|NOD 32 for Windows 95 / 98 / ME|
Low impact threat protection for
Legacy Windows machines.|
Standard versus Administrator version: the Administrator version has additional functionalities. It is meant to be used in the LAN / WAN environment as it supports creation of copies of the update files so called "mirror". The Administrator version requires a purchase of a Corporate / Multiuser license.
|NOD32 Control Center|
The NOD32 Control Center is the central management module. It provides access to the various features, tools and settings and fully integrates all installed system components. These are categorized into four different sections, each of which can be expanded into an easy-to-use directory tree style system. For increased security, the key settings can be password protected to prevent unauthorized access and modification.
Key Features Include
- Centralized management of the resident antivirus modules and
- Intuitive directory tree style system for easy access to:
- Automatic, internet/LAN Update module
- Centralized system of log files for all installed modules
- AMON - resident on-access monitor
- NOD32 - on-demand scanner
- IMON - Internet monitor - scans e-mails incoming via the
- EMON - complementary e-mail scanner module - scans e-mails
incoming via MAPI interface (details below)
- Flexible task scheduler and planning module
- Quarantine directory
- Key system information
Automatic Update module
- Supports frequent incremental updates and upgrades of the
- Most updates are performed ‘on-the-fly’ (no reboot is required).
- Small incremental update of the virus database minimizes network
congestion and download times.
- Allows flexible scheduling of updates and selection of various
- Checks for updates of the system at user-defined intervals or
even upon the occurrence of a predefined event.
- Provides intelligent update options for computers on dial-up
- Supports proxy-servers (Basic and NTLM authentication).
- Provides authentication of the origin of downloaded update files
using a digital signature technique.
- Supports updating from a local site without accessing the
Internet, such as from a server within a LAN.
- The upgrade system can be configured to reflect a multi-level
hierarchy and/or other needs of a large company or organization.
- Creates updates to a floppy or CD for PCs that are not connected
to the network.
- Configuration settings can be distributed to local workstations
from an administrator’s computer.
- Provides the option to use a configuration file to set system
parameters across the network during initial installation and/or
- Supports ‘silent mode’ on end-user workstations: notification
messages may be forwarded to an administrator only.
- Allows the settings to be password protected.
Centralized Log file system provides information on:
- On-demand scanner results
- Relevant events (e.g. performed updates, executed tasks, etc.)
- Infiltrations detected by resident modules and filters
|NOD32 Scanning Modules|
|All the scanning modules of NOD32 system (on-access monitors, filters, on-demand scanners, e-mail server solutions, gateway filters, API and DLL modules, etc.) use the same sophisticated scanning engine across all the supported platforms.|
NOD32 Scanning Engine Key Features
- The highest detection and scanning rate performance.
- Unprecedented heuristic analysis capable of exposing DOS, Boot, Win32, macro, script and other viruses and worms in the wild.
- Built in powerful virtual emulator enables detection of the most sophisticated polymorphic and metamorphic viruses.
- Virus detection in compressed or protected executable files, such as Pklite, Lzexe, Diet, Exepack, CPAV, UPX, AsPack, FSG, Petite, Neolite, ExeStealth, yoda's Crypter, PECompact, Morphine.
- Support of many archive formats, e.g. ZIP, RAR, ARJ, LZH, LHA, CAB, CHM, TAR, GZIP, BZIP2, NSIS, SIS, WISE.
- Detection of viruses in encrypted, password protected databases and documents.
- Use of heuristic and algorithmic methods to clean viruses.
- Cleaning of macro viruses and restoration of the documents to original format.
- Recovery of the most important system areas (functions) in the event of an infection.
- Storage of infected files in a safe format (not allowing execution) into the quarantine.
- Search speed is maximized through associative, multilevel cache and low-level code optimizations.
- Use of very fast single-point samples and CRCs for precise detection.
- Use of very few system resources.
- Disinfection/quarantining of the files automatically, on-the-fly.
AMON (Antivirus MONitor) is an on-access
(memory-resident) scanner for Windows 95 / 98 / ME / NT / 2000 / 2003 /
XP. Even though it is at full alert, it works silently in the background
and you will probably not even notice its presence until it denies
access to an infected file and pops up a warning window.|
- Utilizes the advanced NOD32 scanning engine.
- Prevents infected files from being opened, executed and warns upon their creation.
- Automatic execution on system startup.
- Scans floppy boot sector upon access and during shutdown.
