Jump to content
planet

Issues, Ideas & Feedback for ESET Cyber Security & ESET Cyber Security Pro

Recommended Posts

Issues, Ideas & Feedback for ESET Cyber Security & ESET Cyber Security Pro...
Last Updated: 7th January 2018

 

Main Issues...
 

  • Need to Reproduce (in version 6.5.432.1): If a user experiences an 'Undocumented serious error', the error code is shown on the desktop notification, but isn't shown in the Event Log, instead showing (${ErrorCode}).
      
  • Fix In Progress (discovered in version 6.5.432.1): Custom installation options are being ignored on fresh installs, such as the Detection of Potentially unwanted programs. Expected behaviour is for the installer options to be applied to the program. Any further uninstalls and reinstalls work as expected.
     
  • Fix In Progress (discovered in version 6.5.432.1): Time Machine local snapshots are being detected by ESET as a 'New device' and is prompting the user to Scan them. Expected behaviour is to allow Time Machine to automatically back up normally without user intervention and not treat the local snapshots as new devices.
     
  • Fixed (in version 6.5.600.1, verified on macOS High Sierra): ESET prompts to Allow the kext extension a second time before it can launch, after already allowing it in System Preferences during installation and restarting macOS High Sierra once. Expected behaviour is to launch successfully after allowing the kext and restarting macOS once.
     
  • Fixed (tested in version 6.5.432.1, verified on macOS High Sierra): Users are experiencing a "Cannot connect to /tmp/esets.sock: Connect refused" popup error unexpectedly (happens to me but in background).
     
  • Fixed (in version 6.4.128.0, verified on macOS Sierra): Occasional major crash with the following happening in order within 3 or 4 seconds: daemon closing connection, esets.sock error, esets_mac crash, esets_proxy crash, then 'broken pipe' error.
     
  • Fixed (in version 6.4.128.0, verified on macOS Sierra): Interactive Firewall isn't prompting to allow or deny all connections, some are automatically denied for an unknown reason. The prompt window itself also no longer remains in front of all windows, and the window isn't visible in Mission Control.
     
  • Fixed (in version 6.4.128.0, verified on macOS Sierra): Parental Control is blocking domains set in the 'allowed' section for the user. Shows in the log that it recognises the exception, but the Category block still overrides it for an unknown reason.
     
  • Fixed (in version 6.4.128.0, verified on macOS Sierra): New 'executing shell command' error in the logs trying to launch esets_pfw and failing, resulting in OS X freezing for 60 seconds or so. Similar/same freeze to the esets_daemon issue below.
     
  • Fixed (in version 6.4.128.0, verified on macOS Sierra): Often esets_daemon freezes OS X completely for about one minute before a number of other issues occur, such as esets_proxy no longer functioning, module errors, and more. (New release uses a different way to show this in the log, beginning with 'Daemon closed connection')
     
  • Hotfix Released (for version 6.1.12.0, verified on OS X El Capitan): Using the Internet in Safari occasionally results in pages not loading fully, a white screen with the progress bar never finishing, or causes esets_daemon to crash.
     
  • Fixed (in version 6.1.12.0, verified on OS X El Capitan)Mail in iCloud Preferences is not successfully being enabled with Cyber Security (or Pro) installed. Workaround is to boot into Safe Boot and enable it successfully there.
     
  • Fixed (in version 6.1.12.0, verified on OS X El Capitan)Updating the VSD is no longer causing CPU usage to instantly reach 100% until updating is complete.
     
  • Fixed (in version 6.1.12.0, verified on OS X El Capitan)esets_proxy is either crashing or freezing randomly, causing Web Protection, Anti-Phishing & Parental Control to no longer protect the user. Both require to restart the Mac to resume protection and make the process functional again.
     
  • Fixed (in version 6.1.12.0, verified on OS X El Capitan): esets_proxy is logging various 'Cannot write to socket' messages every few seconds when using a Mac. There can be hundreds of entries only after an hour.
     
  • Fixed (in version 6.1.12.0, verified on OS X El Capitan): AirDrop does not work with ESET products installed no matter the setting, and does work after uninstalling.
     
  • Fixed (in version 6.1.12.0, verified on OS X El Capitan): Shutdowns with Cyber Security (and Pro) installed increases shutdown time.

 

 

User Interface Issues...
 

  • In ECS/ECSP the 'Present Application in Dock' setting is turned on by default and is unnecessary due to having the ESET menu bar icon already present. It is suggested for this setting to be turned off again like in previous releases and have it as an optional setting again.
     
  • The three buttons on the top left (Close, Minimise, Maximise) don't show the icons within the circles like all other apps, until your mouse pointer is above the buttons instead of on the buttons.
     
  • Remember the window size if resized from default. Currently resizing the window and restarting the Mac loses changes and goes back to the default window size.
     
  • Dark Mode in OS X Yosemite & El Capitan is not supported, menubar icon goes too bright and transparency is replaced with white.
     
  • 'Use standard menu' checkbox in User Interface preferences may need to be greyed out until the user enables 'Present application in Dock' as enabling the menu alone seems to do nothing.
     
  • Fixed (Translation Support module as of Dec 2017): There is text cutting off and showing '~' in the 'New Network Detected' window if tool tips are turned off in Preferences.
     
  • Fixed (in version 6.2.6.0, verified on OS X El Capitan): 'Alerts and Notifications' graphic icon in Preferences has a random black square (Fixed), 'Email' graphic icon in Preferences has line on left side, the grey icons (the small ones on the bottom right of the monitors) on the Home screen are pixellated still.
     
