You will then see the download progress in a window similar to this:
Once it has downloaded, locate and run the file by double clicking on it.
Whether from a CD or from a download, the installation instructions from this point are the same. You will see this screen:
Click Extract to begin the installation process.
The extraction path can be changed in the "Extract to" box. This will not affect the final installation directory, only where the installation files are put during setup. These files can be removed after NOD32 setup completes. If installing onto a 64-bit operating system, the installer will automatically install a compatible version, but the Extract path will read: C:\Program Files (x86)\ESET\Install
After clicking Extract you will see the files being expanded onto the disk:
.and then you should see the following message:
Once the Setup Wizard has started, you will be presented with the Installation choices.
NOD32 Installation Guide 10
NOD32 Installation choices
Typical installs NOD32 with the correct settings for normal usage, and will make most of the decisions for you about the installation. If you have no particular requirement to install NOD32 with specific settings, it is recommended to choose this route. Typical installation is the default option. Advanced allows some customisation of the installation process, including being able to password protect settings and enable silent messaging. This is useful for users who have a shared computer. Expert allows every part of the installation to be controlled and customised, and offers many configuration options at install time, including setting up SMTP messaging for alerts. If you need to change the installation path from the default C:\Program Files\ESET you must choose either Advanced or Expert Installation modes. This guide shows all the installation options for each route, clearly marked, whether the information applies to Typical, Advanced or Expert, so that you can easily navigate to the relevant information. Whichever installation route is chosen, all the options, apart from a select few, such as installation path, desktop icon and context menu scanning, are configurable after the product is installed, so for most purposes, a typical installation is fastest and simplest. For an At-a-glance chart of installation options see Appendix B: Installation Types
NOD32 Installation Guide 11

Typical installation: jump to page 21 Advanced installation: jump to page 16 Expert installation: jump to page 16
NOD32 Installation Guide 15

Proxy Servers

If you know that you use a proxy server, and chose the I use a proxy server option, you will be presented with a screen in which you can fill out your proxy details.
Your network administrator or ISP (Internet Service Provider) should supply you with the username and password for the proxy, if required. Do NOT put your NOD32 username and password into these fields.
When you have finished, click Next> to continue the installation.
NOD32 Installation Guide 16

Configuring Updates

The Advanced and Expert installation routes allow you to configure updating options at this point.
Clicking on the Change button will give control over program and signature options, all of which can be configured after installation. Its recommended that you leave these options as they are. ESET release regular updates to keep NOD32s protection current, we strongly advise that automatic updating is left enabled, to ensure that your computer has the best protection possible.
NOD32 Installation Guide 17

General Setup

Advanced and Expert mode installation now give several other options. The Silent mode option can be set, so that only an administrator (set later) is sent messages that do not require some user intervention. There is also an option to password protect the settings if you work on a shared computer, and you dont want other people to be able to change the NOD32 configuration, you can set a password of your own choosing (NOT the license password that was sent to you by ESET) on the configuration options, so that only you will be able to change the configuration.
NOD32 Installation Guide 18
Disabling ESETs custom graphics & the NOD32 splash screen
At this point, Expert mode will also give you the option to use a standard windows interface rather than the NOD32 default, and to disable the Splash Screen (a banner with NOD32 information on it) that comes up each time you log onto Windows.

