Future changes to ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium and ESET Ultimate Security

[Aryeh Goretsky 386]

On 9/27/2023 at 6:47 PM, whitefern said:

@Aryeh Goretsky

Thank you for your reply. But that is not a acceptable answer.

Why should I upgrade to "business" version when home is also a "business" product?

It is not just me who needs it. It is everyone who needs it. 

The disabling of notifications/status is a little stupid. Don't you think??
 

You allow disabling of notifications/status of LICENSING which is a crucial part of the software. But you won't allow disabling the notifications/status of "Missing Support for Azure Code Signing", is just annoying and stupid. And calling it "Business"  only option is not acceptable. 

Please provide this options for the users in the next update. 

Hello,

Consumer versions of the ESET's software are offered to small businesses with low seat counts because it is unlikely a business with 1-10 PCs has a full-time IT staff to manage an ESET PROTECT server.  For that matter, they may not even have an Active Directory/Entra domain and WSUS servers; the entire network may consist of just a workgroup of PCs running Home or Pro editions of Windows, with one PC or a NAS providing file and print services.

In this type of small office/home office environment where there is no dedicated information technology (or information security) staff, the operating system updates are handled by Microsoft.  Handing control of this over to Microsoft ensures those PCs are running supported versions of Windows with the latest security patches.  In other words, security is managed in the same way as for home users.

Larger organizations have full time staff to manage PCs, and also make decisions about which versions of Windows at what patch level, and when those machines will receive updates.  The editions of Windows they run are for the enterprise, and the organization has a robust management infrastructure in place to support that.  In other words, they are making very careful decisions about risk, and managing their security to mitigate risk based on those decisions.  That's the environment for which ESET's endpoint programs are intended.

From the program code perspective, there's nothing that technically prevents a consumer version of ESET's software from running in a business environment or a business version of ESET's software from running in a home environment.  Now, there may be licensing requirements that differ, but that is because programs are intended for use in the appropriate market segment.  Enterprise management features are not going to be roadmapped for added to consumer versions.

Now that your comment in the Future Changes to NOD32 thread has been answered, and your reply here in this thread has been replied to, I am going to redirect you back to your own thread on the matter.  

Any further discussion of this matter in this thread will be removed.

Regards,

Aryeh Goretsky

[Slicendice 0]

I am using ESET Smart Security Premium 16.2.15.0

I have searched the forum but didn't find this request;

When a warning pops up regarding a file, threat found, or a file has been blocked temporarily and submitted for analysis, the word "file" has a hyperlink. However, clicking on it does nothing.  Can it please reveal the file name and its location on the hard drive?

The messages about a file 'blocked' temporarily and submitted for analysis  do not show in the log either.

Attached is an example with a threat but the "file" was deleted, but it should still link to the file name and path details information.
 

Thanks

Edited October 26, 2023 by Slicendice

[itman 1,746]

4 hours ago, Slicendice said:

Attached is an example with a threat but the "file" was deleted, but it should still link to the file name and path details information.

Search for deleted file in Eset Quarantine. Path details are shown there.

Also, the Detection log entry associated with this event should show the file path.

[Marcos 5,259]

As long as the alert is shown, you can hover the mouse cursor over the file link to show the path to the file. Later you can find it in the Detections log or Quarantine as itman wrote.

Please note that this topic is for reporting feedback. To discuss particular issues or queries further, please create a new topic.

[Timur Born 12]

Unfortunately on-demand scanning (including the initial scan after installation) is still single-threaded and very slow in comparison (10-50 mb/s compared to 200-2000 mb/s for multi-threaded AV solutions). So that's something I will keep checking every few years.

[Marcos 5,259]

4 minutes ago, Timur Born said:

Unfortunately on-demand scanning (including the initial scan after installation) is still single-threaded and very slow in comparison (10-50 mb/s compared to 200-2000 mb/s for multi-threaded AV solutions). So that's something I will keep checking every few years.

We've made a test with multithread scans and there was virtually no noticeable difference in scan performance. Not every task is suitable for multithread processing.

[Timur Born 12]

Yes, but scanning a million files is one of the tasks that *is* suitable for multithread processing. Here is a Full Scan of my C:\ (System + everything else) drive.

ESET (initial scan):

Windows Defender (on-demand Full Scan):

 

Avira, Bitdefender and Kaspersky also do multi-threaded on-demand scans with much faster results than ESET. Not sure about the others (like Avast), as it has been some time ago that I checked them.

Edited November 7, 2023 by Timur Born

[Skier 7]

A lesson learnt the hard way.

An Intel NUC11PHKi7C (Phantom Canyon) with a 1TB M2 SSD (boot disc with Windows and all program installations) and an 8TB M2 SSD for all my data (document, pictures, video etc.)  This latter drive was where the ESET Encrypted Drive.eed was created.

There needs to be a means of recovering the contents of an ESET Encrypted Drive.eed when created on a drive (whether boot drive or not) following, for example, a Windows reinstall or, in my case, the failure of the boot drive but the data drive (on which the ESET Encrypted Drive.eed was created) was fine.  In these circumstances, this data is irrecoverable.

Edited November 8, 2023 by Skier

[itman 1,746]

8 hours ago, Skier said:

There needs to be a means of recovering the contents of an ESET Encrypted Drive.eed when created on a drive (whether boot drive or not) following, for example, a Windows reinstal

The solution here is to modify or replace existing ESSP Secure Data with Endpoint Encryption feature: https://support.eset.com/en/kb7432-using-virtual-disks which supports virtual drives created on another system. It also includes the ability to backup/restore the keystore file.

[Damjan 11]

I noticed that ESET v17 is coming out soon. I also noticed that you will add a new product, one ecer ESET Security Ultimate, which will also have a VPN (this is commendable). However, I feel that another very important feature is missing, namely "File shredder".

