 AM #27
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on Detection.
Place a tick in Potentially dangerous applications.

Attached Images
__________________

translation:
Last edited by Blackspear : May 15th, 2005 at 09:35 PM. Reason: Work in Progress
September 26th, 2004, 01:52 AM #28
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on Extensions.
Place a tick in Scan extensionless files.

Attached Images
__________________

translation:
September 26th, 2004, 01:54 AM #29
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on Actions.

Attached Images
__________________

translation:
September 26th, 2004, 01:59 AM #30
Join Date: Dec 2002

Posts: 8,648
Global Moderator


Attached Images
__________________

translation:
September 28th, 2004, 06:18 PM #31
Join Date: Dec 2002

Posts: 8,648
Global Moderator


Attached Images
__________________

translation:
September 29th, 2004, 06:50 AM #32
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Attached Images
__________________

translation:
September 29th, 2004, 09:23 AM #33
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1.Click on Enviroment.
Follow the Red Arrow and choose a Radio Button that suits your need.
Attached Images
__________________

translation:
September 29th, 2004, 09:25 AM #34
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on Logs.
Place a tick in Log all files.
2. Click on OK.
Attached Images
__________________

translation:
September 29th, 2004, 09:27 AM #35
Join Date: Dec 2002

Posts: 8,648
Global Moderator

IMON
1. Click on IMON.
2. Click on Setup.
Attached Images
__________________

translation:
May 6th, 2005, 04:00 AM #36
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on the POP3 tab.
2. Click on Compatibility Setup > setup

Attached Images
__________________

translation:
May 6th, 2005, 04:00 AM #37

Join Date: Dec 2002

Posts: 8,648
Global Moderator
This is where you will be instructed to go if you are having an issue with IMON...
Attached Images
__________________

translation:
May 6th, 2005, 04:01 AM #38
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. You can adjust IMONs compatibility setup by sliding this along arrow along the bar. Best to leave it
as is, unless advised otherwise.
2. Click on OK.
Attached Images
__________________

translation:
May 6th, 2005, 04:07 AM #39
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on the HTTP tab.
2. Click on the Radio Button that reads Automatically deny download of file.
3. Click on the Client Compatibility button.
This is where you will be instructed to go if you are having an issue with a particular program...
4. It is recommended to change the compatibility level to "Higher Efficiency" unless you experience
problems with certain applications.
NOTE: With Higher Compatibility mode it is possible that Trojans may

slip through IMON.
5. Click on OK.
Attached Images

__________________

translation:
May 6th, 2005, 04:13 AM #40
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Click on the Miscellaneous tab.
2. do NOT click this unless you are advised to, or you are seeing a slow internet connection. This
button repairs the LSP chain (Winsock).
Further instructions on repairing Winsock can be found in post number 81 here.
3. Click on Scanner> Setup.

Attached Images

__________________

translation:
May 6th, 2005, 04:14 AM #41
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Place a tick in Potentially dangerous applications.

Attached Images
__________________

translation:
May 6th, 2005, 04:15 AM #42
Join Date: Dec 2002

Posts: 8,648
Global Moderator


Attached Images
__________________

translation:
May 6th, 2005, 04:15 AM #43
Join Date: Dec 2002

Posts: 8,648
Global Moderator


Attached Images
__________________

translation:
May 6th, 2005, 04:16 AM #44
Join Date: Dec 2002

Posts: 8,648
Global Moderator


Attached Images
__________________

translation:
Last edited by Blackspear : May 15th, 2005 at 09:44 PM.
May 6th, 2005, 04:17 AM #45
Join Date: Dec 2002

Posts: 8,648
Global Moderator


Attached Images
__________________

translation:
May 6th, 2005, 04:17 AM #46
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on OK.
Attached Images
__________________

translation:
May 6th, 2005, 04:18 AM #47
Join Date: Dec 2002

Posts: 8,648
Global Moderator

NOD32
1. Click on NOD32
2. Click on Run NOD32

Attached Images
__________________

translation:
May 6th, 2005, 04:19 AM #48
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on the Scanning Targets tab.
2. Make sure ALL of your Hard Drives are ticked.

Attached Images
__________________

translation:
May 6th, 2005, 04:20 AM #49

Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Click on the Scanning log tab.
2. Place a tick in Scrolling.