NOD32 Installation Guide 25
Document MONitor (DMON) Configuration
Microsoft Office documents (Word, Excel, etc.) can sometimes contain viruses which infect other files when the document is opened. Document MONitor (DMON) provides protection against this sort of threat. Later versions of Internet Explorer allow Microsoft Office documents to be opened within the browser, directly from the internet. DMON will monitor these documents and prevent infiltration of a virus should an infected document be opened.
DMON is enabled by default in all installation modes, but can be disabled if desired in Advanced and Expert modes.
NOD32 Installation Guide 26
Internet MONitor (IMON) Configuration
While the role of AMON is to provide real-time, resident, anti-virus monitoring of a system and user actions, the IMON module protects your computer from email and internet threats. To allow scanning of POP3 email and while also using the internet, we recommend having IMON enabled. IMON is enabled by default in all installation modes, but can be disabled if desired in Advanced and Expert modes.
IMONs primary role is to monitor incoming email. The key advantage of IMON is its ease of use. There is virtually no setup necessary since this module works with all email programs. IMON works on the winsock level (operating system level). If IMON is not enabled, the AMON module will still prevent the opening of infected attachments saved from email and the internet. However, it is strongly recommended that IMON be enabled while using email or the internet.
NOD32 Installation Guide 27
IMON Configuration (email)
IMON will work correctly with most POP3 email clients, however there may be cases where some incompatibility occurs, in which case, you can reduce the efficiency of IMON, to ensure that it works correctly. Notifications of checking can be added to email, and this option can be configured here (in Advanced and Expert routes)
Reducing the efficiency of IMON may mean that some features are disabled, or that the performance may be affected.
Generally, it is not recommended to enable IMON when installing NOD32 onto a server, as some system instability may occur.
NOD32 Installation Guide 28
IMON Configuration (HTTP)
IMON can also check for infiltrations coming through the internet browser. The default option is to offer a choice of actions to the user when an undesirable object is detected. IMON can also be configured to automatically deny the download of the infected file. HTTP checking is enabled by default, but can be disabled during Advanced and Expert installations.

NOD32 Installation Guide 29
Email MONitor (EMON) Configuration
EMON (Email MONitor), a complementary resident module, scans emails incoming via MAPI interface. The MAPI interface hooks into the different interfaces of Microsoft Outlook. MAPI interface is used also when receiving emails from the Microsoft Exchange Mail Server via the Exchange protocol.
Even if the MAPI Interface is not used on the computer, EMON will still be installed. E-mails incoming via the POP3 protocol will be checked by IMON.
NOD32 Installation Guide 30
Completion of Setup Configuration
At this point all installation tracks reconverge, and the configuration phase is complete. This is the last point at which changes can be made to the selected installation options, before the files are copied and the configuration completed.
If you wish to change any configuration parameters, use the Back button now. If you have enabled the AMON module, you should particularly ensure that you have no other resident (on-access) anti-virus scanner active before proceeding. To complete the installation with the selected configuration, click Next>
During the setup, you will see this message:
NOD32 Installation Guide 31
After installation has completed you will be required to restart your machine. You should ensure that no other anti-virus scanner will load at restart, save any active work, and click Finish to restart the machine.
If you do not wish to restart immediately, choose Restart later. NOD32 may not function correctly, and your computer may not be protected from viruses until you have restarted your computer.
Once your PC has re-started, open the NOD32 Control Center by clicking this icon once, in the bottom right hand corner of your screen, look in the Update section and press the Update now button to ensure you are up to date with ESETs virus definitions. After that, go to the Threat Protection Modules section and click once on NOD32. In the right hand screen, click the button for an In-depth analysis. This will give your machine an immediate and thorough scan.
NOD32 Installation Guide 32
Configuration.after installation
NOD32 Installation Guide 33
Configuring Profiles for manual or On-Demand scanning
The first thing you might want to do is review the default profiles so that NOD32 is scanning exactly what you want, when you want. Open the Control Centre by clicking this icon in the bottom right hand corner of your screen (in the system tray near the clock). Then under the section Threat Protection Modules click NOD32 and in the resulting right hand window, click Run NOD32.

