The aim of this thread is to give feedback to ESET as to changes we would like to see in future upgrades of Nod32. Please be very specific so that your suggestion can be written in one line. After this go into DETAIL though remember to try and keep it in plain and simple terms. If it is too complex I will simply add: refer to post number XX. Basically, if I can't understand it, how can I write about it. If your suggestion has already been discussed in previous threads please post links to such, this may help further explain your case to ESET and others reading your suggestion. You are welcome to discuss the merits of each and every suggestion, just keep on topic, as there are other parts in the forum to discuss issues. A list will be maintained in this first post enabling people to easily see if their suggestion is already included. Cheers Blackspear. Quarantine 1. Change the word Quarantine to suit what its current function is; “Make Secure Copy for further Analysis”. 2. Add “Submit to Eset” button, be this by Email or GUI. 3. Add a Switch for Command line Scans. 4. Set to "on" by default in all scans and profiles. 5. Add a “Move” option. 6. Option to delete Quarantine files after a set period is reached, i.e. after 30 days 7. Add Detection 8. Remove Detection 9. Option to bulk submit files from quarantine with ThreatSense filtering still applied for samples ESET already have copies of. 10. 11. AMON 1. Add Clean (if cleanable) or Delete (if uncleanable) options. 2. Add Quarantine. 3. Enable by default when installing. 4. If the installation is password protected, not require that password to START the protection! Only require it if the user wants to turn it off. 5. Ability to disable AMON and turn it back on from the Tray Icon. 6. Add option to have “Potentially Dangerous Applications” 7. Drag and drop excluder. 8. Option to create rules for blocking the creation, modification, execution etc. of *.pif, *.scr and other files, just like McAfee VSE 8.0i. Edit/Delete Message 9. Add a hash (md5 or sha1) based exclusion list in addition to (or instead of) the current path based exclusion function. Further details: MD5 based exclusion lists 10. Show entire path to a file, and not just the file name. 11. 12. NOD32 Scanner 1. Add check-box to “My Profile” that would use “My Profile” settings for all Profiles and all Scans and all file types. 2. Option to exclude files and folders and make it a simple function to do so. 3. Add silent Scheduled tasks for cleaning. 4. A Pause button to pause scanning. 5. Delete worms or clean virus (which are running in memory) without restart or advise restart is required. 6. Option to scan inside self extracting archives during On Demand Scan. 7. Have one button to scan, at the end of a scan have the choice to use a clean button that follows the scan log to the problem areas and performs actions according to settings chosen within “My Profile”. 8. Ability to use shortcuts while in Safe Mode 9. Fix TAB order 10. Rename Heuristic unknowns from “probably unknown new_Heur_PE” to Heuristic_TrojanDropper, Heuristic_BackDoor, Heuristic_Malware etc. 11. Use Heuristic prefix, so you know what form the infection is found in i.e Trojan/ Win32/ or Worm/. 12. Have a check box to allow only found infections to be displayed while scanning, or at the end of a scan have the option to click a button that would only show infected files, so NOD32 goes back through the log and relists only those files. Further discussions HERE. 13. Popup Window to advise scanning is required and click ok to start (every 7 days), that can be switched off through options. 14. Popup bubble saying a scheduled scan is about to start. 15. Autoclose the scanner if nothing has been found, but leave it open when an infection has been found. 16. Ability to Scan/Clean on re-boot (boot-time scan) 17. Locked files = be able to right click and select "These files are OK, hide untill changed". 18. Highlight NEW locked files - flash them - or make them more visible in some other way. 19. Ability to stretch the running scan log, to make it easier view the entire root directory of some files. 20. An option similar to Kaspersky's "Scan new and changed Files only" 21. Change "Leave" to "Leave - upon next reboot the file will be deleted" 22. Option to play sound when virus found. 23. Display an 'estimated time to completion of scan' in progress. 24. Display information about a scheduled scan in progress, with option to pause/stop - see HERE 25. 26. Technical 1. Add version information resource structures to all executables and dlls. 2. Add service description field for nod32krn Windows service. 3. See post number 17. 4. Option to disable the System Restore before starting an on-demand scan. 5. Control Centre and Remote Administration interface to be an MMC snap-in. 6. Add an option to disable GUI skin and use the default shell style, if the CC is not going to be a MMC snap-in. 7. A flag readable by WMI/VBScript/whatever that will provide the status of the system (Idle/WAITING FOR RESTART/etc). 