ESET ANTIVIRUS - NOD32

The nature of viruses has changed over the years.  Once, they were spread by floppy disks and they tended to crash the system and modify the occasional file.  These days they are spread through many means, the majority being through the internet and email.  The structure of many of today's viruses are to self propagate through email clients, with damage ranging from file modifications, to file deletion, hard drive erasing, BIOS modifications, to flash ROM erasing (preventing your mainboard from working).

FIS has been endorsing various Anti-Virus products over the years, initially with Thunderbyte Anti-Virus, Anti-Virus Professional (AVP), and now with ESET's NOD32 Anti-Virus. All of these products have had 100% detections, but our endorsement of the products are not subject to profits, but to long term industry standings, performance, compatibility, resource use, and reliability.  When the performance of these products become detrimental, we look for other products that are capable of meeting both our demands and requirements, and those of our clients.

A sample of Virus Bulletin's impartial testings and standings.  The order is irrelevant as constant 100% awards are the major issue.

A sample of Virus Bulletin's results. Look for constant 100% detections.

The cost of a twelve month license for NOD32 is $82.50 including GST per license for up to 10 machines for either private or business use until June 30, 2001.  Licensing for systems over this number can incorporate a discount structure.

The key feature of the NOD32 Anti-Virus system is its highly efficient and user friendly heuristic analysis based on the virtual PC technology. It allows detection of new viruses even without the need of constant and frequent updates of the virus definition files. NOD's heuristic analysis, in addition to targeting the traditional virus families, detects also the fast growing macro viruses mutations on Office 97 platform. NOD's heuristics has made, yet another pioneering step when it began detecting the viruses threatening the VxD Windows 95 drivers.

The memory resident antivirus monitor - AMON - provides you with constant and automatic protection: virus detection and cleaning, with no need for the user's intervention. AMON represents an ideal and necessary protection for those using Internet and/or local area networks. In addition to the automatic on access scanning, the boot sectors can be checked upon system shutdown.

Technical Overview

NOD32 is a multi-platform program system for virus detection and removal on Microsoft Windows 3.x, 95, 98, 2000, NT and MS DOS.

It also serves as the tool to minimize the consequential damages of your system due to virus infiltrations.

Key system features are:

  • modular design of fully 32-bit code

  • extremely powerful heuristic analysis, efficient also for the macro virus family

  • use of fast "single point" virus samples and CRC for accurate virus recognition

  • effective virtual emulator serving to detect even the most sophisticated polymorphic viruses

  • maximum scanning speed due to the use of the multilevel, associative, cache-like memory

  • speed enhancement achieved by coding the mission-critical modules in assembler (the machine code)

  • automatic control of the incoming mail and the files used by means of the memory resident monitor

  • effective anti-stealth techniques implemented in the system

  • algorithmic and heuristic virus cleaning available

  • reconstruction of system files of key importance after the virus infection

  • conversion of the document files, after the cleaning has been performed, into original format

  • searching for the viruses in encrypted and password protected databases and documents

  • detection of viruses in archive files (PKZIP, ARJ and RAR)

  • capabilities to find viruses in the files internally compressed and/or protected executable files (Pklite, Lzexe, Diet, Exepack, CPAV)

  • full support for UNICODE in Windows 2000/NT

  • option enabling sending of the warning messages on virus infiltration over the network

  • centralized update option available for easy and fast automatic update

Minimum Requirements

  • CPU 386DX or higher

  • 10MB of disk free space

  • 8MB of RAM

  • VGA video card

NOD32 new version released on 05/03/2001 - v.1.84 (20010503) [1778]

The new version of the virus databases (1778) not only contains new virus signatures, such as VBS/Haptime.A, JS/Yama.A worms, but improvements in the scanning engine for DOS and Windows viruses increase the scanning rate by remarkable 500% in a number of cases. Improved scanning of Win32/Magistr.24876 virus detects and cleans even the files damaged by the virus itself. New signatures include the following worms:
Worms: VBS/Haptime.A, JS/Yama.A
NOD32, v.1.83 (20010429) was released on 04-29-2001