NOD32 Installation Guide 34

Scanning Targets

After a few seconds, you will be presented with the Scanning Targets window where you can choose which drives are scanned (the ones selected will have a red check mark through their icon).
NOD32 Installation Guide 35
Next, move to the Setup tab where you can alter the default settings to suit your personal preferences of what is scanned when running NOD32 for an On-demand scan. You can add or exclude certain file types if desired and you can send messages of warnings to another machine or an administrator.
Details for the latter need to be entered in the NOD32 System Setup > Notifications area.
NOD32 Installation Guide 36

Actions

Then move to the Actions tab where you can change the default settings if you wish. You can select: Files Boot sectors Archives Self-extracting archives Runtime packers Email Email folders Operating memory (depending on your selections in the next section: Setup) and choose what actions you would like NOD32 to perform if an infiltration is detected. You can choose to Quarantine a suspicious file for most of the types of objects just mentioned, which means that a copy of the malware will be placed in the ESET folder (C:\All Programs\ESET\infected). This can then be sent to ESET for analysis if absolutely necessary. If you choose Clean as the action to take If a virus is found and it is not possible for technical reasons to clean a particular file, there are some secondary actions that can be activated in the right hand column in this window. (Refer to Dealing with alerts and virus incidents on page 46, for more information)
NOD32 Installation Guide 37

Profile saving

The last tab in this section is for Profiles. By default, the program will use the Control Center Profile. If youve made some changes on the previous tabs, you can now save them to Control Center Profile, or to My Profile if you wish. There are also some pre-set Profile headings for Floppy Disk, In-Depth Analysis and Local Disk scanning, so there are numerable variations for On-Demand Scanning options. The Context Menu Profile refers to scanning an individual file or folder by right-clicking on it. When you do so, a drop down panel will give you various system options; one of them is to get NOD32 to scan the file or folder for infections. This is a very useful quick check before opening any file. Some users might want to set up another profile for some specific scanning of certain media. You can create a new name for it here by clicking the Profiles button in the lower part of the window. Then you can setup some new parameters and save them under this profile.
Its also possible to use Password Protection to stop other users changing profile settings. First, you must setup Password Protection. You may have already selected this during installation. In the main Control Center window, enter the NOD32 System Tools section and then look in the NOD32 System Setup area. Then click Setup and you will see the area for setting your password. The password is totally of your invention and should NOT be confused with the username and password that ESET send you with your license email. Make sure the password is easy for you to remember, but if you did forget it, you can unlock NOD32 again by getting this unlocking utility from our website: http://www.eset.com/files/unlock.exe

NOD32 Installation Guide 38
Finally, the Scanning Log tab shows exactly whats going on when a scan is invoked.

Scan button

This will invoke a scan of your selected drives (as youve specified in Scanning Targets) and you will see all the files being scanned in the window. If the On-demand scanner finds an infiltration or potential infiltration, it will be displayed in red in this window. You can then either choose to click the Scan & Clean button as described below, or right click on the log entry and from the drop down context menu, choose Clean. The latter is the far quicker method if any infections are detected. Once the scan has been started, the Scan button changes to a Pause button. This might be useful in case you wanted your PC to perform a task in another application while the scan is running, with as little performance slow-down as possible. Once the scan has been started, the Scan & Clean button changes to a Stop button in case you wanted to terminate the scan before it finishes.

Scan & Clean button

This will also invoke scanning of your selected drives and directories, but will automatically perform the relevant action (Clean, Prompt for an action, No action, Rename, Delete, Replace, Copy to Quarantine) that you have chosen in the Actions tab.
NOD32 Installation Guide 39

Scanning

The Scanning Log window does not need to be watched in real time.you can wait until its finished to review the complete log entries. The scan can take a few seconds or several minutes, depending on what you have asked to be scanned and in how much depth. When finished, you can review the scanning log. Any suspicious files will be shown in red and the path will be shown of where they are residing on your machine. You can right-click on these red notes and choose Clean at this point.
In the screenshot above you will notice the items C:\pagefile.sys - error opening (Access denied) [4], C:\hiberfil.sys error opening (Access denied) [4], etc. This is perfectly normal and is nothing to worry about. The files are being exclusively used by your operating system and nobody, not even NOD32, has permission to look inside them. At the end of the scan, you will see a brief comment of explanation (see inset screenshot above).
At any time you can review previous system scans in the Logs section in the Control Centre. Look in NOD32 Scanner Logs. Equally, you can review details in the Threat Log if any infections have been found and the Event Log will give details of updates, connection errors, warnings, etc.

