Future Changes to EAV

Discussion in 'ESET NOD32 Antivirus' started by Blackspear, Jan 20, 2008.

  1. karlisi

    karlisi Registered Member

    Joined:
    Apr 7, 2011
    Posts:
    68
    Location:
    Latvia
    Agree, that would be great.
     
  2. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,912
    Location:
    Outer space
    Good that my idea is so positively received :) Integrating the tools in the rescue kit is also an interesting idea, but that way the unaware/average user would really benefit from it, as the probably never start the rescue kit.
     
  3. happysunny

    happysunny Registered Member

    Joined:
    May 11, 2011
    Posts:
    24
    Thanks , but i don't like
     
  4. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    I'm sorry. You don't like what?
     
    Last edited: May 17, 2011
  5. yongsua

    yongsua Registered Member

    Joined:
    Feb 9, 2011
    Posts:
    474
    Location:
    Malaysia
    I wish that ESET can come out with a free SysRescue program for non-end user.
     
  6. pbenware

    pbenware Registered Member

    Joined:
    Nov 30, 2010
    Posts:
    1
    We're new to ESET EAV, and so still have a long way to go with features, but one thing that is missing is better support for custom Mac OS X installs.
    We need to be able to build a custom Mac OS X install with embedded configuration information that can be run at the desktop.

    It's OK that we can build a custom embedded installer now, but the resulting installer package can ONLY be pushed from ARD or the like. We don't use ARD extensively on our end users computers, so this solution doesn't work. As a result, we need to visit every computer, run the installer, enter the needed update an RA info, etc. this is time consuming and an unfortunate use of resources.

    We need to be able to distribute the customized installer via .dmg file, or use it during our restore image build process
     
  7. ashishsingh1508

    ashishsingh1508 Registered Member

    Joined:
    May 27, 2011
    Posts:
    125
    Location:
    Pune
    Its a bad idea to include all removal tools in ESET products as it will increase the size of installer. And ESET is also known for very small installer size.
    But ya ESET can include link to download specific removal tool.
    I would like the feature to make bootable CD without the need to install Windows AIK.

    In Quick Heal Antivirus they do it. They just need a Windows installation CD to fetch bootable files and after that they mix it with virus definition and it makes the CD to scan our PC even before bootscreen is shown because the hard disk is not booted instead CD will boot up

    Thanks
    Ashish Singh
     
  8. piranha

    piranha Registered Member

    Joined:
    Mar 21, 2005
    Posts:
    623
    Location:
    Laval, Qu?bec, Canada
    e-mail client integration of NOD32 to Opera Mail
     
  9. Nyan123

    Nyan123 Registered Member

    Joined:
    Jul 16, 2011
    Posts:
    1
    Online Security Search: ESET Online Scanner a fast *and and* free tool that detects and removes threats on your PC. Utilizing only your browser, it scans your computer with ESET's award-winning ThreatSense engine.

    The ** markings seems wrong?

    It's on the website. Sorry for posting in the wrong forum, Didn't know which one!
     
  10. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    now you can know if a file in your computer is risky or not by querying the cloud powered reputation

    it provides with good information about prevalence and file characteristics to the ESET virus lab
     
  11. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Removal tools are used under compromised systems, where removal is difficult because of the active threat processes, which is not the case in SysRescue, where detection for this threats are enabled, but removal is easier.

    So, integrating the tools does not make sense.
     
  12. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,662
    Location:
    Throughout the USA and Canada
    I wish the "ESET requires your attention" color for windows update was different to the "We couldn't update" attention grabbing color.... would that be possible?
     
  13. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    Toxinon12345:

    For IT ignoramuses, such as the one writing this post (aka Roger Folsom), would you (or anyone else reading this) please define what you mean by "compromised system" and "active threat processes," or else let us know a place to get (or at least to start looking for) that information?

    I would have thought that if any any malware was disturbing either one computer or a set of network computers, that would be a "compromised system" that was suffering from an "active threat process."

    I can think of only one example of a compromised system not suffering from an active thought process. That example is malware buried in an email and not yet discovered and discarded.

    Thanks for any comments, suggestions, or help.

    Roger Folsom
     
  14. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    A system that has a file sitting unactivated in an email or file is not a compromised system. Compromise happens either during or after malicious code launches and releases its payload without being stopped, which renders the system (or user profile) in an unknown and untrusted state. A system may have an inactive payload sitting in temporary internet files that attempted to execute but was blocked, and that system would not be considered compromised. Nothing is executing in memory and no damage was done.

    Cleanup tools are generally needed in cases where malware/viri trojan a file in an unrecoverable way, so to perform the cleanup you'll need a tool loaded with original replacement files because simply deleting the trojan file would break your computer.
     
  15. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Imagine you have disabled ESET protection, and you activated the conficker worm by accessing to your USB key.
    When you re-enable the protection...surprise! It is detected, but removal cannot be done.

    When running SysRescue, you are booting from a clean media as CD, in which you can use the same ThreatSense engine for scanning your HD.

    In both cases the system in the HD is compromised.
    In the first case threat processes are active, you will need to disconnect from internet, run the removal tool, run the AV installer for reinstallation and connect to internet for update your AV.
    In the second case, threat processes are inactive, removal can be done without using such removal utilities.

    Hope it helps.
     
  16. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    Smacky and Toxinon:

    Thanks for the explanations. They did help, and made clear the usefulness of SysRescue.

    Roger Folsom
     
  17. MongrelCat

    MongrelCat Registered Member

    Joined:
    Aug 17, 2010
    Posts:
    24
    Location:
    South Carolina
    This thread is soooo long with much stuff sort of dated. How about a new thread with proposed enhancements starting with version 5?

    I vote we start out by proposing a fancy desktop gadget like many of the other AV providers have - Perhaps a green eye that turns orange and red. Balthazar first proposed this in V3 way back in Oct. '08 with good functional suggestions - Search "gadget" in this thread.
     
  18. Matthijs5nl

    Matthijs5nl Guest

    This is fine to me, but....
    this really isn't, those gadgets are the most useless features for security products I can think of, just bloatware. I am happy ESET hasn't entered this path until now.
     
  19. piranha

    piranha Registered Member

    Joined:
    Mar 21, 2005
    Posts:
    623
    Location:
    Laval, Qu?bec, Canada
    First, i do agree because v5 is release but why not continue. EAV is a now and always a work in progress.....
     
  20. piranha

    piranha Registered Member

    Joined:
    Mar 21, 2005
    Posts:
    623
    Location:
    Laval, Qu?bec, Canada
    in scheduler, each time we want to add, delete or modify a task we need to give password (if pw protect). If we did that one times it is ok but 2-3-4 times it is annoying.

    Please add something that ask the user if he wants to add, delete or modify something else (no need to give pw again) or exit.

    thanks
     
  21. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    I agree. No gadget please :thumbd:
     
  22. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,065
    I agree desktop gadgets provide no benefit and just use resources.

    Im glad eset hasnt added crap/bloatware to their products and instead works on protecting their customers.
     
  23. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    This GUI is the best in its class, it allows easy access to the program functions without a gadget. ;)
     
  24. anGel_OnE

    anGel_OnE Registered Member

    Joined:
    Nov 22, 2010
    Posts:
    6
  25. Ego_Dekker

    Ego_Dekker Registered Member

    Joined:
    Aug 22, 2010
    Posts:
    97
    Location:
    Russia
    Make HIPS rules exportable/importable and compatible with v5 and higher.
     
    Last edited: Sep 28, 2011
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.