hmm, today i had to cure the computer with recently updated NOD32 with undetected winlocker, and it was started through that key and NOD had nothing against. that's the file: ~~ removed link to malware file ~~
How about a proper program updater? I don't have problems with manually updating to the newest major version. So 4 to 5. Or 4 to 4.5. But a minor update should just be done through a proper updater.
A configuration choice to allow non-administrative users temporarily disable NOD32. Other AV companies call this "gaming mode". I operate my system as a least priveleged user, and I run games. When I am gaming I want full performance from my system.
You are not really true there. Gaming mode is not the same as temporarily disable. Gaming mode means it runs at lowest priority and it doesn't pop any popups it's while you are in full screen also scheduled actions are delayed untill you exit gaming mode. ESET NOD32 actually automatically enters a sort of gaming mode while you are in fullscreen, it for example doesn't pop up any update popups.
The point is I am unable to Disable NOD as a least priveleged user. If ESET would give a configuration option to ALLOW non-admins to disable NOD I'd be happy. I personally feel the password protection would be enough for me to feel comfortable enabling this option. Alternatively, ESET could add a "Gaming Mode" option, where non-admins could temporarily disable NOD for a set time period (by the Admin).. say 4 hours. After 4 hours, NOD would re-enable.
I understand your point, but I will repeat my point again: disabling temporarily and Gaming Mode is not the same.
grrr, the "gaming mode" suggestion is a marketing spin on this. I don't care what its called, or even how its done. I want max performance when I game. I want max protection from my NOD (advanced heuristics, real-time all files, etc). I dont want to run as an admin on my box. Let me disable when I game. Simple math.
I'm able to disable protection in the account of a limited user after elevating rights when prompted for admin credentials.
what operating system do you use? with vista and 7 you should be able to disable nod from a limited user account. you will get a uac prompt. you shouldnt disable your av while you game. the av shouldnt slow down game, if it does then you -probably have a compatibility problem and should report it. the best solution is to simply turn off the notifications while gaming.
'Block removable media' mostly useless to me as currently implemented... First... Posting Feature Requests to a single thread is silly - they all simply get lost in the maze. There should be a dedicated forum for feature requests, so that each request is its own thread. That said... The 'Block removable media' feature is mostly useless (to me at least) as it is currently implemented. There needs to be more fine-grained control. Most importantly, there needs to be a way to treat *storage* - ie, floppy/CD/DVD drives - media differently from *non*-storage media - ie, USB keyboards, mice, printers... Something like: For all removable storage media: [x] Block all access [x] Allow read-only access [x] Always allow access to USB keyboards, mice and printers The last item is very important - there should be a very easy way to block all removable devices while allowing minor USB devices like keyboards/mice, expecially now that PS/2 ports are going away...
I just want more modularity in the NOD32 AV. This might add complexity to some options/checkboxes within the "Advanced Setup" tree. However, at least we could turn off some options we like/don't like. Options like below: E-mail scanning, File scanning, Web scanning, Document protection, Simple/Awesome GUI, Removable Media protection, Memory protection, Registry check, Hidden/corrupted files check, etc. This way, all of the ESET NOD32 users would be able to customize their own preferences on their AV. We could shift towards a lean and light setup, or a full featured AV product, which may use a little bit more resource, but offers more protection/effectivity. I think no other AV company has offered this much modularity within an AV product. At least, power users and people who like tweaking their own software would be happy playing around with the new EAV settings. And for good measure, during installation, there should be an option presented to the user which AV setting they like -- "simple" or "power user" mode. Simple mode is for your average Joe and the power user mode would be like the suggestion above. Cheers!
I'm just playing with Intel AMT and Eset'S Rescu Disk. This is working almost pefect, but I would require to change the windows\system32\startnet.cmd. In this special case to include vnc (required to autoboot an INTEL AMT pc with ESET.ISO and have a view what's going on).. AT the moment I can manage it copying fast enough the correct startnet.cmd into the temp during Eset's creation process... Another methode would it be to halt the iso creation process after the system is built in the temp directory - and allow manual changes... and to resume ..
My wishlist: 1) Better exclusions support: a) Exclude specific processes (eg. DFS Replication Service) b) Exclude specific drivers and all files/paths they touch (eg. 3rdpartyISCSI.sys) c) Exclude based on internal paths (eg. \\?\Volume{GUID}\*.*) d) Partial-path/Pattern exclusion support (eg. *\inetpub\vhosts\*.* to exclude the pattern) e) REGEX exclusion support. I don't care which flavor, as long as it's a well-documented standard. 2) Ability to request ERA clients to execute of arbitrary commands and ERA packages (eg. "Pull Install", autoupgrade from 4.0 to 4.2, reinstall, reboot, ...). a) I'll qualify this with the fact that "push install" cannot work in the kind of environments I'm using NOD32 and ERA. My ERA clients are not in a single, homogenized, corporate IT plant. My ERA clients are members of many different AD domains, with some not attached to any AD domain. I have to do a lot with hacky scheduled-task VBScripts, duct tape, and bubble gum. I'd rather this feature would be available in ERA than rely on an icky mashup. b) I would like to be able to run packages with the NT AUTHORITY\SYSTEM user rather than having to provide AD or local admin credentials, as it is neither necessary nor desired for all the personnel managing our ERA to have a complete list of all administrator credentials. 3) Better handling of high disk IO scenarios with warnings sent to the user and logged in ERA about possible system instability of the symptom continues. 4) A script-friendly API. Preferably synchronous.
I agree on this as well, it must be possible to roll back to a definition un-affected by any problems. The Update mirror folder should have a cache of old updates we can use to roll back to all server/client machines.
Improvement suggestion It's actually a quite simple thing: Add a check box called "shutdown after the job is done" in window of computer scan, virus signature update, submitting file for analysis... You know, people just don't want to (and usually can't, too) waste time sitting in front of the computer, waiting for NOD32 to complete in depth scan, which can take quite a while on mass computers... Such an option already exists in a lot of other programs, and it might just solve the problems to a lot of people...
I just want to correct the translation in the Spanish version for something less confusing for the user. Currently the string "no se ha podido desinfectar" is misinterpreted by many users as a failure of antivirus.
Re: Future Changes to EAV 3.0 This function would show the power of detection of NOD32, not only malware but also to PUwA and PUsA. There are many users saying that NOD32 does not detect some samples because they have disabled this options. It would be great to add this configuration (for these categories) in the NOD32 installation.
The part of NOD32 that decompresses archives for scanning needs to be multithreaded. It makes me sick to see a scan take 2 hours while my dual-core CPU is pinned at only 50%. I don't know if the rest of it is multithreaded but as much multithreading that can be done, should be. Do they even make single-core CPU's anymore?
I have done a search of this thread and did not see any mention about Windows Home Server, so my apologies up front if I am suggesting something that has already been mentioned. I would like to see an Add-In incorporated so that we have access to EAV via the Windows Home Server console.
PLEASE PLEASE PLEASE, the ability to exclude a process from scanning. We need to exclude C:\Users\<username>\AppData\Local\(applciation name goes here) from all rpocessing, but becuase ESET doesn't support environment variables (%USERNAME%), we have no possible way to exclude this folder without manually adding a few hundred users to the exclusion list..... Excluding a process, like almost all other AV solutions, would do it nicely. Jim
In EAV, ESS and any other ERA compatible ESET products, a "report" button to force it to report into ERA immediately on the update page if an ERA server has been set.