Jump to content
Aryeh Goretsky

Future changes to ESET NOD32 Antivirus

Recommended Posts

Hello,

 

Not every requested feature can be added at once.  ESET's project managers have to carefully look at the technical and market requirements for each request.  Sometimes, the amount of work required to implement a requested feature may mean that it needs to be put off for a few version releases until enough engineering time can be budgeted to implement, test and maintain the feature.  And sometimes, a feature might be requested that is just out of scope, offers little real-world benefit to customers or may even be against ESET's business practices.

 

In any case, what I would suggest is to provide as detailed a description as possible of the feature you are requesting, in order for ESET's project managers to make better sense of it, and a little patience, as not everything can be done at once.

 

Regards,

 

Aryeh Goretsky

 

 

[Thread moved from Hello and merged into the Future changes to ESET NOD32 Antivirus by moderator. AG]

Hello

We had asked for a strong start a behavior analyst white list And Sandbox like the rest of protections and also that the Arab program supports have you said to us that you will be surprised all the world's seventh edition But like the sixth version like nothing new V depends on the database and Web protection and lacks the layers of protection, Sandbox and white list and we hope you improve it in the next update or reply to us even know that it will become stronger or move on to a program like This is not what we want because of our deep love for the program Thank you

Share this post


Link to post
Share on other sites

Memory scanning inmediately after Re-enabling the Advanced Memory Scanner

 

Similar to that of Filesystem protection for stopping running infiltrations in memory

Edited by toxinon12345

Share this post


Link to post
Share on other sites

I like the newway of displaying notifications

Sometimes some localized versions cannot display the whole message in the notification

 

 

post-973-0-87387200-1383582505_thumb.png

Share this post


Link to post
Share on other sites

Since previous releases, there's been two annoying features in nod32 and smart security:

1) There is no way to stop startup scan once it's started. Of course you can schedule it or remove from the schedule list so that it won't run ever. But the startup scan is an essential scan that should be done at least once or twice a day. Its sometimes anoying that you can't cancel/stop this scan when you are doing some important work and this scan is eating a lot of memory / your work is inurrupted for some reason.

2) When you insert a USB storage device, the scan starts automatically. For some reason, you don't want that drive to be scanned or it is taking too long to complete the scan you wan't to abort it so that you can use that usb device elsewhere to continue some important work or some one is waiting  for that usb device so that he can take it. You try to abort the scan, the scan refuses to pause / stop unless it finishes scanning that one particular file.

I am not comparing the above with 'other' security softwares as according to me these 'other' software have no comparison with the best Eset technology. I have been using Nod32 since the year 2000 and I can understand how much the above problems have annoyed me in the past.

Edited by PCdoc

Share this post


Link to post
Share on other sites

Is there a possibility to create some sort of alert for the HIPS when policy based mode blocks something? It's very annoying to have to go check the log to see if anything has been blocked.

Share this post


Link to post
Share on other sites

Is there a possibility to create some sort of alert for the HIPS when policy based mode blocks something? It's very annoying to have to go check the log to see if anything has been blocked.

 

Each HIPS rule has an option "Notify user". When enabled, a notification will pop up whenever a rule is applied.

Share this post


Link to post
Share on other sites

I'm not seeing that, is it in the main settings or rule editor?

 

 

Ok I found it but that's for rules that have been created, what happens if something is blocked that isn't in the rules editor?

Edited by LoneGeek810

Share this post


Link to post
Share on other sites

I'm not seeing that, is it in the main settings or rule editor?

 

 

Ok I found it but that's for rules that have been created, what happens if something is blocked that isn't in the rules editor?

 

There's an option "Log all blocked operations" in the advanced HIPS setup. However, we don't recommend enabling it unless you need to troubleshoot an issue caused by HIPS, otherwise large logs could be generated which would have adverse effect on the overall system performance.

Share this post


Link to post
Share on other sites

I would love to get an alert whenever policy mode blocks anything, i'd use it more, cause no matter how many rules I have it always seems to still block something and interactive mode is way to chatty.

Share this post


Link to post
Share on other sites

 

The "Blocked object" detections come from suspicious websites. V6 updates the list of such websites every few minutes via cloud while older versions update it with every attempt to update, ie. every hour by default.

I don't want to go into details as this forum may also be read by bad guys, you know.