It's a shame you didn't include this in your future products, it would greatly improve your program. As noted by other experts in the field of protection, one of the shortcomings of your program is the missing VPN (which will now be added) and File shredder.

I hope that you will be able to add File Shredder to your program soon (maybe even in version 18, if it is not already in v17 - which is a shame).

[czesetfan 29]

Why was Android "killed" in the Main GUI ?   😭 👎 

[jadorwin 1]

Description: Support Encrypted Client Hello (ECH) with SSL
Detail: I would like that when "analyze SSL/TLS connection" is enabled and that the browser support ECH like Firefox, then ESET use ECH to connect to websites. Check https://www.cloudflare.com/ssl/encrypted-sni/ with and without ESET analyzing SSL/TLS connection.

[itman 1,746]

59 minutes ago, jadorwin said:

Description: Support Encrypted Client Hello (ECH) with SSL
Detail: I would like that when "analyze SSL/TLS connection" is enabled and that the browser support ECH like Firefox, then ESET use ECH to connect to websites. Check https://www.cloudflare.com/ssl/encrypted-sni/ with and without ESET analyzing SSL/TLS connection.

Not sure this is an Eset problem.

According to this;

Quote

ECH is enabled by setting network.dns.echconfig.enabled to true, network.dns.http3.echconfig.enabled to true and network.trr.mode 3.

https://www.reddit.com/r/privacy/comments/13canhc/a_guide_on_how_you_can_enable_ech_and_http3_in/

On my Firefox installation, network.trr.mode is set to default setting of 0. Force setting it to a value of 3 still does not enable Secure SNI.

Also it appears this is the correct Cloudflare HTTP/3 test: https://cloudflare-quic.com/;

Edited November 25, 2023 by itman

[Marcolino 0]

Description: Feature to trick sandbox-aware malware

Detail: Implement a (optional) feature that tricks sandbox-aware malware to "think" that its running inside of a vm

like the "vaccination" feature from "HitmanPro.Alert" to prevent the malware from executing.

Idk. how this could be done exactly. Maybe with placing some environment variables or some common sandbox folders or registry keys of some reverse engineering software like Ghidra etc.

Would be pretty cool to think that you could beat some malware samples with its own weapons..

I guess the amount of sandbox-aware malware will increase more and more over the upcoming years.

[Nightowl 206]

I wish for an Application Control that is similar to Kaspersky's App Control , Trend Micro's App Control

It can give more control on what runs on the PC and what cannot run

 

Thanks ESET.

[jadorwin 1]

On 11/25/2023 at 6:11 PM, itman said:

Not sure this is an Eset problem.

This is an Eset problem. I have configured correctly Firefox and If I uninstall ESET everything is working perfectly and secure SNI is enabled (you can see that in the first screen capture). When ESET is installed and acting as an SSL proxy, then it's not working anymore.

[itman 1,746]

On 12/4/2023 at 1:11 PM, jadorwin said:

This is an Eset problem.

Actually, it's a problem for any AV solution currently performing HTTP/HTTPS scanning. See this posting/thread on the subject: https://forum.eset.com/topic/38340-web-access-protection-and-encrypted-client-hello-ech/?do=findComment&comment=173774 . Appears the only security solution that performs HTTP/HTTPS scanning that has figured out how not to bust ECH tunneling is AdGuard and only if using their DNS servers.

-EDIT- "To add to this mystery" the Cloudflare test web site: https://www.cloudflare.com/ssl/encrypted-sni/ is excluded from Eset HTTP/HTTPS scanning which can be verified by mouse clicking on the web site page lock symbol and noting that Eset's root cert. is not shown. However if Eset SSL/TLS scanning is disabled, then the Secure SNI test passes. One possibility is Clouldfare is redirecting to this web site: https://crypto.cloudflare.com/cdn-cgi/trace/ to perform the Secure SNI test. This web site is scanned using Eset SSL/TLS processing.

Edited December 7, 2023 by itman

[czesetfan 29]

When will the products be automatically renamed, e.g. "Internet Security" to "Home Security Essential" in the main GUI window?

Depending on the length of the license, the "old" names could still be in the products for years. 

[dh27564 0]

I would like to suggest ESET provide the ability to wake the computer from sleep to conduct a scheduled scan.  An in-depth scan on my machine takes 8+ hours and I would prefer to run it overnight when the computer is not being used and in sleep mode.

[Damjan 11]

Where is topic for EIS and ESSP?

[Damjan 11]

I hope that "ad-blocker" will be added in future versions of ESET. That would be good for the rebels.

[John Dow 5]

Just a minimalistic request for NOD32 Antivirus.

When you hover on the tray icon make visible the virus database version and the corresponding date (like it was in old ESET NOD32 v. 8.0)

Edited February 4 by John Dow

[Glitch 3]

When setting the software to NOT do product updates  don't force to do those updates it is annoying and wrecked our test setups and will wreck production.  

[Marcos 5,259]

26 minutes ago, Glitch said:

When setting the software to NOT do product updates  don't force to do those updates it is annoying and wrecked our test setups and will wreck production.  

It is possible to disable application feature updates in the advanced setup. This won't work for security and stability updates as well as when the product goes EOL and there's a risk that module updates for your product version will be terminated which would expose your computer at risk.

[Glitch 3]

8 minutes ago, Marcos said:

It is possible to disable application feature updates in the advanced setup. This won't work for security and stability updates as well as when the product goes EOL and there's a risk that module updates for your product version will be terminated which would expose your computer at risk.

Exactly off is off and not force it. For example the update of windows server 2012 for example if you forced that it would have wrecked our environment. ESET should learn to in some cases those updates should not be allowed and that is why customers turn it off. Now it is like it is off but when we think it should be on it will be on.