Attached Images
__________________

translation:
May 6th, 2005, 04:20 AM #50

Join Date: Dec 2002

Posts: 8,648
Global Moderator
2. Place a tick in everything found within Scan.
3. Place a tick in Advanced Heuristics.
A warning box will pop up regarding Advanced Heuristics and the use thereof, see the next post for
further information.

Attached Images
__________________

translation:

Page 2 of 4 < 1 2 3 4 >
2 Forum
Posting Settings

vB code is On
Smilies are On


Page 3 of 4 < 1 2 3 4 >
May 6th, 2005, 04:21 AM #51
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Click on More.
2. Read enough information to satisfy your needs to make an informed choice and then close the popup
Window.
Attached Images

__________________

translation:

May 6th, 2005, 04:22 AM #52
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Attached Images
__________________

translation:

May 6th, 2005, 04:23 AM #53
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Attached Images
__________________

translation:

May 6th, 2005, 04:23 AM #54
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Attached Images
__________________

translation:

May 6th, 2005, 04:25 AM #55
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Clicking on the dropdown arrow reveals the next step

Attached Images
__________________

translation:

May 6th, 2005, 04:25 AM #56
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Attached Images
__________________

translation:

May 6th, 2005, 04:26 AM #57
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Attached Images
__________________

translation:

May 6th, 2005, 04:27 AM #58
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Attached Images
__________________

translation:

May 6th, 2005, 04:28 AM #59
Join Date: Dec 2002

Posts: 8,648
Global Moderator
Follow the Red Arrow and choose a Radio Buttons that suits your needs.
Attached Images
__________________

translation:
May 6th, 2005, 04:29 AM #60

Join Date: Dec 2002

Posts: 8,648
Global Moderator
PROFILES
1. Click on the Profiles tab.
2. Place a tick in Run this profile in cleaning mode.
3. Place a tick in Use this profile for scanning files/folders from with the context menu.
4. Click on Quit.
5. Save the changes that you have just made.
Each profile can have different scanning settings if you so desire, or you can have Nod32 scan exactly
the same way in all profiles. Nod32 is just giving you choices, and choices are good.
Its like having many pizzas and with each you can choose a different topping, or you may have a
favorite topping that you want on all pizzas.
Attached Images

__________________

translation:
May 6th, 2005, 04:30 AM #61
Join Date: Dec 2002

Posts: 8,648
Global Moderator
UPDATE
1. Click on Update> update.
2. Click on Setup.
Attached Images

__________________

translation:
May 6th, 2005, 04:30 AM #62
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Please LEAVE Server as Choose automatically, I say this for many reasons:
* If a particular server is down, Nod32 will NOT be able to roll on to the next server.
* Experience shows us that you will have fewer or no problems with updating using this setting.
* Let Eset do their job and balance loads on the servers.
2. Your Username and Password will appear here if you have followed this tutorial from the beginning.
Do not try to use a UN and PW that you have created, ONLY a UN and PW provided by Eset will work.
3. Click Change.
Attached Images
__________________

translation:
May 6th, 2005, 04:31 AM #63

Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. It is advisable that you choose the Radio Button that has Nod32 Perform program
component upgrade if available and Offer computer restart if necessary.
NOTE: due to the size of some/all engine updates, you may NOT want this setting if you are on a
Dialup Internet Connection.
2. Click on OK.
Attached Images
__________________

translation:

May 6th, 2005, 04:32 AM #64
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Click on Advanced.
Attached Images
__________________

translation:
May 6th, 2005, 04:33 AM #65

Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. This is where you can set your type of connection if Nod32 hasnt already picked it up.
2. Click on Proxy server Setup.

Attached Images
__________________

translation:
May 6th, 2005, 04:34 AM #66
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. This is where Proxy Server settings are placed.
Click on OK until you are taken back to the next screenshot.

