mkataro 0 Posted November 28, 2015 Share Posted November 28, 2015 Request: keep the emergency system rescue disk windows base. Detail: I have 2 raid 0 drives and linux doesnt detect more then one raid volume. I have a intel z97x chipset motherboard. Quote Link to comment Share on other sites More sharing options...
cybot 1 Posted December 5, 2015 Share Posted December 5, 2015 I would like to see, when implementing a major UI overhaul, an option to use the previous versions UI design, when I went from ESS 8 to ESS 9, I was a little disoriented by the UI change, and still find the new UI more clunky and more difficult to navigate than ESS 8's simpler UI Quote Link to comment Share on other sites More sharing options...
Most Valued Members shocked 60 Posted December 6, 2015 Most Valued Members Share Posted December 6, 2015 I would like to see, when implementing a major UI overhaul, an option to use the previous versions UI design, when I went from ESS 8 to ESS 9, I was a little disoriented by the UI change, and still find the new UI more clunky and more difficult to navigate than ESS 8's simpler UI actually it's the same thing Quote Link to comment Share on other sites More sharing options...
ESET Insiders stackz 115 Posted December 7, 2015 ESET Insiders Share Posted December 7, 2015 In HIPS File Operations - the ability to Block file read for specific applications like cmd.exe, rundll32.exe, regsvr32.exe etc Quote Link to comment Share on other sites More sharing options...
Most Valued Members shocked 60 Posted December 7, 2015 Most Valued Members Share Posted December 7, 2015 blocking the read attribute of those files will prevent even the most critical functions of Windows OS Quote Link to comment Share on other sites More sharing options...
ESET Insiders stackz 115 Posted December 8, 2015 ESET Insiders Share Posted December 8, 2015 blocking the read attribute of those files will prevent even the most critical functions of Windows OS This is about being able to block selected applications reading data from folders that I select. i.e. being able to prevent batch file, js, vbs execution from typical malware user space folders. Quote Link to comment Share on other sites More sharing options...
cybot 1 Posted December 8, 2015 Share Posted December 8, 2015 I would like to see, when implementing a major UI overhaul, an option to use the previous versions UI design, when I went from ESS 8 to ESS 9, I was a little disoriented by the UI change, and still find the new UI more clunky and more difficult to navigate than ESS 8's simpler UI actually it's the same thing what do you mean it's the same thing? there is a clear difference in the UI of ESS7, 8 and ESS9 Quote Link to comment Share on other sites More sharing options...
... 1 Posted December 11, 2015 Share Posted December 11, 2015 In interactive mode, when incoming connections/requests are received, ESET does an initial determination of whether the connection should be allowed, or not, and pops up the GUI as either green (should be safe) or red (likely unwanted). From that GUI pop-up, clicking on "Show advanced options" (bottom-left) displays a "Custom rule" button. Clicking on that button brings up the "Edit rule:" dialog box, pre-populating it with information from the incoming request. However, it appears the dialog box always pre-populates with "Allow", even when the GUI had determined the connection was likely unwanted (i.e., was red). It would be great if the custom rule dialog box would default to "Allow" if the GUI was green, and would default to "Deny" if the GUI was red, instead of always defaulting to "Allow". Quote Link to comment Share on other sites More sharing options...
ESET Insiders cutting_edgetech 25 Posted January 13, 2016 ESET Insiders Share Posted January 13, 2016 It would be nice to see Eset incorporate a Behavior Blocker into their products. If something slips through then the behavior blocker can help detect the malware when it executes. They could have the feature disabled by default if they are worried about it causing false positives when being tested by independent test organizations. Quote Link to comment Share on other sites More sharing options...
