NOD32

From Phoenix Labs Wiki

NOD32 Antivirus System

Written by PFCdude

edited by fox

Contents 1 About 2 Compared Proactive Detection 3 NOD32 Architecture/features 3.1 NOD32 3.2 Internet MONitor (IMON) 3.3 E-mail MONitor (EMON) 3.4 Document MONitor (DMON) 3.5 Fast Performance 3.6 Smallest Footprint 3.7 Easy to Manage 4 Current Version 5 Configuration 5.1 Step One 5.2 Step Two 5.3 Step Three 5.4 Step Four 5.5 Step Five 5.6 Step Six 5.7 Step Seven 6 copyright 7 Phoenix Labs Contact info

About

Founded in 1992, ESET is a global provider of security software for enterprises and consumers. ESET’s award-winning, anti-threat software system, NOD32, provides real-time protection from known and unknown viruses, spyware and other malware. NOD32 offers the smallest, fastest and most advanced protection available, with more Virus Bulletin 100% Awards than any other [antivirus product www.virusbulletin.com]. ESET was named to Deloitte’s Technology Fast 500 four years running, and has an extensive partner network, including corporations like Canon, Dell and Microsoft. Eset is headquartered in Bratislava, SK; offices in San Diego, USA; Prague, CZ; Buenos Aires, AR; and is represented worldwide in more than 80 countries.

NOD32 isn't just antivirus: it's a unified anti-threat system which protects against viruses, spyware, adware, trojans, worms and phishing attacks. The proactive ThreatSense™ technology stops 93% of zero-day threats before they’re even released. The optimized engine delivers the best detection, fastest performance, and smallest footprint of any antivirus or antispyware solution. NOD32 is flexible and configurable with centralized management and reporting functionality. The broad product platform protects Windows, Linux, Novell and MS DOS machines.

Compared Proactive Detection

When new viruses, worms and other malicious attacks strike, traditional signature-based technology is insufficient. Every minute you wait for an update is another minute that your comptuer and network are vulnerable to damage, infection, or identity theft. ThreatSense Heuristics closes the window of vulnerability by safely identifying and stopping malware as it runs on your computer.

NOD32 has consistently been rated as the best protection against zero-day outbreaks and attacks by the world's leading antivirus testing organizations.

NOD32 Architecture/features

Antivirus MONitor (AMON) An on-access (memory-resident) scanner, which automatically scans files before they're accessed.

NOD32

An on-demand scanner, which can be run manually on specific files or disk segments. It can also be scheduled to run during off-peak times.

Internet MONitor (IMON)

A memory-resident scanner that runs on the Winsock level to prevent infected files from reaching the computer's disks. Its scans internet web browsing traffic (HTTP) and incoming e-mail via the POP3 protocol.

E-mail MONitor (EMON)

An auxiliary module for scanning incoming/outgoing e-mails via the MAPI interface, such as Microsoft Outlook Microsoft Exchange.

Document MONitor (DMON)

Utilizes the proprietary Microsoft API for scanning Microsoft Office documents (including Internet Explorer).

Fast Performance

Great detection doesn't have to slow down your computer. Written largely in assembly language, NOD32 continually wins awards for the fastest performance of any antivirus application, on average 2 to 5 times faster than the competition (source: Virus Bulletin). Switch to NOD32 and upgrade your computer's performance.

Smallest Footprint

NOD32 conserves resources on disk and in memory, leaving more for your critical applications. The installer is just 8.6 MB and the application takes up less than 20 MB in memory (this fluctuates with changes to the detection technology). ThreatSense updates, which includes heuristics logic and signatures, are usually between 20 kB and 50 kB. Switch to NOD32 and reclaim precious resources.

Easy to Manage

Program and database updates are automaticaly performed behind the scenes. If you're an individual or home office user you can just 'set it and forget it.' Businesses and organizations with large distributed networks can use the powerful Remote Administrator to centrally deploy, install, monitor and manage thousands of NOD32 workstations and servers.

Current Version

Current Component Version is 2.51.30

Configuration

Tips on setting up NOD32: Nod32 can do wonders if you know how to use it. This following section will show you a simple way to get it to do everything without it bothering you with a question when something comes up:

Step One

1. First, download the trial if you want to try first.
2. Install it.
3. Double click the icon once installed.
4. Start with the first button **AMON**:
5. Click it. Now, on the right click Setup.
6. Go to Options, and make sure everything on this page is checked.
7. Then go to the Actions tab.
8. Click clean automatically.