8. NOD32/AMON - Ability to programmatically initiate an update from the client end. 9. Simplify deleting old programs from IMON HTTP list. 10. Add scanning of Alternate Data Streams. 11. Nod32 for linux file server: have it properly handle (ignore) symbolic links to avoid possible recursive scanning. See post number 130. 12. Change default http update port to be other than Sharepoint Admin port, ie 8032. 13. Have clients check that what is at the other end of the port is not NOD32 update and report that rather than crash. 14. Consider an additional detection group (or as an extension to PDA?) for software that can only have an illegal purposes eg. keygen, crack etc. 15. Log entries in the Windows event log in addition to its own closed log files. 16. 17. Remote Admin 1. Ability to automatically deny download, and advise of such in logs. 2. UNIQUE identifier for all machines, preferably something like MAC address. 3. Engine (component) version number available through the RA console, not just def versions. 4. Ability to pull user configuration info (i.e. the contents of the Information tab) remotely. 5. Ability to choose a config file when you highlight PC’s to run a scan on. 6. Have the resolution or button pressed by the user as part of the notification message to the sysadmins. 7. Ability to configure more than one mirror site, with fallback to choice of mirror sites. 8. The ability to COPY a profile from one config file to another. 9. Three default profiles available in the source XML file. 10. Have the entire configuration written to the XML file by default. 11. IMON listed as Running or Stopped like AMON. 12. Fix lack of information about the action taken by IMON on Clients part. 13. Anytime ANYTHING in the XML file is changed, update the mirror files, see post number 85. 14. More comprehensive RA screen - make more detail available, though not necessarily on by default. 15. Ability to let Admin adjust how far out of date a machine has to be before the system tray icon turns red. 16. Adjustable "your definitions are out of date - please update as soon as possible" message. 17. Ability to reroute Quarantine submissions directly to the Administrator for investigation instead of them going directly to Eset by the end user. This will also enable records to be kept. 18. Ability to list clients by collapsable groups. 19. Ability to change the name of a profile or copy an existing profile in the RA console, instead of having to recreate a new one every time 20. A check box for "Replace all existing profiles with these profiles" so that old profiles are no longer kept in the client PC. I have a few machines (mostly test users) who have 5-10 profiles form various testing that we've done, when in actuality, there should only be two. 21. A default set of profiles to match the ones that are already specified (Control Center - Local / Control Center - Diskettes, etc.). Should an admin have to create profiles that are already being referenced? 22. Automatically change the Configuration ID when saving the XML file, so that if forgotten, the changes will still apply to the clients. 23. View the NOD32 program version of clients. Ideally - the ability to view everything that appears in the System Information page of the NOD32 control center. 24. View the update status of the client - i.e. whether the workstation is waiting for a reboot after a major program component update. 25. Implement a more user-friendly method of updating the license file for the remote administrator 26. Ability to resize the scan log properties window - so that you're not scrolling forever when reviewing scans 27. Ability to see usernames of who's currently logged into that workstation. 28. License keys - remove confusion between this and username and password. 29. Decrease left margin within "Reports" to allow for printing to standard size A4 paper. 30. Develop/market a smaller enterprise type version for the booming home network business and market a 3-5 license SOHO version with an admin ultilty that makes administration easier...ie a remote admin console. 31. Console should display which configuration is applied to a particular machine. 32. Console to have a column for the last scan date like it does for last event etc. 33. An xml file that sits on the local mirror and the client reads/syncs his configuration at every update to this configuration. 34. The ability for a repeating task in the remote administrator. 35. Some sort of "vault" that we can use to protect stuff that network admins NEED on the client PCs, while still allowing a highly aggressive scan on the clients? Maybe under a "So advanced, you'll get in trouble" button? 36. Option for all ThreatSense.Net submissions (statistics and samples) to happen via the update path, even from client to RAS to RAS to RAS to ESET. 37. Various suggestions HERE 38. Further options for ThreatSense.NET that would allow clients to send such information to the update server then the update server forward this on to Eset. 39. Display the major/minor version of nod as well as the virus signature version. 