SweX 871 Posted January 18, 2016 Share Posted January 18, 2016 (edited) It would be nice to see Eset incorporate a Behavior Blocker into their products. If something slips through then the behavior blocker can help detect the malware when it executes. They could have the feature disabled by default if they are worried about it causing false positives when being tested by independent test organizations. hxxp://www.eset.com/int/about/technology/#advanced-memory-scanner "Advanced Memory Scanner complements Exploit Blocker, as it is also designed to strengthen protection against modern malware. In an effort to evade detection, malware writers extensively use file obfuscation and/or encryption. This causes problems with unpacking and can pose a challenge for common anti-malware techniques, such as emulation or heuristics. To tackle this problem, the Advanced Memory Scanner monitors the behavior of malicious processes and scans them once they decloaks in the memory. This allows for effective detection of even heavily obfuscated malware. Unlike Exploit Blocker, this is a post-execution method, which means that there is a risk that some malicious activity could have been performed already. However, it steps into the protection chain when everything else fails." I assume you had something like Emsisoft's Behavior Blocker in mind when you made this request. Just wanted to mention the purpose of AMS and what it does. hxxp://static3.esetstatic.com/fileadmin/Images/INT/Docs/Other/ESET-Technology-Overview.pdf Edit: This PDF literally explains the ins and outs of the software itself and what happens behind the scene on the back-end systems. Every customer/user that is interested in this kind of geek information (it is very informative) should take time and read through the whole PDF. Edited February 7, 2016 by SweX Quote Link to comment Share on other sites More sharing options...
ESET Insiders cutting_edgetech 25 Posted February 12, 2016 ESET Insiders Share Posted February 12, 2016 It would be nice to see Eset incorporate a Behavior Blocker into their products. If something slips through then the behavior blocker can help detect the malware when it executes. They could have the feature disabled by default if they are worried about it causing false positives when being tested by independent test organizations. hxxp://www.eset.com/int/about/technology/#advanced-memory-scanner "Advanced Memory Scanner complements Exploit Blocker, as it is also designed to strengthen protection against modern malware. In an effort to evade detection, malware writers extensively use file obfuscation and/or encryption. This causes problems with unpacking and can pose a challenge for common anti-malware techniques, such as emulation or heuristics. To tackle this problem, the Advanced Memory Scanner monitors the behavior of malicious processes and scans them once they decloaks in the memory. This allows for effective detection of even heavily obfuscated malware. Unlike Exploit Blocker, this is a post-execution method, which means that there is a risk that some malicious activity could have been performed already. However, it steps into the protection chain when everything else fails." I assume you had something like Emsisoft's Behavior Blocker in mind when you made this request. Just wanted to mention the purpose of AMS and what it does. hxxp://static3.esetstatic.com/fileadmin/Images/INT/Docs/Other/ESET-Technology-Overview.pdf Edit: This PDF literally explains the ins and outs of the software itself and what happens behind the scene on the back-end systems. Every customer/user that is interested in this kind of geek information (it is very informative) should take time and read through the whole PDF. Sorry for the late reply. I have not been on the forum in a while. I didn't think I was going to get a reply to my post. Thank you for the .pdf manual. I will have to look more at AMS, but I don't think it is the same as something like Emsisoft's BB. Marcos said AMS only triggers a memory scan here. https://forum.eset.com/topic/5283-behavior-blocker/So the question is if it only triggers a memory scan then is it only looking for already blacklisted executables. Quote Link to comment Share on other sites More sharing options...