NOD32 Installation Guide 40

On-demand scanning

So, youve setup the scanning profiles to your liking, or maybe youve chosen to stick with the default settings, and run a scan of your PC. Now you can instigate a scan of a specific drive on your computer, or specific files, or a Floppy disk or CD, etc. using your pre-defined setups saved under the Profiles tab. This is called an On-demand scan. In the Control Centre, under Threat Protection Modules, click NOD32 and in the right hand window click one of the 4 buttons that suits your requirements: Local to instantly start a scan of all local drives Run NOD32 to open the setup tabs as previously mentioned in Profiles on page 32 Diskettes to instantly start a scan of any floppy diskettes In-depth analysis to instantly scan everything on your machine with more depth than a standard scan. This scan has its own prESET, indepth parameters, with everything set to maximum, so is not governed by the Profile(s) you have previously setup. This scan could therefore take much longer than a normal scan.
NOD32 Installation Guide 41
On-access scanning (AMON)
This is when you attempt to open a file and NOD32 will automatically check it for you first via AMON (the Access MONitor). By default, AMON will be the resident scanner on your machine, always vigilant, always in the background, always ready to warn you of an infiltration.
On-access scanning (DMON)
DMON is a plug-in for NOD32 that serves for scanning Microsoft Office documents and files downloaded automatically by Internet Explorer (e.g. Microsoft ActiveX elements). DMON provides an additional level of protection to AMON.

Email scanning (EMON)

EMON (Email MONitor), a complementary resident module, scans emails incoming via MAPI interface. The MAPI interface exploits the different interfaces of Microsoft Outlook. MAPI interface is used also when receiving emails from the Microsoft Exchange Mail Server via the Exchange protocol.
Internet traffic scanning (IMON)
IMON will also continually work in the background on your machine, checking your incoming email and also any websites that you visit and download from.
For more information on AMON, DMON, EMON & IMON or the NOD32 scanner, please check the Help button in the NOD32 Control Centre (there is a 2nd button in the righthand window too for specific module help) and/or have a look through the Frequently Asked Questions (FAQs) on the ESET website: http://www.ESET.com/support/faq.php On access scanners load into system memory, and intercept all the calls made by the operating system to the file system. In this way they ensure that a file has been scanned before it is passed to the system for opening, thus preventing a virus from infecting the sytem.

Advanced Heuristics

This extends the standard heuristic capabilities of NOD32 and allows detection of a high number of new threats, etc. However, we recommend that you use Advanced Heuristics carefully when setting up these preferences for an Ondemand scan as it can slow the scanning time quite dramatically and can occasionally produce a False Positive, hence it is not enabled by default. (A False Positive is when NOD32 suspects a file or folder is containing something malicious but which turns out to be harmless).