40. Ability to add clients automatically to Groups based on o Active Directory Organisational Unit (Container) o IP address Range o Other criteria? Then depending on what group the client is added to, automatically apply a specific configuration task 41. SNMP support or WMI interface so data (events, Viruses) can be entered from NOD into a Network Management System. 42. Column wih name of config on every machine. - some machines have full internet access, some of them don't, so i could create „comps_with_full_net_19.09.2007.xml” and „comps_without_net_19.09.2007.xml, then modify something and create „comps_with_full_net_25.09.2007.xml” - send new config, and after few days I can easy see on which machines with full net config is not updated (just looking for config name on) and send it again.I think that it is very important – now when i am updated config i can't check if all comps updated (only manually one by one). 43. There could be optionall column with procesor/RAM 44. Ability to see usernames of who's currently logged into that workstation. 45. Ability to add clients automatically to Groups based on Active Directory Organisational Unit (Container, group) or IP address Range? 46. I would like to see option to send messages from RAC – to one machine, group of machines or manually selected? Something like Windows Messenger but based on NOD, since Windows Messenger does not work in Vista and can be turned off on WinXP. 47. I see no way to modify group name or group description, if make an error, or i want to change group name - do I have to create new group?? 48. Scan during system scan (maybe additionally it could be ordered via RAC?) - Preboot Scan. 49. Scan new and changed files only – so i could make full scan once a month, and new and changed files twice a week? 50. Option for ThreatSense.NET that would allow clients to send information to the update server then the update server forward this on to Eset. - many of our people does not have full access to net, so thay have now way to send anything to ESET. 51. Customizable NOD32 icon on systray, ideally it would be included into configuration file and send from RAC 52. Visable Pause/Start/Stop buttons should be easily avalable from the main window during Admin designed scheduled scan times. 53. 54. Everything Else 1. Use a profile to run a scheduled scan 2. Excluding files and directories to be simplified, so that it accepts long names. 3. “Boot CD” of Nod32. 4. Online scanning facility. 5. Nod32 “Control Center” GUI to be a single re-sizeable window with vertical split bar 6. Rename Modules such as AMON to “Resident Scanner”, IMON to “Email and Internet Scanner”, DMON to Microsoft Office Document Scanner etc 7. Online virus information database, including removal instructions. 8. Ability to download latest update to removable media, for use in updating an existing installation of NOD on an infected computer. Must be simple, not technical. 9. Ability to hide the system tray icon from view without affecting functionality of Nod32. 10. Alert user when update has failed to download and mention the reason. 11. Set Nod32 at Maximum everything out of the box – ALL Files, File Types, Scans etc. 12. A “Reset to Default” button to put Nod32 back to complete maximum settings, as above. 13. Add a Pause button in On-demand Scanner. 14. Program Component Updates set to “Perform Update if available” by default. 15. Include registration expiry information in System Information module. 16. Ability to click through from Control Centre to Eset website for further information on virus detected. 17. More ports added to IMON. 18. Place Nod32 Updates in Start menu, All programs. 19. Include IMAP scanning and secure IMAP – port 993 20. A single configuration that would first use the mirror and then search for other available connections - similar to the choose server automatically function. 21. A context menu in the tray icon to disable, restart and stop a module, make an Update. 22. IMON to scan incoming Hotmail downloaded through POP3 accounts 23. Ability to resume updates from where they were if you get disconnected while updating. 24. Allow hovering over the system tray icon to show what modules are active and the current definitions. 25. Option for a Preboot Scan. 26. Ability to have “notify before downloading signature database update” and “perform program component upgrade if necessary” used at the same time. 27. IMON – Add option to have “Potentially Dangerous Applications” scan incoming HTTP. 28. Warning notice if a user tries to alter servers from “Choose Automatically”, that this is NOT advisable. 29. When a module is disabled/turned off make it clear, as in colored “RED” and the word “OFF” 30. Add Edit button so it is obvious how to edit a scheduled task. 31. Log file summary listing all infections found. 