itman 1,746 Posted February 12, 2016 Share Posted February 12, 2016 It would be nice to see Eset incorporate a Behavior Blocker into their products. If something slips through then the behavior blocker can help detect the malware when it executes. They could have the feature disabled by default if they are worried about it causing false positives when being tested by independent test organizations. hxxp://www.eset.com/int/about/technology/#advanced-memory-scanner "Advanced Memory Scanner complements Exploit Blocker, as it is also designed to strengthen protection against modern malware. In an effort to evade detection, malware writers extensively use file obfuscation and/or encryption. This causes problems with unpacking and can pose a challenge for common anti-malware techniques, such as emulation or heuristics. To tackle this problem, the Advanced Memory Scanner monitors the behavior of malicious processes and scans them once they decloaks in the memory. This allows for effective detection of even heavily obfuscated malware. Unlike Exploit Blocker, this is a post-execution method, which means that there is a risk that some malicious activity could have been performed already. However, it steps into the protection chain when everything else fails." I assume you had something like Emsisoft's Behavior Blocker in mind when you made this request. Just wanted to mention the purpose of AMS and what it does. hxxp://static3.esetstatic.com/fileadmin/Images/INT/Docs/Other/ESET-Technology-Overview.pdf Edit: This PDF literally explains the ins and outs of the software itself and what happens behind the scene on the back-end systems. Every customer/user that is interested in this kind of geek information (it is very informative) should take time and read through the whole PDF. Sorry for the late reply. I have not been on the forum in a while. I didn't think I was going to get a reply to my post. Thank you for the .pdf manual. I will have to look more at AMS, but I don't think it is the same as something like Emsisoft's BB. Marcos said AMS only triggers a memory scan here. https://forum.eset.com/topic/5283-behavior-blocker/So the question is if it only triggers a memory scan then is it only looking for already blacklisted executables. The equivalent to Emsisoft's behavior blocker in Eset is advanced heuristics using DNA signatures with internal sandboxing. It is part of the Threat Sense real-time engine. As far as which is more effective, only testing with some previously unknown malware will determine that. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted February 12, 2016 Administrators Share Posted February 12, 2016 Sorry for the late reply. I have not been on the forum in a while. I didn't think I was going to get a reply to my post. Thank you for the .pdf manual. I will have to look more at AMS, but I don't think it is the same as something like Emsisoft's BB. Marcos said AMS only triggers a memory scan here. https://forum.eset.com/topic/5283-behavior-blocker/So the question is if it only triggers a memory scan then is it only looking for already blacklisted executables. Your assumption is wrong. A memory scan serves to discover malicious code already unpacked in memory which means that otherwise protected executables on a disk may not be detected by other scanners. It's a common technique to evade detection by just improving the packer while the malicious code beneath the envelope remains more-less same. This is when memory scan or AMS comes into play. Quote Link to comment Share on other sites More sharing options...
hazardass 3 Posted February 20, 2016 Share Posted February 20, 2016 (edited) Description: A few suggestions to make the Firewall rules list more user-friendly, again. Detail: Up until (and including) version 8 the rules list had the following useful features which are now missing in v.9: - "Detailed view" was available where the list could be sorted by various categories, most importantly by name and date modified. Detailed view is gone in v.9 for not apparent reason, and so the list cannot be sorted anymore. Please either bring back Detailed view with sorting, OR enable sorting in the main rules list. - Program icons were shown next to each application name. The icons made the list very easy to browse and made all safe applications easy to identify. Icons have been removed in v.9. Please bring back program icons in the list. - The application column in v.9 shows the full directory path, and the app name at the very end of it. This makes the rules list even more difficult to read. The whole thing is just a big blob of text, very tedious to go through. I have to extend the app name column, scroll to the end of the line and find the actual app name at the end of the path. In version 8 only the app name was shown, and the full path was displayed as a tooltip when scrolling over the app name. That was much more user-friendly. Please either use a tooltip for the path, or create a separate column for the path. - The column width is reset every time I enter the rules list. I have to extend the application name column every time in order to read the name. This is especially hard with the long path name shown in that column. Up until v.8 ESET remembered the column widths and it did not reset them every time the list was opened. Please let ESET save the column width settings. The list in version 8 worked well and it didn't need 'fixing' since it wasn't broken. I understand the need to modernize the GUI once in a while, but that really doesn't mean just gutting a bunch of useful features and replacing them with a 'search' button (the magnifier glass icon in the top right corner), which is not a replacement for all the things I mentioned above. The search is useful, but most of the time I do not need to search for a specific application. Instead, I regularly go through the entire list to remove any outdated entries and look for anything that may seem suspicious, or revise the list for whatever reason. That's very difficult to do in version 9. I'm not asking for any new features, all I'm asking is bring back the user-friendly list style from previous versions, or give us an alternative, instead of just gutting the user-friendly sortable list. Thank you for your consideration. EDIT: - Another feature that's been removed, that was present in the Detailed View in v.8, was the green / red arrow-icon identifier for 'allowed' and 'denied' inbound or outbound traffic. This allowed me to very easily identify all blocked and non-blocked programs in the list. All this color-coding was very convenient. I don't understand why it has been removed. For comparison: v.8 hxxp://s5.postimg.org/akn0j22yf/ESET_rules_list_v8.png v.9 hxxp://s5.postimg.org/45nzmdw8n/ESET_rules_list_v9.png Edited February 21, 2016 by hazardass Quote Link to comment Share on other sites More sharing options...