Anti-Stealth Technology

Rootkits are now frequently used to hide malicious processes and files. Enabling the use of Anti-Stealth technology will allow Rootkits to be detected, even if they are installed and active, and they are hiding files from the operating system. NOD32 can then use signatures and heuristics to detect and remove these threats. We recommend periodically running an In-depth analysis scan of your machine, for example, which has Advanced Heuristics enabled. In fact, this type of scan has everything set to maximum, hence its a sensible habit to run it now and again. You may wish to setup a Scheduled Task to run an In-depth analysis scan once a week, or once a month. In NOD32 Control Center, look in NOD32 System Tools section and click on Scheduler/ Planner. Then click on the [+] Add button and follow the setup instructions. We strongly recommend leaving Advanced Heuristics enabled in the AMON, DMON, EMON & IMON modules. For more information please check the Help button in the NOD32 Control Centre and/or have a look through the Frequently Asked Questions (FAQs) on the ESET website: http://www.ESET.com/support/nodfaq.htm
NOD32 Installation Guide 45
Dealing with alerts & virus incidents
NOD32 Installation Guide 46
Dealing with alerts and virus incidents
Basic rules to follow if a virus is detected: Trojans can only be deleted as they do not infect other files and contain only their own code Worms in email attachments should be deleted as they contain only the viral code If the IMONs HTTP scanner detects a virus, choose to terminate the connection to prevent it from saving to the disk. If you are unsure whether it is safe to delete the particular file without any side effect on your systems functionality, we suggest you tick the Copy to quarantine checkbox before you choose to delete it. Please bear in mind that many viruses copy themselves to system folders such as WINDOWS or WINDOWS\system32 to confuse the user. Should you have any concerns about deleting the file and were unable to find any description of it, either on our website or on the web, please send the suspicious file to samples@eset.com for analysis. Note: Occasionally, you may get a virus alert where the name of the infection is unknown or probable. This is because one of the NOD32 modules has detected virus-like characteristics in a file but doesnt have a matching signature to verify the virus name. This is most common with very new infections which have not yet been identified. NOD32 has an impressive record of catching still-unknown, new viruses and worms because of the sensitivity and power of these characteristic scanning techniques, also known as heuristics. Since these are very often as-yet-unknown malware (bad software), we are very interested in receiving samples of these files for analysis.

NOD32 Installation Guide 47
Submitting a sample file to ESET
NOD32 uses ThreatSense.Net Early Warning System. This system enables the evaluation of files which may have been flagged as suspicious by NOD32. It assists the user to submit such files to ESETs analysts, if this is desirable. ThreatSense.Net is enabled by default, but will prompt the user before submitting any files. The process can also be completely automated, or disabled if not required. The system also includes collection and submission of anonymous statistical data about detected infiltrations which enables ESET, the vendor, to watch and evaluate the progress and severity of the spreading of particular threats. For disabling, enabling and further control over the ThreatSense.Net Early Warning System, you can go to the NOD32 Control Center > NOD32 System Tools > NOD32 System Setup and click on Setup in the right hand window. In the next window, go to the ThreatSense.Net tab and click Advanced settings. and youll see another window like this for further configuration. The Exclusion Filter has a few common file extension names included (ie: Word Document, Excel Spreadsheet, etc.) to prevent accidental disclosure of private information to ESET. You can add or remove specific file names if you desire. There may still be occasions when you wish to submit a sample file manually. First check the Quarantine box before cleaning, renaming, or deleting the suspect file. The quarantine process saves a copy of the file in an encrypted and non-executable form, so no-one will be accidentally infected while moving the file, or sending it via email. The quarantined files are (by default) saved to C:\Program Files\ESET\infected\. Files should not be submitted manually once NOD32 has evaluated them as suitable for analysis and submitted them automatically. To submit a quarantined file, simply go to NOD32 Control Center and then to the NOD32 System Tools section. In this section is the Quarantine subsection and in the right hand window youll see a list of the files you have quarantined. Simply highlight the entry, or entries, you wish and then click the Submit for analysis button below the window. For more information on how to manually submit suspicious files follow the instructions here: http://www.ESET.com/support/faq1.php?id=1110