 

P.S I hope it's OK to share this here, I figure if it weren't OK to talk about it then Marcos wouldn't have told us about this feature in the first place   :)

 

post-973-0-97867900-1384458018_thumb.png

post-973-0-11212400-1384735528_thumb.png

Edited by toxinon12345

Share this post


Link to post
Share on other sites

There appears to be a problem with "smart optimisation" (or my understanding of how "smart optimisation" works) in conjunction with "real-time protection" and "unwanted" detection

 

I have seen various instances (including today) in which I can view/access a file (which has been previously reported by ESET, in one form or another, as an "unwanted" application) without a report being generated... The only time a report is created is when I try to copy the file to a new location - and the new location is reported, but nor the original file...

 

Based on my observations it seems that an update of the virus signature database doesn't reset the "smart optimisation" data ESET records...

 

If "smart optimisation" is based on some MD5/SHA-???-style "checksum" shouldn't this "checksum" be cleared when the virus signature database is updated?

Share this post


Link to post
Share on other sites

 

The only time a report is created is when I try to copy the file to a new location - and the new location is reported, but nor the original file...

 

 

Because scan level are different On Read to On Write

Edited by toxinon12345

Share this post


Link to post
Share on other sites

Yeah could fit nicely somewhere in the "Help and support" tab. 

Share this post


Link to post
Share on other sites

Disabling phishing protection should give user warning that he/she doesn't have full protection.  The taskbar icon should change color and right clicking taskbar icon should not give message with green checkmark "Maximum protection".  The same scenario for disabling anti-stealth technology.

Share this post


Link to post
Share on other sites

Removable media insertion

  • Add "Quick scan | Superficial scan" option in the notification prompt
  • "Profile selector" in Advanced setup

Share this post


Link to post
Share on other sites

Description: Please change the tray icon and GUI notification for Gamer Mode.

Detail: Currently when NOD enters gamer mode due to a fullscreened application, the tray icon and GUI show a somewhat unsettling ! icon that is indicative of a more substantial problem, and the GUI says that "NOD requires your attention". This is unsettling, as gamer mode is operating as designed, there is no problem, and NOD does not require attention. With the prevalence of multi-monitor setups becoming more and more common, it's very likely that users will fullscreen an application, video, or game on a secondary display - and see the icon or GUI for NOD on their primary display and become concerned.

 

This is particularly disconcerting when first discovering it. I just now saw the ! icon while a video was full screened on another monitor, and clicked over to the ! on my primary screen to see what was wrong and needed my attention. Doing so caused the video to exit fullscreen, and caused NOD to exit gamer mode before I could realize what was happening. And so I spent a good 10 minutes going back and forth thinking something was more seriously wrong on my system than it was.

 

Anyhow, just a suggestion! Thanks.

Share this post


Link to post
Share on other sites

I have to agree with carbonyl, that having an additional color, and or warning persona strictly for gaming mode alone, would be a little more comforting on the eyes, then using the same persona or behavior as if you have an immediate problem that needs correcting like 'out of date os files' or PUA has been detected.

 

Thanks Team

Share this post


Link to post
Share on other sites

Product updating:

 

My product version kept telling me it was 'up to date',  yet a new product was released. Thanks to a reply from Marcos I was soon put right and had the new product installed in no time.

 

Is the user notified in the GUI?  Seemed a little odd to me there was a newer version out and my GUI didn't tell me, it could be the update was of no significance.

 

Dave

Share this post


Link to post
Share on other sites

Product updating:

 

My product version kept telling me it was 'up to date',  yet a new product was released. Thanks to a reply from Marcos I was soon put right and had the new product installed in no time.

 

Is the user notified in the GUI?  Seemed a little odd to me there was a newer version out and my GUI didn't tell me, it could be the update was of no significance.

 

Dave

Same here. I have 6 PCs to keep up to date and I gave up waiting for the program to update itself. I wonder if the feature even works?

 

DrT

Share this post


Link to post
Share on other sites

If it is too much trouble for ESET to use, why have it? Surely, if they are going to go to the trouble to actually produce an updated version, it just makes sense to get it on as many PCs as possible. If the issues are not that critical, why update?

 

I just cannot understand the (lack of) logic.

Share this post


Link to post
Share on other sites

The latest update was a type of update that unless one have or are still experiencing any of the fixed issues/problems then there is no need to update. I still have not updated myself yet for that reason. HTH.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...