Seth 2 Posted February 21, 2016 Share Posted February 21, 2016 Description: A few suggestions to make the Firewall rules list more user-friendly, again. Detail: Up until (and including) version 8 the rules list had the following useful features which are now missing in v.9: - "Detailed view" was available where the list could be sorted by various categories, most importantly by name and date modified. Detailed view is gone in v.9 for not apparent reason, and so the list cannot be sorted anymore. Please either bring back Detailed view with sorting, OR enable sorting in the main rules list. - Program icons were shown next to each application name. The icons made the list very easy to browse and made all safe applications easy to identify. Icons have been removed in v.9. Please bring back program icons in the list. - The application column in v.9 shows the full directory path, and the app name at the very end of it. This makes the rules list even more difficult to read. The whole thing is just a big blob of text, very tedious to go through. I have to extend the app name column, scroll to the end of the line and find the actual app name at the end of the path. In version 8 only the app name was shown, and the full path was displayed as a tooltip when scrolling over the app name. That was much more user-friendly. Please either use a tooltip for the path, or create a separate column for the path. - The column width is reset every time I enter the rules list. I have to extend the application name column every time in order to read the name. This is especially hard with the long path name shown in that column. Up until v.8 ESET remembered the column widths and it did not reset them every time the list was opened. Please let ESET save the column width settings. The list in version 8 worked well and it didn't need 'fixing' since it wasn't broken. I understand the need to modernize the GUI once in a while, but that really doesn't mean just gutting a bunch of useful features and replacing them with a 'search' button (the magnifier glass icon in the top right corner), which is not a replacement for all the things I mentioned above. The search is useful, but most of the time I do not need to search for a specific application. Instead, I regularly go through the entire list to remove any outdated entries and look for anything that may seem suspicious, or revise the list for whatever reason. That's very difficult to do in version 9. I'm not asking for any new features, all I'm asking is bring back the user-friendly list style from previous versions, or give us an alternative, instead of just gutting the user-friendly sortable list. Thank you for your consideration. EDIT: - Another feature that's been removed, that was present in the Detailed View in v.8, was the green / red arrow-icon identifier for 'allowed' and 'denied' inbound or outbound traffic. This allowed me to very easily identify all blocked and non-blocked programs in the list. All this color-coding was very convenient. I don't understand why it has been removed. For comparison: v.8 hxxp://s5.postimg.org/akn0j22yf/ESET_rules_list_v8.png v.9 hxxp://s5.postimg.org/45nzmdw8n/ESET_rules_list_v9.png Yes I agree. Please ESET add this. Quote Link to comment Share on other sites More sharing options...
tagwolf 0 Posted March 9, 2016 Share Posted March 9, 2016 (edited) Automatic Rule Consolidation Automatically consolidate / composite rules which offer the same allow permissions but for different files, paths, functions, etc. Each executable should fit into ONE rule per allow / deny type. This would make users MUCH safer by actually being able to audit their HIDS and Firewall rules. If a DENY rule negates an ALLOW rule, disable / delete the ALLOW. Allow users to see how rules are going to be composited and allow them the option to keep individual rules This would prevent having 1000+ rules are 1 week of learning mode. Some of my install exe's have literally 20 rules that are duplicate! I currently had to write a script to do this to an exported XML ruleset. I then re-import. Wildcard paths, IP's, registry paths, etc. To further consolidate rules.Example, allow Setup.msi Access to Registry on HKEY_LOCAL.../Application/installer/*, and Write,Delete on C:/temp/*.ex_ (One rule, two at most to do something like this. Perform intelligent allow/block based on current operation and user choice.Something like a SMART ALLOW button which allows This processes and all CHILD processes that spawn from this an ALLOW TIL QUIT (For installers) or an ALLOW AND ADD SMART RULE for launching new applications. Having the Allow/Block pop up literally 90 times during an install or a first time application launch and adding just as many rules is not fun or encouraging security. REGEX Matching in rules Rule Sorting by Column The current column headers do not appear to function. Should be able to sort rules by name, path, port, etc. Rule Window Resizable I currently cannot resize my rule window. When you have 1000+ rules (see above), it makes it impossible to sort or audit them. Edited March 12, 2016 by tagwolf Quote Link to comment Share on other sites More sharing options...