Attached Images
__________________

translation:
May 6th, 2005, 04:35 AM #67
Join Date: Dec 2002

Posts: 8,648
Global Moderator
You should now see this.
1. Click on OK.
Attached Images

__________________

translation:
May 15th, 2005, 06:00 AM #68
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Your various Log files can be found here. Should you need to, you can click on an entry in the right hand
Window, then click on Copy selected. You can then paste what you have copied in to Notepad, or Microsoft
Word etc.
Attached Images
__________________

translation:
May 15th, 2005, 06:01 AM #69
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. This is one of the places where you can Submit your Quarantined files to Eset.
The actual storage folder for Quarantined files can be found in C Drive> Program Files> Eset> Infected
Attached Images
__________________

translation:
May 15th, 2005, 06:02 AM #70
Join Date: Dec 2002

Posts: 8,648
Global Moderator

SCHEDULAR / PLANNER
1. Click on Schedular/Planner.
2. Click on Add.
Attached Images
__________________

translation:
May 15th, 2005, 06:04 AM #71
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. In the dropdown box, choose Nod32 Kernel Execution of an external application.
2. Click on Next.
Attached Images
__________________

translation:
May 15th, 2005, 06:04 AM #72
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Choose a name for your task.
3. Click on Next.
Attached Images
__________________

translation:
May 15th, 2005, 06:05 AM #73
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Choose a time to run your task.
2. Place a tick in a day or days that you want to run your task.
3. Click on Next.
Attached Images
__________________

translation:
May 15th, 2005, 06:06 AM #74
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Choose a Radio Button that suits your requirements.
2. This will prevent overlaps of a Scheduled Task if you choose the Radio Button in the screenshot.
3. Click on Next.
Attached Images
__________________

translation:
May 15th, 2005, 06:06 AM #75
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on the Finish button.

Attached Images
__________________

translation:
Page 3 of 4 < 1 2 3 4 >
2 Forum
Posting Settings

vB code is On
Smilies are On



Page 4 of 4 < 1 2 3 4
May 15th, 2005, 06:07 AM #76
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Click on Browse.
2. Browse to where Nod32 is installed, typically where you see in this screenshot.
3. Click on the Eset folder.
4. Click on Nod32.exe.
5. Click on Open.
Attached Images

__________________


translation:
May 15th, 2005, 06:07 AM #77
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. This is what you should see now.
2. Place in the Command line all appropriate Switches that suit your requirements. In this
screenshot you will see that I am using /local this will scan all of my drives.
3. Click on OK.
From what I can see, the following switches should give the greatest and maximum strength scan:
/adware /ah /all /arch+ /clean /cleanmode /delete /heur+ /log+ /mailbox+ /ntfs+ /pack+ /quarantine /
scanboot+ /scanmbr+ /scanmem+ /scroll+ /sfx+ /unsafe /wrap+
Your scan settings will start with:
C:\ (single space) /switches go here - see screenshot
Or
Copy and Paste the following directly into your settings:
C:\ /adware /ah /all /arch+ /clean /cleanmode /delete /heur+ /log+ /mailbox+ /ntfs+ /pack+ /
quarantine /scanboot+ /scanmbr+ /scanmem+ /scroll+ /sfx+ /unsafe /wrap+
Or
To scan ALL of your drives do NOT use C:\ use ONLY the following:
/local /adware /ah /all /arch+ /clean /cleanmode /delete /heur+ /log+ /mailbox+ /ntfs+ /pack+ /
quarantine /scanboot+ /scanmbr+ /scanmem+ /scroll+ /sfx+ /unsafe /wrap+
/local = Scan all local drives
/adware = Enable detection of adware, spyware and riskware