Step Two

1. next button **DMON**:
2. Click Setup. Everything in this tab needs to be checked except System list all files.
3. Now, the important part which you will be repeating on the other buttons:
4. Click the Actions tab [Note: this will be the same on all the others and will need to be changed to the same].
5. Under Actions, there is a drop-down menu that says Files.
6. Click the button that says Clean which will open the right side, which basically means: If I can't clean it then what? Which means the file is not an infected file, per se. It is only a virus or malware/spyware file.
7. Then hit the Delete bullet on the right side so clean/delete are the options now if it finds a bad file.

Step Three

1. Next - Archives: Clean/Delete
2. Self-extracting Archives: Clean/Delete
3. Run-time Packers: Clean/Delete
4. Hit OK

Step Four

1. Now **EMON**:
2. Click Setup then on the detection line, check everything.
3. Then on the actions line, repeat DMON actions (see step above).
4. Leave everything else.
5. Hit OK.

Step Five

1. Now **IMON**:
2. Click Setup.
3. Click the HTTP tab, then make sure Automatically Deny Download of File is checked.

In the misc. tab, this may be useful for you if your computer has been hijacked.
Click the Repair Now button if you have problems. This will fix connectivity 
spyware that re-routes your IP. 

Down at the bottom click Setup under the Scanner section: Again everything 
checked except List all files 

1. Then on the Actions tab, we repeat again the step above, except there is one extra option here called E-mail which we do Clean/Delete as well because if it comes with an attached virus, it will remove it. If it can't remove it, and it's based in the body of the E-mail, it will delete.
2. Then hit OK and OK again.

Step Six

1. Now click the NOD32 button on the left then the Run NOD32 button on the right.
2. This is the actual scanner interface. Generally here you will end up clicking Scan and Clean.
3. It will default to select C: as the scanning target.
4. First, click the Setup tab.
5. Check everything. You will be prompted when you check advanced heuristics. This is fine.Click #Yes/Ok.
6. Then the Actions tab.
7. Files will be Clean/Delete
8. Boot sectors will be Clean/Replace
9. Archives are Clean/Delete
10. Ditto until you get to E-mail - Clean/No Action (it will remove the file if you attempt to download an attached bad file).
11. Same thing with E-mail folders - Clean/No action.
12. And finally, Operating Memory - No Action. Like I said, it will remove on restart

Step Seven

1. Now, hit quit. It will prompt you to Save Settings. Comply and hit Run Nod32. Again, go to the Actions tab, and make sure changes were saved. If they were, congrats, you're good to go. Run the scanner and it will get you clean as a whistle. You will not have to worry about anything on your computer getting infected again. If it didn't, re-run last steps up to Click Nod32.

Now that you know, you can help fight the war against malware 
by avoiding it altogether.

copyright

These images are used as an example of the program NOd32 Anti-Virus and a basic walkthrough of the program. The copyright for it is most likely owned by either the publisher/developer and/or owner(s) producing the work in question. It is believed that the use of low-resolution screenshots of the program:

for commentary on the program in question, on the English-language Wikipedia, hosted on servers in the United States by the non-profit Wikimedia Foundation, qualifies as fair use under United States copyright law. Any other uses of this image, on Wikipedia or elsewhere, may be copyright infringement. See Wikipedia:Fair use for more information.

To the uploader: please add a detailed fair use rationale as described on Wikipedia:Image description page, as well as the source of the work and copyright information.

Phoenix Labs respects copyright law and has respect for the developers of this great program and if the developers have an issue with any of the following with the accuracy, adequacy, reliability, currency, completeness, suitability of the content, please feel free to contact us.

BACK to AV software

Phoenix Labs Contact info

If your question is not answered after reading this FAQ, please feel free to contact Fox for help. Dumb questions will be given dumb answers, so please make sure your request is smart and to the point. All questions will be kept entirely confidential.

Private message	fox [at] http://forums.phoenixlabs.org/member.php?u=39
E-mail	foxatphoenixlabs@gmail.com
MSN	foxatphoenixlabs@gmail.com
ICQ	52168119
AIM	foxatphoenixlabs

---

PAGE IS UNDER CONSTRUCTION, will be updated soon.

Information may change at anytime, please if there are any mistakes or info that is wrong, please contact us.

---

BACK to AV software

Information can change without notice.

2006 Phoenix Labs | fox productions