Most Valued Members SCR 195 Posted March 12, 2016 Most Valued Members Share Posted March 12, 2016 (edited) In the next release of ESS (V10x I assume) I would like to see the GUI go back to something similar to v8x. The GUI is not something I normally get overly concerned with but v8 was much easier to use then v9x. Specifically the "firewall rules" screen which in v9 is just not easy to use at all. Edited March 12, 2016 by SCR Quote Link to comment Share on other sites More sharing options...
Navara 2 Posted March 13, 2016 Share Posted March 13, 2016 Description: Return of colors in GUI Detail: Recent version of GUI is sad black-and-white with rare occurence of turquoise or lime. We got monitors, tablets,... with millions of colors and yet software uses only 2-4 of them. It brings deppression and sadness to use it. Quote Link to comment Share on other sites More sharing options...
SweX 871 Posted March 13, 2016 Share Posted March 13, 2016 (edited) In the next release of ESS (V10x I assume) I would like to see the GUI go back to something similar to v8x. The GUI is not something I normally get overly concerned with but v8 was much easier to use then v9x. Specifically the "firewall rules" screen which in v9 is just not easy to use at all. Also, I may be a nice pale person but I really wish there was a bit more colors in the GUI here and there. It is so white/grey/pale in its current state. Well, except the "home" screen where the ESET robot is where we have a bit blue and green. But I want nothing extreme and/or sharp color contrasts, that would be even more annoying/worse compared to its current look. Edited March 14, 2016 by SweX Quote Link to comment Share on other sites More sharing options...
ESET Insiders toxinon12345 32 Posted March 15, 2016 ESET Insiders Share Posted March 15, 2016 (edited) Description: counting of "OFF/stopped" items Detail: I would like to see counting of "Permanently disabled" items at "Setup Pane". Also with no-color always. (Black and white) something similar to this, but in that case would be a '3' in Black/white https://forum.eset.com/uploads/post-6339-0-20654900-1457971762.png Edited March 15, 2016 by toxinon12345 Quote Link to comment Share on other sites More sharing options...
cybot 1 Posted March 15, 2016 Share Posted March 15, 2016 In the next release of ESS (V10x I assume) I would like to see the GUI go back to something similar to v8x. The GUI is not something I normally get overly concerned with but v8 was much easier to use then v9x. Specifically the "firewall rules" screen which in v9 is just not easy to use at all. I made a very similar post on this thread too saying the sating the same thing so.... +1 Quote Link to comment Share on other sites More sharing options...
V3.Firewall 2 Posted March 17, 2016 Share Posted March 17, 2016 (edited) ESET Smart Security Company try to copy security has Anti DDoS Guardian 3.4 and add firewall eset smart security to detect flood attacks etc would be great Edited March 17, 2016 by V3.Firewall Quote Link to comment Share on other sites More sharing options...
beancounter 6 Posted March 18, 2016 Share Posted March 18, 2016 The live installer needs to check for the presence of other AV products before proceeding with the installation. See https://forum.eset.com/topic/7755-installing-eset-smart-security-on-a-new-win10-laptop/ Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted March 19, 2016 Administrators Share Posted March 19, 2016 The live installer needs to check for the presence of other AV products before proceeding with the installation. See https://forum.eset.com/topic/7755-installing-eset-smart-security-on-a-new-win10-laptop/ It does. Probably the version of Mcafee you had installed is not detected by AV Remover. Hence I asked for more information about what McAfee product you had installed and what system platform you use (x86 or x64) so that we could try to reproduce it. Quote Link to comment Share on other sites More sharing options...
beancounter 6 Posted March 19, 2016 Share Posted March 19, 2016 A bit late for that because I already uninstalled it. The laptop is brand new from ASUS if that helps Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.