Virus database was updated. New signatures include the following viruses and worms:
Worms: Win32/FunnyFile.10240, Win32/Xcod.A, VBS/San.B, VBS/San.B, Win32/Fewer, Win32/Gift.A, Win32/Hermes.A, Win32/Hermes.B, Win32/Hermes.C, Win32/Heyya.B, Win32/Heyya.A1, Win32/LastWord, Win32/Xanax.A, Win32/Xanax.B, Troodon
Macro viruses: Bablas.BH, Bleck.A, Onex.A, Thus.BH, Squared.A, Marker.FI, BAT/Amri.A, Ceyda.6953, ClickIt.A, ClickIt.B, ClickIt.C, Debat.A, Delarm.A2, Hot, Irc-Worm.ELSpu.0589, JS/VDrop.B, Juliet, Lunatik.A, Minder.A, Minder.B, Minder.C, MircNew, Momma, Ultras.3194, Ultras.3197.B, Wally.A, Wally.B, Win32/Buffy.A, Win32/Buffy.B, Win32/Buffy.D, Win32/Crack.A, Zippy, mIRC/MircNew
Win32 viruses: Win32/HLLP.Semisoft.M, Win32/HLLW.AntiQFX.B, Win32/Hortiga.4938
Trojan horses: Ahc, Aklill, Alporon, Amdv, Ams, Andromeda, Andum.50, Andum.51, Andum.A, Andum.B, Andum.C, Andum.D, Andum.E, Andum.F, Andum.G, Andum.H, Andum.I, Andum.J, Andum.K, Anticomm, Antilame, Apocalypse, Arm, Armoury, Asas, Asd, Athana, BAT/Destroyer.98, BAT/Destroyer.NT, BAT/Holop, BAT/Holup.A, BAT/Inreg.A, BAT/Joreg, BAT/KillAll, BAT/Kuhar, BAT/MkDirs.C, BAT/MkDirs.D, BAT/Munga.A, BAT/Nightstar.581, BAT/Oki, BAT/PrisonCamp.718, BAT/Qdel.A, BAT/RenGo, BAT/Ruinator, BAT/Rumble, BAT/Satanik, BAT/Simpsons, BAT/Soul.A, BAT/Soul.B, BAT/Spamacid, BAT/Steel.1071, BAT/Steel.557.A, BAT/Steel.557.B, BAT/Steel.557.C, BAT/Tally, BAT/Tomb, BAT/Tvan, BAT/Uploader, BAT/Vbe, BAT/Windblow, BAT/Winrip, BAT/Winuck, BBS.Kisel, Black, Bomb_ACK, Bombardment, Buz, Call911, Catfod, Catman, Cd-It, Fixit.A, Futs, Holup.A, Ipxctrl, JS/Destroyer.98, JS/Freq.A, JS/Freq.C, JS/Freq.D, JS/KillMBR.A, JS/KillMBR.B, JS/KillMBR.C, KillAll, RUX, Steel.557.A, Steel.557.B, Win32/Acropolis.10, Win32/Bionet.13, Win32/Bionet.310, Win32/Bionet.311, Win32/Bionet.313, Win32/CyberSpy.1_3, Win32/Danton.11, Win32/Danton.22, Win32/DeepThroat.B, Win32/Dichas, Win32/HackTack.2K.A, Win32/HellDriver, Win32/INET20.A.sfx, Win32/Intruse.134, Win32/JammerKillah.1_2, Win32/Jep.Russ, Win32/Joiner.15, Win32/Joiner.F, Win32/Joiner.G, Win32/Joiner.L, Win32/MBT, Win32/MiniBlackLash, Win32/MoSuck.11, Win32/MoSuck.12, Win32/MoSuck.20, Win32/MoSuck.21.A, Win32/MoSuck.21.B, Win32/MoSuck.21.C, Win32/MoSuck.22, Win32/Mutter.13, Win32/NetTerrorist, Win32/OOTLT.A, Win32/Olive.23, Win32/Olive.24, Win32/PSW.Barok.C, Win32/RTB.104, Win32/RUX.Tick.40.B, Win32/RemoteHack.14, Win32/RemoteToolkit, Win32/Revenger.02, Win32/Shah.10.A, Win32/Snid, Win32/Snipernet.22, Win32/Softwar, Win32/Softwar.drp, Win32/Softwar.sfx, Win32/Webex.14, Win32/WinControl.133, mIRC/Kat
NOD32 - NEW SYSTEM UPGRADE! (ENVIRONMENT VERSION: 1.023) 04-26-2001

MAIN NEWLY-IMPLEMENTED FEATURES:

New anti-virus operating memory (RAM) scanner!
Several unique algorithms providing scanning of computer operating memory were implemented for Windows 95/98/ME/NT/2000 platforms. NOD32 applies state-of-the-art scanning of the operating memory to detect viruses, worms and Trojan horses.