NOD32 Installation Guide 48

Troubleshooting

NOD32 Installation Guide 49
Appendix A: Troubleshooting
Q: My username or password doesnt work A: If a dialog box pops up asking for your username and password, its most likely because they were entered incorrectly during setup, or that your NOD32 license has expired. If you are sure your license is still valid, click Setup on the popup screen to re-enter the username and password as sent to you in the email from your vendor. Your username and password are case sensitive (the username is always AV- in upper-case, followed by numerals and the password only uses lower-case letters plus numbers), and must be entered exactly, including the dash - character in the username. We strongly recommend that you copy and paste these values to avoid mistakes. (Highlight the text, Ctrl + C to copy and Ctrl + V to paste into the required fields) If you have tried these suggestions without success please contact your resellers Technical Support. (Further information can be found on ESETs website: http://www.eset.com/support/nodfaq.htm) Q: Can I use NOD32s IMON with email client XYZ? A: If your email client uses the POP3 protocol, it should work with IMON without any further configuration. Note that if you use IMAP or another protocol not currently supported by IMON, you will still be prevented from opening unsafe attachments by the AMON module. Q: My problem is not listed, what should I do? A: If you have any other questions, start with the list of Frequently Asked Questions (FAQ) - http://www.eset.com/support/faq.php If you dont find the solution there, please contact ESET Technical Support by http://www.eset.com/support/index.php
NOD32 Installation Guide 50
Appendix B: Installation Types
Typ. = Typical Installation (Recommended for most users) Adv. = Advanced Installation (Partially customised installation) Exp. = Expert (Fully customised installation) Post = Option can be configured post install
Option NOD32 Destination folder Silent Mode / Password protect settings GUI type / NOD32 Splash screen Send warnings by email or Win.Messenger Update-server, Username & Password Internet connection & proxy settings Auto-update configuration Launch resident protection (AMON) on startup Place On-demand scanner icon on desktop Enable on-demand scanning with mouse Install DMON, IMON services Enable email scanning/cleaning Enable HTTP scanning Install EMON services ThreatSense.Net Early Warning System
Default Typ. Adv. C:\All Programs\ESET l Off / Off l Full Graphic / Yes Off / Off Auto / -none- / -nonel l Use IE/no proxy l l Hourly or on-connect l Win9x - Yes, XP/2000/2003/NT - No l l Yes l Yes l Yes l Yes l Yes l If Outlook installed l Yes l l

Exp. l l l l l l l l l l l l l l l

Post l l l l l l l

l l l l l
NOD32 Installation Guide 51
Appendix C: Uninstalling NOD32
To uninstall NOD32, go to Start in the lower left hand corner of your computer screen and select Programs or All Programs and then the ESET folder. Inside that folder is a file named Uninstall. Click on this file to invoke the uninstallation process. This takes a few seconds. When finished, reboot your machine as prompted and after the PC re-starts, check that the ESET folder has been removed from C:\Program Files. If it hasnt, you can now delete this ESET folder manually by right-clicking your mouse on the folder and selecting Delete. You can now install the full commercial version of NOD32, or re-install it if the original installation was not successful, and reboot your machine as prompted once more.
NOD32 Installation Guide 52

Glossary

AMON Archives On-Access Scanning Monitor - scans all files on your computer as soon as you try to run or access them. Compressed or stuffed files: can be used to save a lot of disk space and transfer larger files via the internet more quickly. For instance.zip and.rar are archive files. The boot sector is the first sector on a floppy disk. On a hard disk it is the first sector of a partition. It contains information about the disk or partition, such as the number of sectors, plus a small amount of program code. A high-speed, high-capacity transmission channel. Broadband channels are carried on coaxial or fiber-optic cables that have a wider bandwidth than conventional telephone lines, giving them the ability to carry video, voice, and data simultaneously. Standard code letter for main hard drive on your computer. The Cache is a file on your readers computer where their system stores a copy of objects accessed recently. Then, if the same object is required again, instead of issuing another request, the computer can simply use the copy from the Cache, which can save a considerable amount of time. Central processing unit. Also known as a microprocessor or processor. The 386, 486, and Pentium are examples of CPUs built by Intel, but there are many types of CPU. The computer is connected to the internet via a modem through a normal telephone line. Download speeds will be slower than Broadband. On-Access Scanning Monitor specifically for Microsoft Office Documents (Word, Excel, etc.) Copy a file from the internet to your machine - for example downloading an update from ESETs website. Often referred to as an FP. A False Positive is when a anti-virus scanner reports a file or folder as containing something malicious but which turns out to be harmless. HyperText Transfer Protocol - The Webs communication standard, referenced in the http:// that appears at the beginning of every web page address (an extra s on the end, as in https:// denotes the secure, encrypt form). HTTP is what allows web browsing to work. Internet Message Access Protocol. One of the protocols allowing a user to access their email. It permits manipulation of remote message folders (mailboxes), in a way that is functionally equivalent to local mailboxes. IMAP and POP3 are the most common methods for email retrieval. Internet traffic Scanning Monitor - scanning incoming email and website downloads for malicious software Executable file that will install a program, for instance to install NOD32 onto your machine. Every computer on the internet has an IP address assigned to it. Its like a phone number for your computer. An IP address is formatted like this: ##.##.###.###. (12.34.567.890 for example). Web browsers dial this number to find another computer on the internet. IP addresses are matched to friendly names like www. ESET.com via a system called DNS (Domain Name Service) Internet Service Provider - the organisation that provides your connection to the internet. Messaging Application Programming Interface - A system built into Microsoft Windows that enables e-mail applications to work together to distribute mail. As long as both applications are MAPI-enabled, they can share mail messages with each other.

