Well, I thought I would just share a few thoughts and I'd like to hear what you all think. I'm a proud user and reseller of the excellent ESET product line - there's so much to like. Lightweight, fast, fairly good detection and fantastic remote administrator. It keeps getting better. Some great improvements in version 4 but there's things I'd like to see improved further. They are pretty much problems with any AV in these areas so I dont expect miricles. Cleaning I find too often if a virus does manage to get downloaded and execute, even if ESET detects it.. it can still cause mayhem. One of these particular files that I managed to execute was detected but not cleaned properly so I sent it to ESET. Also, what about files that INFECT or attach to system files? Can we not use sysinspector to make a backup periodically of main system files that are usually infected, explorer etc and revert to a snapshot as a cleaning resolution? Better handling of file infectors and polymorphic or morphing viruses is important - these seem to beat ESET. I just think AV's should be able to monitor system changes in key areas. The Services, Hooks, BHOs, RunOnce and Run areas, and even monitor changes to key system files to aid cleaning and even detection.... That leads me to... Improve reporting and detection For example we could send a list of start-up programs and running services (with our approval) to ESET for them to inspect. For system files, like explorer.exe check their checksum and CRC for vadility even, now I wouldn't say delete these files (because what if they were genuine updates) - but at least send some header or detail file info to ESET to research. You know what I mean, some kind of reporting function which we can turn on and off. I'm up for helping ESET improve the product by sending a few small details of my system run/services/registry/BHOs. What about send sysinspector details to eset on a regular basis? They could then collect information about startup files, dll files, hooks, etc, and improve the detection of the product. We do need to improve the spyware detection without the software becoming bloated. Could we maybe have an optional definitions file called extended malware, which is lower risk threats (more annoyanceware - like hotbar is detected by NOD and it's bundled with Nero burning rom, not really a threat as such more annoy us ware. I would prefer the spyware database to be catching the real bad guys and then another db for these silly toolbar things) which some users may prefer to have at the expense of a file opening a nano of a nano second longer. I remember ESET struggling to remove the XP antivirus 2008-2009 varients. I hope this was improved for example. I see a few cases of poor detection or removal. But not to say the product is bad, just I think it could do even better. I understand ESETs ethos is to make the defs as clean as possible and using more generic rules to avoid the db becoming bloated. Good idea, long as it can clean the infections correctly for each variant. However, these generic detections don't always work, and in some cases work too good.. Settings protection for key system areas or browsers IE is not the most secure browser, could we not check browser helper objects, proxy changes, homepage changes, security settings changes by third party programs and then have a choice to revert these settings by using the sysinspector for example. Rescue I think this is a great idea... a bootable media which can scan the system is a way forward. Long as we can copy up-to-date defs to it, what about use your ESET license on a Pocket Drive to be able to use the CD with the latest defs from the Pocket Drive. Long as cleaning is good enough it doesn't delete system like crazy, it's a neat idea. There is viruses out there that even in task manager you close the buggers and they open again because a parent process is running that is infected. Could eset not detect the parent of these files and remove them, long as it's not a system file. I welcome the changes to the firewall, automatic with rules is good for Domain Network environments. Someone mentioned the idea of HIPS.. well I would agree and disagree... HIPS would make the software bigger than what it already is.. but I think some form of basic scanning on the file before network access would be good if it doesn't already scan network aware software. DLL injection could do with some improvements and support for blocking these trojan downloaders. Could we not intergrate the Spybot S&D hosts file list into ESET? Something like that? Just ideas... let me know your thoughts. Don't expect my ideas to be much but I thought I'd share them as I really want to see ESET be at the top again. I know they can do it... PS. You know what I would like to see Very very much like to see... because I deploy ESET on a lot of domain enabled networks with MS exchange... Can we please have a revised Exchange version, and maybe even a bundle called: ESET Business Server Security... whoo sounds nice.. with Exchange support and File scanning.... Does anyone agree?