Increased security of update processes!
NOD32 Control Center module (NOD32CC) provides automatic update and network functions of the NOD32 Antivirus System. New security measures were adopted to secure authenticity and integrity of the update files transfered from ESET's update server to clients' computers via the Internet.

Authenticity of the transfered files is protected by means of a digital signature based on improved PGP standards. NOD32CC automatically checks for the authenticity of the update files, and in case of any discrepancy, reports all irregularities to a client.

All digitally signed update files (files with .nup extension), can be verified using ESET's public encryption/decryption key. The applied method of protection is highly reliable and proven.

Update Support for Isolated Computers!
To facilitate updating of computers not connected to the Internet and/or a compter network (isolated, stand-alone computers), the new version of NOD32CC supports updates by means of CD or floppy disk. This option is available in the "Mirror setup" dialog window . . . click the "Advanced..." button.

 
NOD32, v.1.80 (20010418) was released on 04-18-2001

New update contains several new virus signatures including newly appeared worm Win32/Matcher.28672
NOD32, v.1.80 (20010411) was released on 04-11-2001

New update contains several new virus signatures including newly appeared worm WIN32/Badtrans
NOD32, v.1.76 (20010405) was released on 04-05-2001

Virus database was updated. New signatures include the following viruses and worms:

Worms: Linux/Adore.A, REG/STD.C, Win32/Fami, Win32/Fayaz, Win32/Icecubes.A, Win32/Icecubes.B, Win32/Music.D1, Win32/Rastam, Win32/Verona.B, Win32/White.B, mIRC/STD.C
Viruses: APME.Demo.620, APME.Demo.620, Anti-AVP.959, Anti-AVP.989, Bat.Winstart_III.B, Candy.999, Claudia.8772, Config_Boot.B, Cri-Cri.4300.B, Fick.7326, Implant.6200, Intov.708, Intov.709, Ithaqua.8028, Ithaqua.8030, Kidpoly.298, Lpe.418.A, Lpe.418.B, Mariano.147, Messev.2778, Prion.313, Spice.2125, TROJANY, Torero.1427, Tron.B, Vecna.313, Vecna.313, VirTools.Win95/YabranTest, Wanderer.3684.B, Win/Header.Compo.145, Win32/Sexy.256, Win32/Test.1334, Win32/Tossed, Win32/Wit.A, Win32/Wit.B, Win32/Yoyo.653, Win32/Zombie.Intended, Win95/Dodo.1022, Zohra.4516, Zombie.667, Zombie.Vpi.15467
Trojan horses: BAT/Acid.A, BAT/Acid.B, BAT/Acid.Red, BAT/Avir.11, BAT/Avir.13, BAT/Avir.14, BAT/Avir.16, BAT/Barbos, BAT/Bomb.A, BAT/Bomb.B, BAT/Bomber, BAT/Bugger.A, BAT/BumBum, BAT/Cuenta.A, BAT/Daniel, BAT/DelAll, BAT/DelDos, BAT/DelSys.A, BAT/DelSys.B, BAT/DelSys.C, BAT/DelSys.G, BAT/DelTree.D, BAT/DelTree.E, BAT/DelTreeFormat, BAT/DelTreeY, BAT/DelTreeY.A, BAT/DelTreeY.B, BAT/DelTreeY.C, BAT/DelTreeY.D, BAT/DelTreeY.E, BAT/DelTreeY.F, BAT/DelTreeY.G, BAT/DelTreeY.H, BAT/DelTreeY.I, BAT/Delini.A, BAT/Delini.C, BAT/Delini.D, BAT/Delwin.B, BAT/Delwin.D, BAT/Delwin.E, BAT/Delwin.F, BAT/Dvar, BAT/Falken, BAT/FormatC, BAT/FormatC.A, BAT/FormatC.B, BAT/FormatC.C, BAT/FormatC.D, BAT/FormatC.E, BAT/FormatC.F, BAT/FormatC.G, BAT/FormatC.I, BAT/FormatCU, BAT/FunGame, BAT/HDK13.A, BAT/HD_Killer.A, BAT/HD_Killer.B, BAT/Happas.A
NOD32, v.1.76 (20010326) was released on 03-26-2001

Virus database was updated. New signatures include the following viruses and worms:

Worms: VBS/Sorry.C
Macro viruses: Bleck.A, Piece.A, Titch.H
NOD32, v.1.75 (20010323) was released on 03-23-2001

Virus database was updated. New signatures include following viruses Worms, backdoors and Trojan horses:

IRC-Worm.Netol.A, mIRC/Netol.A, VBS/Angel.A, VBS/Staple.A, Win32/201, Win32/711, Win32/AOL.AA2, Win32/AOL.AlphaComs, Win32/AOL.Austin, family Win32/AOL.Buddy, Win32/AOL.Cheeser, Win32/AOL.Cool, Win32/AOL.Epex, Win32/AOL.Fader, Win32/AOL.Grabber, Win32/AOL.King, Win32/AOL.Moniter, Win32/AOL.Movie.B, Win32/AOL.Noter, Win32/AOL.Nytworx, Win32/AOL.Prudentor, Win32/AOL.Puntol, Win32/AOL.Punttek, Win32/AOL.QV, Win32/AOL.Rampage, Win32/AOL.Stealth, Win32/AOL.Subsev, Win32/AOL.Sysmon, Win32/AOL.TDS.A, Win32/AOL.TDS.B, Win32/AOL.TookIt.A, Win32/AOL.TookIt.B, Win32/AOL.WinSpy, Win32/AOL.Yah, Win32/AOL.run32, Win32/AVP32Patch, Win32/AVPatch.A, Win32/AVPatch.B, Win32/Abaddon, Win32/AcidShiver.Kor, Win32/Acid_Shivers, Win32/AckCmd, Win32/ActiveX.Exploder, Win32/AddShare, Win32/Adult, Win32/Aim.Client, Win32/Aim.Server, Win32/Ajan, Win32/Aleppo, Win32/Alex.Client, Win32/Alex.Server, Win32/Alicia.A, Win32/Alicia.D, Win32/Amanda, Win32/Ambush.Client, Win32/Ambush.Server, Win32/Andum, Win32/AntiBTC, Win32/AntiNuke.10, Win32/Apagar, Win32/Arials, Win32/Armageddon, family Win32/Ashley, Win32/Aspam, Win32/Assasin.102, family Win32/Asylum, Win32/Atk, Win32/Atomic, Win32/AudioCat, Win32/Audiodoor.11.Client, Win32/Audiodoor.11.Server family Win32/BLA, family Win32/BO, family Win32/BO2K, Win32/BSDI, Win32/BSE, Win32/BackConstructor.Client, Win32/BackConstructor.Server, family Win32/BackDoor.2_0, Win32/BackEnd, Win32/BackEnd.6, family Win32/Back_Orifice, family Win32/Backage.3x, Win32/Backc, Win32/BadBoy, Win32/Bandeja, Win32/Barbie, family Win32/BaronNight, Win32/Batman, Win32/Bedienks.2, Win32/BigGluk, Win32/BigJack.Dropper, Win32/BillsDeath.Client, Win32/BillsDeath.Server, family Win32/Bionet.xxx, Win32/Bitar.A, Win32/BlackBird, Win32/Blade, Win32/BladeRunner.Client, Win32/BladeRunner.Server, Win32/Blador, Win32/BleemFake.A, Win32/Bluelce.Client, Win32/Bluelce.Server, Win32/Boomer, Win32/Bowl, Win32/BrainSpy, Win32/Breach.45, Win32/Breach.Pro.10, Win32/Bubbel, Win32/Bugs, Win32/Buttman, Win32/Buttman.09, Win32/CCInvader.10, Win32/CCInvader.20, Win32/CFour, Win32/CableBoost, family Win32/Cafeini.xx, Win32/Cain.10b, Win32/Casus.15, Win32/Celik, Win32/Cero, Win32/Cero.Client, Win32/Cero.Server, Win32/Chantal, Win32/Charge, Win32/Chat, Win32/Chupa Win32/Chupacabra, Win32/ClickMe, Win32/Coke, Win32/Coma, Win32/Connection, Win32/Connection.13
Viruses: Fool.E, Win32/HLLW.Flor.A, Win95/Cih.1122
Copyright 1999-2001 First Integrated Solutions.  Web Site Designed for 1024x768.  Comments can be sent to the webmaster@firstintegrated.com.

 

Copyright © 1999-2006 First Integrated Solutions. All rights reserved.
First Integrated Solutions - Shop D, 581 Samford Road, - Mitchelton 4053 - icTelephone.gif 1300 135 248 - icFax.gif 07 3355 7503
News article headlines are sourced from ARN, CRN, ZDNET, IT NEWSWIRE, and others.
Web Site Designed for 1024x768.  Comments can be sent to the webmaster@firstintegrated.com.
Emails originated from anonymous email accounts such as hotmail, yahoo, mail.com and others will not be received due to spam.