/ah = Enable advanced heuristics

/all = Scan all files regardless of their extension

/arch+ = Enable archives (ZIP, ARJ and RAR) scanning
/clean = Clean infected objects (if applicable)
/cleanmode = Enables cleaning mode (the actions taken will depend on the action settings)
/delete = Delete the infected file
/heur+ = Enable standard heuristics
/log+ = Enable Log file generation
/mailbox+ = Enable scanning mailboxes
/ntfs+ = Alternative NTFS streams
/pack+ = Enable internal runtime packer files scanning
/quarantine Copy infected file to quarantine before taking further action (clean/delete)
/scanboot+ = Enable boot sectors scanning
/scanmbr+ = Enable MBS scanning
/scanmem+ = Enable scanning memory
/scroll+ = Enable scrolling of the Log
/sfx+ = Enable scanning self-extracting archives
/unsafe = Enable detection of potentially dangerous applications
/wrap+ = Enable text wrapping in the Log file
GENERAL
/break- = Disable testing intermission
/break+ = Enable testing intermission
/expire- = Disable the program expiration notice
/expire+ = Enable the program expiration notice
/help = Display the list of program switches
/list- = Include in the Log only the objects infected
/list+ = Create the list of all tested objects in the Log
/quit- = Do not quit the program automatically after scanning
/quit+ = Quit the program after scanning
/scroll- = Disable scrolling of the Log
/scroll+ = Enable scrolling of the Log
/selfcheck- = Self-test disable
/selfcheck+ = Self-test enable
/sound- = Sound warning disable
/sound+ = Sound warning enable
/subdir- = Disable the sub-directories scanning
/subdir+ = Enable the sub-directories scanning
DETECTION
/adware = Enable detection of adware, spyware and riskware
/all = Scan all files regardless of their extension
/arch- = Disable archives scanning
/arch+ = Enable archives (ZIP, ARJ and RAR) scanning
/exclude=<LIST> = Excludes a single particular file from scanning, multiple files can be selected using
wildcards
/ext=<LIST> = Add a new extension into the list of tested files. (Multiple entries permitted, e.g., /
ext=EXT1,EXT2
/heur- = Disable heuristic analysis
/heur+ = Enable heuristic analysis
/local = Scan all local non-removable media
/mailbox- = Disable scanning mailboxes
/mailbox+ = Enable scanning mailboxes
/network = Scan all network disks
/ntfs+ = Alternative NTFS streams
/pack- = Disable the runtime packer files scanning
/pack+ = Enable internal runtime packer files scanning
/pattern- = Disable testing using virus signatures/patterns
/pattern+ = Enable testing using virus signatures/patterns
/scanboot- = Disable boot sectors scanning

/scanboot+ = Enable boot sectors scanning

/scanfile- = Disable scanning of the files
/scanfile+ = Enable scanning of the files
/scanmbr- = Disable MBS scanning
/scanmbr+ = Enable MBS scanning
/scanmem- = Disable scanning memory
/scanmem+ = Enable scanning memory
/sfx- = Disable scanning self-extracting archives
/sfx+ = Enable scanning self-extracting archives
/unsafe = Enable detection of potentially dangerous applications
HEURISTIC ANALYSIS
/ah = Enable advanced heuristics
/heur- = Disable standard heuristics
/heur+ = Enable standard heuristics
/heurdeep = Set deep heuristic sensitivity - technically Deep Heuristics no longer exists as it has a
higher chance of producing False Positives.
/heursafe = Set safe heuristic sensitivity (minimize false alarms)
/heurstd = Set standard heuristic sensitivity
PROTOCOL
/log- = Disable Log file generation
/log+ = Enable Log file generation
/log=<FILENAME> = Set the Log file name (e.g.: /log=NOD.LOG)
/logappend = Enable Log file append option
/logrewrite = Enable rewriting of the Log file
/logsize=N = Set Log file to the maximum size of N KB)
/wrap- = Disable text wrapping in the Log file
/wrap+ = Enable text wrapping in the Log file
CLEANING
/clean = Clean infected objects (if applicable)
/cleanmode = Enables cleaning mode (the actions taken will depend on the action settings)
/delete = Delete the infected file
/prompt = Offer an action upon virus detection
/quarantine Copy infected file to quarantine before taking further action (clean/delete)
/rename = Rename the infected file
Note: If the switches: /prompt, /rename, /delete/ or /replace are used concurrently with the /clean
switch, the corresponding action will be carried out only if the virus cannot be cleaned. The further a
parameter is listed, the higher priority it has. For instance, using the "/clean /delete /prompt "
parameters will result in that the "/prompt " parameter will supersede the "/clean /delete" parameters.
TEST SCHEDULING
/daily = Automatic testing on a daily basis
/period=N = Automatic testing once in N days
/weekly = Automatic testing on a weekly basis
NETWORK (Windows versions only)

/centralpath=<PATH> = Specifies the name of the directory for Centralized Update files
/msg="<MESSAGE>" = Specifies the message to be sent upon virus deletion.
/recipient=<LIST> = Specifies the recipients of the network messages (server/s, group or workstation
name). Multiple entries are permitted, e.g., /recipient=SERVER1,SERVER2