32. Some form of notification (change log) about updates of modules. 33. IMON server exclusion wildcard. i.e. *.eset.com 34. A temp-file location to be used when expanding archives. 35. An administrator version geared to the small home network users who want to make sure their kids' computers were up-to-date and whether they had encountered viruses. 36. Stop the popup window from accepting UN and PW. Instead advise that the UN and PW is incorrect and to please place it in Control Centre> Update> Setup. 37. Add a "save and load button" or "import and export button" for Nod's configuration, to make it easier when Nod has to be reinstalled. 38. Swap Setup and Actions around - clicking on setup and turning on all options, you currently have to go BACK to Actions to set the actions for the newly enabled types of scanned items. 39. Ability to exclude specific URL addresses from the IMON HTTP Scanner. 40. Option for IMON HTTP to have silent notification while in "Higher efficiency" mode, the same as it already does in "Higher compatibility" mode. 41. Submit file window, text needs to wrap so you can see what is typed. 42. A method of determining what files contain what viruses in Quarantine, allows a user to return a FP when fixed. 43. Customizable Virus detection message from XMON. 44. Font smoothing 45. When running a scheduled scan if there is a scan scheduled for the same day, not to run, this will stop overlapping of scans. 46. An Event Log entry showing the name of the file and whether the submission system was contacted and the results (i.e. a sample exists and will not be submitted). 47. A popup balloon advising that a file has been submitted or not. 48. An option to scan quarantine to see if the sample is added into the virus database. 49. A popup balloon advising that a scheduled scan is in progress, and the ability to turn this feature off (silent scan). 50. License expiry date displayed in the Nod32 Splash screen or Control Centre. 51. Allow the specification of port for smtp mail notification - for example, mail.eset.com:10025. Include SMTP over SSL (standard port 465) for notifications. 52. Improve functionality of Repair feature to bring it to the same standard as winsockfix or have 2nd button with this function. 53. Trial Version - more detailed set of error messages to do with updating. 54. Trial Version - the default set of servers for the trial version being LIMITED to choose automatically - with a comment in the drop-down that functionality is restricted in the trial, but not in the full version. 55. Add a statistics/sent files log. 56. Add a DVD/CD/USB/Floppy rescue - see https://www.wilderssecurity.com/showthread.php?t=127640 57. Trial version to have a different color-scheme to the full version, say - blue - instead of green - it will the quickest way to tell between the two. 58. When updating, NOD32 should display a different message when it cannot connect to the server or the server is overloaded. 59. Change Update Notices etc 60. A proper "Quit" function that shuts down all modules and the kernel service. 61. Rollover help menu, when you place your cursor over a button it gives you explanation of the buttons function. 62. Ability to customize the NOD32 email checked tag. 63. Right-Click Tray Icon 'Toggle' for Compatibility Mode. 64. Mail attachment blocking for email clients based on file extensions - see this thread 65. HIPS (Host Intrusion Prevention System) module in future products. 66. In the update module, add some metadata to every http get request to avoid as many proxy issues as possible. eg: http://<esetupdaserver>/update.ver?<current.time> and http://u26.eset.com/update.ver?1718 67. Ability to right click the tray icon and quickly disable AMON or any other module. 68. Remove the Username and Password entry fields from the installation process. Have the Username and Password entered after installation. 69. Replace the Username and Password with a 30 digit numerical only entry, similar to that used by Microsoft. 70. Ability to disable the daily definition update popups ONLY (not silent mode). 71. Customizable nod32 icon on systray, say, showing a 'N' for instance. 72. Allow customization of mail sending ports other than port 25 for notifications. 73. Have available a PDF guide to additional settings. 74. A variable to include the /UNIQUE/ Login-ID into emails sent by NOD32. 75. A behavioral blocker like one in ZAP or part of KAV PDMs, CH, or Sana Security Safe Connect etc. 76. Renew the same license so you do not have to change username and password. 77. Make a "Quiet" mode that hides the successful update messages but shows all other error messages such as virus definitions out of date and incorrect username and password specified. 78. Verify the checksum of the BIOS at startup and warn if it detects any changes. 79. Catch attempts by applications to patch or flash the BIOS. 80. 81.