Future Changes to Nod32

I second completely aigle, heuristic and behavior analysis what a magical combo

Regards,

MaB

 

Hi,

Please let me know, how can I put signature in outgoing emails ?

I have not found anywhere.

~
ankupan

 

Hi,

EMON / configuration / notifications / add to outgoing email ( i'm not of the last sentence because i use a french UI)

Regards,

MaB

 

CONFIGURATION
- a simple checkbox or button labeled "maximum security" that effectively sets all options to match blackspear's settings, including command line options... that way, if any new features get added, they can be included in the "max security" flag without my having to go through all the various pages and adding them

LOGS
- clicking on any column heading sorts by that column
- please remember the size of the window after I resize it so that subsequent displays come up the same size

Thanks,
Dan

 

Also... it would be nice if there were a menu option to write the safest (i.e., every option enabled) command line parameter string to the clipboard. It would spare us from having to parse the very long list of parameters available from the help file. From what I can discern, even Blackspear's list of params is incomplete (seems to leave out /pattern+); here's the one I am currently using for on-demand scans:

"C:\Program Files\Eset\NOD32.exe" %1 /selfcheck+ /break- /quit+ /scanmem+ /antistealth+ /pattern+ /heur+ /arch+ /mailbox+ /ntfs+ /sfx+ /pack+ /adware /unsafe /unwanted /all /ah /heurdeep /list+ /log+ /scroll+ /cleanmode /prompt /delete /quarantine

Dan

 

NOD32 should have an option to enable I/O request listening when scanning in the background - It would dramatically decrease impact on system performance while scanning, but of course also increase scan times (hence the option to enable/disable).

 

1. Registry Monitor
2. Firewall with extensive attack logs (similar to Sygate Personal Firewall Pro 5.x)
3. Support for Mozilla Thunderbird and maybe other email clients
4. NOD32 Toolbar Plugin for IE/Firefox

 

IMON in the current version is program independant . Working in Winsock allows it to scan all the POP3 and HTTP traffic no matter what application is sending/receiveing it , so all applications (incl. Thunderbird) are already supported .

Toolbar for what ? The IMON explanation above is valid of web-browsers , too

 

And what about SMTP?

 

IMON only checks incoming email iirc.

 

If the real time file protection (in NOD32 v2 , called AMON) is enabled , there is no way for a malware to push something through SMTP. I think no need for checking outgoing messages.

 

Hi folks,

Make the option of "Set update parameters later" actually work!
OR better still allow the entry of the local server to the
server list during the install process.

cheers

 

Wildcard support in exclusions

For example to match a folder in windows user profile : C:\Documents and Settings\*\Application Data\foo

I work in network managed environment so I cant' add all profiles name

 

Anyone mentioned scanning incoming NNTP?
Is there a special reason it is not currently scanned?

 

for the current user use the environment variable %appdata%

type set on the command line to see them all.

And for the wishlist SNMP support or WMI interface so I can pull data (events, Viruses) from NOD into a Network Management System

 

add a self-defence to NOD32. some viruses can beat antivirus by closing an antivirus processes.
please add self-defence to NOD32 2.8 or 3.0

 

Being able to fully scan computer, then decide what to do with malware. IE. don't stop scan when a malware is found. Scan the whole computer first. Then ask for input.
Useful if you want to scan your computer during the night, and in the morning decide what to do with malware.

 

Wizard / Program for creating self extracting install packages.

I.E. a software/wizard to simplify/speed up the process described on pages 78 to 81 in NOD32 Remote Administrator Installation Guide.
Could/Should be tied to the XML Editor and RAC

 

I notice that Kaspersky 6.0 is absolutely excellent at spotting attempts at "hooking" and DLL injection. Are there any plans to incorporate these features into future versions of NOD32?

I also note that KAV6.0 uses an NDIS driver to scan internet traffic, and this is the lowest level (beneath even the tcp/ip stack) of network activity that could be monitored on a Windows box. What level does IMON work at? Is it possible for some virus/trojan activity to sneak under IMON?

 

IMON works at the winsock level, but the http scanner in the beta uses a NDIS driver iirc.

 

I've been trying NOD32 on and off for a while now but haven't made the move yet. I have many clients that I get to use it though. Sorry if this has been mentioned before but too many posts to read through them all.

For AMON what I have the biggest gripe with is if malware is detected with NOD32 I do NOT have an option to "Ignore" this detection. For instance I occasionally build repair CDs with a working version of McAfee AV. When I am trying to extract the definitions off the SDAT file NOD32 always alerts on one or several of the files that I know are ok. It would be nice to be able to have the option to ignore the detection at that time and continue with extraction.

That option would be a nice addition.

 

The NOD32 Control Center 'Help Index' should include a basic setup feature.

The product is hugely complex and, I believe, hugely capable. Non-techsperts such as myself are daunted by the range of settings and options, such that one ends uncertain of the effectiveness of just what one has setup. Long before tackling 'advanced setup', we need the above......

The Help Index - which is undifferentiated/not prioritised - could helpfully prioritise by simple colour codings, for 'noobs' like myself who have done the act of faith, paid good money, and want the warm fuzzies of feeling the security door is bolted. A help page Flow Chart 'to get you started' would help ordinary Joes like me get going. Links could take one onward, step by step, into other VIP decision areas ( but not necessarily all ).

Please recognise that some ( most? ) of your willing customers are not/will never be sysadmins and techsperts. There are huge swathes of NOD32/security software issues and knowhow we will never get to. For example, I've just today found the two 'Getting Started' .pdf files, after 20 months of using the product. And if that seems to some like 'dumbing down', then just be tolerant and move on.

Support the ordinary 'acts of faith'...... pleez!

Oh! And kindly spell 'color' as the Good Lord intended.......

 

I agree. I was a bit confused looking for a Ignore option. It took me a good 5 minutes before I realized that was not a choice:

 

I think nod32 should let user download the virus definitions file for offline update like norton because not all of us have internet access.

cheers

 

It is already possible but requires the LanUpdate edition (Mirror function) .
I guess it is not done with the single Standart version to prevent software piracy (as you probably know NOD32 is one of the most illegally used applications among some regions)