For further discussions on Command Line Scanning see the following thread
Attached Images
__________________

translation:
Last edited by Blackspear : July 14th, 2005 at 08:27 PM.
May 15th, 2005, 06:08 AM #78
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. The Scheduled scan that you have just set up will now appear here.
Attached Images

__________________

translation:
May 15th, 2005, 06:09 AM #79
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Right Click on your new scheduled scan this will pop up a small window as seen in the screenshot.
2. Click on Run now. If your settings are correct you will see the next screenshot as the scan starts.
Attached Images
__________________

translation:
May 15th, 2005, 06:09 AM #80
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. As I have used /local this now shows all drives that are in the process of being scanned.
2. [4] Locked Files are password protected or Windows System Swap Files, it is unlikely for such a file
to be infected, however the possibility still remains
Attached Images
__________________

translation:
Last edited by Blackspear : May 26th, 2005 at 11:04 PM.
May 18th, 2005, 07:58 AM #81
Join Date: Dec 2002

Posts: 8,648
Global Moderator

Re: Extra settings for Nod32 v2.5 - revised 16-05-2005
WINSOCK REPAIR
If you find that your internet connection has been broken, please run Winsock XP Fix.
OR
Proceed with the following to delete the corrupted registry keys, and then reinstall the TCP/IP protocol.
Step 1. Delete the corrupted registry keys
1. Click Start, and then click Run.
2. In the Open box, type regedit, and then click OK.
3. In Registry Editor, locate the following keys, right-click each key, and then click Delete:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock2
4. When you are prompted to confirm the deletion, click Yes.
NOTE: Restart the computer after you delete the Winsock keys. Doing so causes the Windows XP
operating system to create new shell entries for those two keys. If you do not restart the computer
after you delete the Winsock keys, the next step does not work correctly.
Step 2. Install TCP/IP
1. Right-click the network connection, and then click Properties.
2. Click Install.
3. Click Protocol, and then click Add.
4. Click Have Disk.
5. Type C:\Windows\inf, and then click OK.
6. On the list of available protocols, click Internet Protocol (TCP/IP), and then click OK.
7. Restart the computer.

__________________

translation:
June 17th, 2005, 09:25 AM #82

Join Date: Dec 2002

Posts: 8,648
Global Moderator
TOTALLY SILENT SCAN

This scan can be very useful on a multi-user computer where a person/persons are
prone to closing/stopping visibly run scans.
1. Click on Schedular/Planner.
2. Click on Add.
Attached Images
__________________

translation:
Last edited by Blackspear : June 17th, 2005 at 09:45 AM.

June 17th, 2005, 09:26 AM #83
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. In the dropdown box, choose Nod32 On demand scanner - Scanning.
2. Click on Next.
Attached Images
__________________

translation:
June 17th, 2005, 09:27 AM #84
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Choose a name for your task.
3. Click on Next.
Attached Images
__________________

translation:
June 17th, 2005, 09:27 AM #85
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Choose a time to run your task.
2. Place a tick in a day or days that you want to run your task.
3. Click on Next.
Attached Images
__________________

translation:
June 17th, 2005, 09:28 AM #86
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Choose a Radio Button that suits your requirements.
2. This will prevent overlaps of a Scheduled Task if you choose the Radio Button in the screenshot.
3. Click on Next.
Attached Images
__________________

translation:
June 17th, 2005, 09:28 AM #87
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on the Finish button.

Attached Images
__________________

translation:
June 17th, 2005, 09:29 AM #88
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. In the dropdown box, choose Control Centre Profile.
2. Click on OK.
Attached Images

__________________

translation:
June 17th, 2005, 09:30 AM #89
Join Date: Dec 2002

Posts: 8,648
Global Moderator
1. Remain in the Schedular/Planner module.
2. Right Click on your new scheduled scan this will pop up a small window as seen in the screenshot.
2. Click on Run now.