- Sends notification of infections or errors over network or via e-mail using the SMTP protocol.
- Supports multiple Terminal Server environments.
- Scans also mapped network disks.
|DMON is a plug-in for NOD32 antivirus system that serves for scanning Microsoft Office documents and files downloaded automatically by Internet Explorer (e.g. Microsoft ActiveX elements). DMON provides an additional level of protection to AMON.|
IMPORTANT NOTE: DMON works only with applications that support the MS Antivirus API interface, such as Microsoft Office 2000 (version 9.0 and higher), or Microsoft Internet Explorer (version 5.0 and higher).
|IMON & EMON|
|IMON (Internet MONitor), is the second NOD32 resident scanner. It runs on the Winsock level and scans incoming internet traffic (e-mail). IMON replaces the NOD32’s original POP3 filter with enhanced email protection. Almost no configuration is required, which is great for non-technical users. |
EMON (Email MONitor), a complimentary resident module, scans incoming e-mails in Outlook, MS Exchange and other MAPI compatible e-mail programs.
|NOD32 for Microsoft Windows (on-demand scanner)|
|Provides on-demand protection for PCs at home or in the office, from Microsoft Windows 95 /98 workstations to Microsoft Windows NT/2000/2003/XP, Windows Powered servers.|
- Easy-to-use graphical user interface with an alternative, command-line execution.
- Integrates into Windows Explorer’s context menu, allowing quick selection of a scanning target using the right mouse button.
- Scans operating memory and check its own integrity.
- Cleans, removes and quarantines infected objects.
- Removes infiltrations from files that are locked for writing (e.g., loaded DLL file).
- Removes viruses, worms and Trojans that are running.
- Scans Outlook and Outlook Express e-mail databases.
- Can be scheduled and executed using various users’ profiles.
- Contains a detailed, interactive on-line help.
2007 - 2.70.39
- Fix for a stack
overflow vulnerability which could
allow arbitrary code execution.
May 9, 2007 - 2.70.37
- Fix for a stack overflow vulnerability which could
allow arbitrary code execution.
- Added new command line option "/ALL-". When NOD32's
command line scanner is
run with the /ALL- switch, it will scan files based on their
opposed to scanning all files on the target.
|December 20, 2006 - 2.70.23/2.70.25/2.70.26|
|November 17, 2006 - 2.70.16|
- Enhanced rootkit detection and removal (Anti-Stealth)
- Improved classification of spyware and adware
- Improved removal of malware
| April 04, 2006 - Program components version 2.51.26
- fix for CVE-2006-0951 vulnerability exploitable by local users to gain escalated privileges
- fix for MUI (Multilingual User Interface) on 64-bit OS
- fix for .NET applications
- fix to active mode on 64-bit OS
|Jan 18, 2006 - Program components version
- Improved compatibility with Cisco routers
- Removed duplicate detection of temporary files
- Improved archive detection with MS Exchange Server 5.5
|May 12, 2005 - Program components version 2.50.16|
- Adware/Spyware/Riskware detection
- ThreatSense.Net Early Warning System
- License manager
- Improved in-depth analysis of newly created files
- Automatic movement of newly created files to Quarantine
- Manual start of the monitor
- Improved compatibility with Internet Explorer when DMON is disabled
- Brand new module compatible with all versions of MS Outlook
- Different compatibility mode for different servers
- Access blocking for websites with malicious content
- Improved algorithm for calculating the real file size
- Option added for quick enabling/disabling rules
- Rule added for checking file size
- Information on file from which the memory infiltration originated
- Improved file specification by mask
- NTFS Alternate Data Streams (ADS) check
|October 15, 2004 - Program components version 2.12.3|
- fixed some minor problems
- higher compatibility
|July 27, 2004 - 1.018 (Archive support module version)|
- Added Virus detection in compressed or protected executable files: ExeStealth, yoda's Crypter, PECompact.
|August 27, 2004 - Program components version 2.12.1|
- HTTP scanning
- improved compatibility with HyperThreaded and multiprocessor computers
- progress window when downloading longer files/e-mails
- Advanced Heuristics for newly created files
- On-demand scanner
- option to turn Advanced Heuristics on/off
- added the possibility to use wildcards in the command-line
- added Document MONitor, AV support for MS Office
- support for Microsoft Windows XP SP2 (Windows Security Center, Data Execution Prevention on AMD64, etc.)