Eset Antivirus Beats Leading Vendors to the Punch
Although Windows XP Service Pack 2 has been released to manufacturing, some of the world's leading antivirus vendors including Symantec and McAfee are still in the process of assuring compatibility. As these ISVs continue to perfect their code, a little known vendor called Eset has already beaten them to the punch.
In fact, Microsoft itself is a four year customer of Eset and the software giant has just signed on for an additional two years of service. Microsoft places so much confidence in Eset's Nod32 antivirus product that it uses the software in its release labs.
How could such an unknown score such a high profile account? The answer lies in Nod32's rich detection capabilities, small footprint and feature set. For starters, Nod32 detects 100 percent of in-the-wild viruses according to Virus Bulletin. Nod32 also makes a negligible system performance because of two parameters: it is coded in assembly and its founders claim that their 16 years of experience in programming antivirus engines factors into the engine's overall design.
Eset's negligible impact on system performance has led to its growing popularity among gamers.
Eset's Nod32 is comprised of four core modules: IMON, AMON, DMON, and NOD32. IMON was enhanced to monitor HTTP and HTTPS taffic in a beta version of the software that was released July 22nd. Prior to the update IMON monitored POP3 traffic only. IMON monitors all HTTP traffic for malware, is browser agnostic, has support for hyperthreading in multiprocessor machines and includes a large file download progress window in its e-mail client plug-in.
Unlike other antivirus products, Nod32 will not send out notifications to infected users. An Eset spokesperson told BetaNews that the majority of virus notification e-mails are misleading and are often sent from spoofed email addresses by worms such as Mydoom.
Symantec has recently retooled its products to discontinue the practice.
"Our honeypots collect false notifications from other antivirus products that are never true," said the Eset spokesperson.
The 2.011 beta release of Nod32's resident antivirus scanner AMON has advanced new heuristics to detect unknown trojans and has improved trojan cleaning procedures. Nod32 does not require users to reboot into safemode as its default procedure to remove Trojans; rather, the software will stop the service, delete the trojan and restore Windows to its previous state.
In addition, a previously undocumented feature in AMON's on-demand scanner has been announced which adds command-line support to Windows.
Nod32's newest module, DMON (Document MONitor) adds MS Office System antivirus support to monitor Office documents and macros, bringing the product's feature set up to speed with market leaders Symantec and McAfee.
Another pillar of Nod32's feature set is transparency. Nod32 is capable of running into a silent mode were users receive no notifications and are not prompted to interact with the scanner even when a virus is detected. "Users don't care about viruses or configuration; they care about security," said Eset's spokesperson.
In a June interview with BetaNews, a McAfee spokesperson told BetaNews that transparency is one of McAfee's goals for future product releases. Microsoft's upcoming antivirus product is expected to operate in a similar fashion.
The software also receives hourly updates and does not need to be uninstalled when an upgrade is released. Eset claims that installation of Nod32 takes under 2 minutes on most systems and that virus definition updates to its enterprise product come in increments of less then 24 kilobytes.
A final release of Eset's 2.x product series is expected to ship by mid September. Localized versions for Eastern Europe will be among the first to be released with an English language version following suit. Since Eset operates under a subscription pricing model, existing customers will receive the update free of charge.
Nod32 is available in non-English languages including: Italian, Polish, Portuguese, Spanish, German, Czech, Croatian and Hungarian for both the Windows and Linux operating environments.
Nod32 may be downloaded from FileForum.