Attached Images

__________________

translation:
June 17th, 2005, 09:30 AM #90
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Click on Logs.
2. Click on Nod32 Scanner Logs.
3. If your settings are correct you will see Cleaning as the scan starts.
Attached Images
__________________

translation:
June 17th, 2005, 09:31 AM #91
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. If an infiltration (Virus, Trojan etc) is found, at the end of the scan you will see a popup window.
Attached Images
__________________

translation:
June 17th, 2005, 09:32 AM #92
Join Date: Dec 2002

Posts: 8,648
Global Moderator
To view details of a scan go to the Control Centre> Logs> Nod32 Scanner Logs.
1. You will see the scan has Completed.
2. In this case an infection was detected (as per popup window in previous screenshot).
Attached Images

__________________

translation:
June 17th, 2005, 09:32 AM #93
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Right click on the log that you would like to view, select and click on Details.
Attached Images
__________________

translation:
June 17th, 2005, 09:34 AM #94
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Draw the slider down to see the results and locate the infection.
Attached Images
__________________

translation:
June 17th, 2005, 09:35 AM #95
Join Date: Dec 2002

Posts: 8,648
Global Moderator

1. Having drawn the slider down you can see the infection displayed in a different color to the rest of
the details logged.
2. The Infection.
Attached Images
__________________

translation:
Page 4 of 4 < 1 2 3 4
2 Forum

Posting Settings

vB code is On
Smilies are On


Wilders Security Forums - Extra Settings For Nod32 v2.5 - Revised 17-06-2005 PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Wilders Security Forums - Extra Settings For Nod32 v2.5 - Revised 17-06-2005 PDF

Uploaded by

Copyright:

Available Formats

Wilders Security Forums - Extra settings for Nod32 v2.

Thread Tools Search this Thread

June 22nd, 2004, 09:16 AM #1

Join Date: Dec 2002

Extra settings for Nod32 v2.5 - revised 17-06-2005

Welcome to Extra Settings for Nod32.

All the best

http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (1 of 27)8/14/2005 9:29:38 PM

TOTALLY SILENT SCAN

http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (2 of 27)8/14/2005 9:29:38 PM

"Illegitimis non carborundum."

June 22nd, 2004, 09:16 AM #2

Join Date: Dec 2002

Extra settings for Nod32

"Illegitimis non carborundum."

http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (3 of 27)8/14/2005 9:29:38 PM

U.S. General Joseph W. "Vinegar Joe" Stilwell (1883-1946)

June 22nd, 2004, 09:18 AM #3

Join Date: Dec 2002

Extra settings for Nod32

"Illegitimis non carborundum."

http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (4 of 27)8/14/2005 9:29:38 PM

June 22nd, 2004, 09:18 AM #4

Join Date: Dec 2002

Extra settings for Nod32

1. Click on the Radio Button that says I agree.

"Illegitimis non carborundum."

June 22nd, 2004, 09:20 AM #5

http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (5 of 27)8/14/2005 9:29:38 PM

Join Date: Dec 2002

Extra settings for Nod32

"Illegitimis non carborundum."

http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (6 of 27)8/14/2005 9:29:38 PM

June 22nd, 2004, 09:20 AM #6

Join Date: Dec 2002

Extra settings for Nod32

"Illegitimis non carborundum."

June 22nd, 2004, 09:21 AM #7

http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (7 of 27)8/14/2005 9:29:38 PM

Join Date: Dec 2002

Extra settings for Nod32

2. Click on Advanced Setup.

"Illegitimis non carborundum."

June 22nd, 2004, 09:24 AM #8

http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (8 of 27)8/14/2005 9:29:38 PM

Join Date: Dec 2002

Extra settings for Nod32

"Illegitimis non carborundum."

Last edited by Blackspear : June 17th, 2005 at 10:26 PM.

June 22nd, 2004, 09:25 AM #9

http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (9 of 27)8/14/2005 9:29:38 PM

Join Date: Dec 2002

Extra settings for Nod32

"Illegitimis non carborundum."

June 22nd, 2004, 09:25 AM #10

Join Date: Dec 2002

http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (10 of 27)8/14/2005 9:29:38 PM

Extra settings for Nod32

"Illegitimis non carborundum."

June 22nd, 2004, 09:26 AM #11

Join Date: Dec 2002

http://www.wilderssecurity.com/showthread.php?t=37509&page=1&pp=25 (11 of 27)8/14/2005 9:29:38 PM

Extra settings for Nod32