Discussion in 'ESET NOD32 Antivirus' started by Blackspear, Jan 20, 2008.
Agree, that would be great.
Good that my idea is so positively received Integrating the tools in the rescue kit is also an interesting idea, but that way the unaware/average user would really benefit from it, as the probably never start the rescue kit.
Thanks , but i don't like
I'm sorry. You don't like what?
I wish that ESET can come out with a free SysRescue program for non-end user.
We're new to ESET EAV, and so still have a long way to go with features, but one thing that is missing is better support for custom Mac OS X installs.
We need to be able to build a custom Mac OS X install with embedded configuration information that can be run at the desktop.
It's OK that we can build a custom embedded installer now, but the resulting installer package can ONLY be pushed from ARD or the like. We don't use ARD extensively on our end users computers, so this solution doesn't work. As a result, we need to visit every computer, run the installer, enter the needed update an RA info, etc. this is time consuming and an unfortunate use of resources.
We need to be able to distribute the customized installer via .dmg file, or use it during our restore image build process
Its a bad idea to include all removal tools in ESET products as it will increase the size of installer. And ESET is also known for very small installer size.
But ya ESET can include link to download specific removal tool.
I would like the feature to make bootable CD without the need to install Windows AIK.
In Quick Heal Antivirus they do it. They just need a Windows installation CD to fetch bootable files and after that they mix it with virus definition and it makes the CD to scan our PC even before bootscreen is shown because the hard disk is not booted instead CD will boot up
e-mail client integration of NOD32 to Opera Mail
Online Security Search: ESET Online Scanner a fast *and and* free tool that detects and removes threats on your PC. Utilizing only your browser, it scans your computer with ESET's award-winning ThreatSense engine.
The ** markings seems wrong?
It's on the website. Sorry for posting in the wrong forum, Didn't know which one!
now you can know if a file in your computer is risky or not by querying the cloud powered reputation
it provides with good information about prevalence and file characteristics to the ESET virus lab
Removal tools are used under compromised systems, where removal is difficult because of the active threat processes, which is not the case in SysRescue, where detection for this threats are enabled, but removal is easier.
So, integrating the tools does not make sense.
I wish the "ESET requires your attention" color for windows update was different to the "We couldn't update" attention grabbing color.... would that be possible?
For IT ignoramuses, such as the one writing this post (aka Roger Folsom), would you (or anyone else reading this) please define what you mean by "compromised system" and "active threat processes," or else let us know a place to get (or at least to start looking for) that information?
I would have thought that if any any malware was disturbing either one computer or a set of network computers, that would be a "compromised system" that was suffering from an "active threat process."
I can think of only one example of a compromised system not suffering from an active thought process. That example is malware buried in an email and not yet discovered and discarded.
Thanks for any comments, suggestions, or help.
A system that has a file sitting unactivated in an email or file is not a compromised system. Compromise happens either during or after malicious code launches and releases its payload without being stopped, which renders the system (or user profile) in an unknown and untrusted state. A system may have an inactive payload sitting in temporary internet files that attempted to execute but was blocked, and that system would not be considered compromised. Nothing is executing in memory and no damage was done.
Cleanup tools are generally needed in cases where malware/viri trojan a file in an unrecoverable way, so to perform the cleanup you'll need a tool loaded with original replacement files because simply deleting the trojan file would break your computer.
Imagine you have disabled ESET protection, and you activated the conficker worm by accessing to your USB key.
When you re-enable the protection...surprise! It is detected, but removal cannot be done.
When running SysRescue, you are booting from a clean media as CD, in which you can use the same ThreatSense engine for scanning your HD.
In both cases the system in the HD is compromised.
In the first case threat processes are active, you will need to disconnect from internet, run the removal tool, run the AV installer for reinstallation and connect to internet for update your AV.
In the second case, threat processes are inactive, removal can be done without using such removal utilities.
Hope it helps.
Smacky and Toxinon:
Thanks for the explanations. They did help, and made clear the usefulness of SysRescue.
This thread is soooo long with much stuff sort of dated. How about a new thread with proposed enhancements starting with version 5?
I vote we start out by proposing a fancy desktop gadget like many of the other AV providers have - Perhaps a green eye that turns orange and red. Balthazar first proposed this in V3 way back in Oct. '08 with good functional suggestions - Search "gadget" in this thread.
This is fine to me, but....
this really isn't, those gadgets are the most useless features for security products I can think of, just bloatware. I am happy ESET hasn't entered this path until now.
First, i do agree because v5 is release but why not continue. EAV is a now and always a work in progress.....
in scheduler, each time we want to add, delete or modify a task we need to give password (if pw protect). If we did that one times it is ok but 2-3-4 times it is annoying.
Please add something that ask the user if he wants to add, delete or modify something else (no need to give pw again) or exit.
I agree. No gadget please
I agree desktop gadgets provide no benefit and just use resources.
Im glad eset hasnt added crap/bloatware to their products and instead works on protecting their customers.
This GUI is the best in its class, it allows easy access to the program functions without a gadget.
Add boot scan option/feature like Avast!
Make HIPS rules exportable/importable and compatible with v5 and higher.
Separate names with a comma.