Boot Sectors

Broadband

C: Cache

Dial-up connection DMON Download False Positive
IMON Installer IP address

ISP MAPI

NOD32 Installation Guide 53
Operating Memory The area of memory used by the system to run itself and any loaded programs. Some Operating memory (also called System Memory) on the disk in a swapfile, which is a type of Cache, and the rest in the RAM chips on the computer. Viruses try to load themselves into Operating Memory so that they remain active while the computer is switched on. Your password, secret word or code used to access information. For instance, your personal password assigned by ESET to access the ESET servers for updates, upgrades and downloads. (You may also set your own password to protect your settings from other users on your computer. This is set by you and should not be confused with ESETs password). Version 3 of the Post Office Protocol. POP3 allows a client computer to retrieve electronic mail from a POP3 server via a (temporary) TCP/IP or other connection. It does not provide for sending mail, which is assumed to be done via SMTP or some other method. IMAP and POP3 are the most common methods for email retrieval. A computer specifically designed to reduce the amount of bandwidth used, or to control access to the internet. A proxy will be either a caching meaning it stores a copy of the content downloaded through it for faster future access or pass through meaning it will simply provide a gateway to other services, for instance websites. Usually home users will not be using a proxy. Random Access Memory Used for the operating memory which can be used by programs to perform necessary tasks while the computer is on; an integrated circuit memory chip which allows information to be stored and accessed far faster than from the hard disk. Read Only Memory - memory whose contents can be accessed and read but cannot be changed used mainly for the system BIOS and CMOS chips. (These tell the machine how to start up and find the disks) Packers do simply as their name suggests, they pack or compress a program much the same way a compressor like Pkzip does, packers then attach their own decryption / loading stub which unpacks the program before running it. Packers are often used by virus writers to try to confuse anti-virus scanners. Simple Mail Transfer Protocol. Allows electronic mail to be sent from an email account. The SMTP dialog usually happens in the background under the control of the message transfer agent, e.g. sendmail or outlook express. Software that secretly collects personal information and delivers it to an unauthorised 3rd party. Some Spyware can significantly slow the machine, or cause system crashes. The ThreatSense.Net Early Warning System assists in submitting new malware threats to ESETs lab and therefore provides valuable information to help protect the users PC. A Trojan Horse is a program intended to perform some covert and usually malicious act which the victim did not expect or want. It differs from a virus in that it doesnt replicate, although some viruses can contain Trojans. Uniform Resource Locator - The structure of a web address. ie: the HTTP part (HyperText Transfer Protocol), the domain name or IP address and the final section (top level domain): [.com] [.uk] [.org] [.net] [.gov].etc. For example: http://www.ESET.com Your personal username assigned by ESET to access the ESET servers to download updates and upgrades. A computer virus is a self-replicating program that copies itself and that can infect other programs by modifying them or their environment such that a call to an infected program implies a call to a possibly evolved copy of the virus. Virus Signature Database - The collective, known signatures of viruses, released by ESET, on average, every day, to keep your computer up to date with protection. A subset of viruses which replicate as above but without requiring a host file (The worm file contains everything necessary for the virus to replicate itself). Worms require a networked system to reproduce. Email is one method a worm can use to spread.