  • Fixed (in version 6.1.12.0, verified on OS X El Capitan)Mission Control does not like the Preferences window on its own with the main window closed. Can be replicated by having the Preferences window open (by clicking on menubar icon, and clicking 'Preferences') and using Mission Control.
     
  • Fixed (in version 6.1.12.0, verified on OS X El Capitan)Menu bar icon highlight doesn't switch to graphite if the appearance is selected in System Preferences, it always stays blue.
     
  • Fixed (in version 6.1.12.0, verified on OS X El Capitan)Only allow the program to update when there is an active network connection - at the moment the program tries to update the virus signature database with no connection for a long time and aborting the update takes a long time as well. 

 


Ideas & Feedback...

 

  • In Progress (partial support as of version 6.5.600.1): Scan HTTPS (SSL) for web protection, like in ESET Smart Security.
     
  • In Progress (partial support as of version 6.5.600.1): Scan and block HTTPS (SSL) websites for parental control.
     
  • In Progress (partial support as of version 6.5.600.1): Scan secured connections for IMAP & POP for Email Protection, as unsecured is now less common.
     
  • Use wildcards for the application path in the firewall.
     
  • Learning mode for firewall to automatically create rules, similar to ESET Smart Security.
     
  • Ability to submit a file for analysis manually from 'Tools' without enabling live grid.
     
  • Provide a user friendly name for more network interfaces when prompted to select a profile in ECSP (such as the Apple Wireless Direct Link service instead of showing 'awdl0').
     
  • Display an additional column in 'Running Processes' to show if it's an Apple signed application or not, as new updates to OS X processes will not be shown as trustworthy immediately.
     
  • The option to automatically delete a threat instead of placing it in Quarantine; or/and automatically empty Quarantine weekly, monthly, etc using the scheduler. Maybe not as a default option, but just to be able to do so.
     
  • Setting exclusions for devices so Removable Media Scanning continues prompting for other devices. At the moment if I select 'Remember this action' and click 'No action' for my Time Machine device, Cyber Security no longer scans any USB device. I just wanted to exclude my Time Machine device from Removable Media Scanning, not all USB devices.
     
  • Dynamic exclusions like in Spotlight exclusions - having a folder or volume set as an exclusion, and it can automatically update when renamed.
     
  • For the Uninstaller, a message is said to restart the Mac when the user clicks 'Close' but does not actually do anything. Would be nice to see the uninstaller actually restart the Mac when the button is clicked after uninstallation was successful.
     
  • Prevent Scripting Additions, to prevent any third-party code to inject themselves into ESET products.
     
  • Automatically exclude Time Machine devices from being scanned.
     
  • Added (in version 6.4.128.0): An option for the interactive firewall to automatically allow signed applications only, like iTunes, App Store, Software Update, etc.

 

Edited by planet
Version 6.5.600.1

Share this post


Link to post
Share on other sites

Great idea!

 

+ Better window control for Firewall > Setup (Interactive mode) Now we have a fixed window / no green (+) fullscreen button:

 

post-3436-0-89040500-1399130485_thumb.jpg

 

As I have a 24" monitor a lot of desktop space is wasted and to much scrolling/adjusting colum width in this window.

Edited by BDMSTUDIOS

Share this post


Link to post
Share on other sites

+ Better window control for Firewall > Setup (Interactive mode) Now we have a fixed window / no green (+) fullscreen button:

 

Just discovered this now - instead of viewing the rules via Preferences, just click "Configure Rules and Zones..." within the Main Window > Setup > Firewall. Then you have a resizable, flexible window.

Edited by planet

Share this post


Link to post
Share on other sites

 

+ Better window control for Firewall > Setup (Interactive mode) Now we have a fixed window / no green (+) fullscreen button:

 

Just discovered this now - instead of clicking the Setup button, just click "Configure Rules and Zones...". Then you have a resizable, flexible window.

 

attachicon.giffw1.jpg

 

attachicon.giffw2a.jpg

 

 

Thanks planet, GREAT find....

Share this post


Link to post
Share on other sites

Planet, 

 

I was doing exactly what you did, comparing and found that HTTPS and IMAPS etc. are not there....a few of us stated that in the non-pro forum, but I'm new here, I see your remarks are pinned (not sure how to do that), but i wanted to ask, do/should these items be submitted via user feedback area to get more traction, or do we have to just wait for random admins to see and hopefully bring up?

 

Thanks

Share this post


Link to post
Share on other sites

Planet, 

 

I was doing exactly what you did, comparing and found that HTTPS and IMAPS etc. are not there....a few of us stated that in the non-pro forum, but I'm new here, I see your remarks are pinned (not sure how to do that), but i wanted to ask, do/should these items be submitted via user feedback area to get more traction, or do we have to just wait for random admins to see and hopefully bring up?

 

Thanks

 

Hi dbcooper, didn't even notice... I just made a topic with my ideas on here and I guess it has been pinned. I originally emailed ESET Support with the retina icon issue beforehand and was told it may be implemented in the next version (during Version 6 beta, but was told for Version 7) and now that Version 6 was released officially, I thought sharing more ideas and thoughts with other users would be better.

Share this post


Link to post
Share on other sites

I would also like to see the ability to use wildcards for the application path in the firewall. Anyone who has had to deal with Google's ridiculous update service (ksfetch) will know why.

Share this post


Link to post
Share on other sites

Having come from using Smart Security for a number of years, there are a few things that I find myself missing when using Cyber Security. Here are a few issues/annoyances that I have encountered, or features that I would like to see:

 

  • Ability to add multiple ports to a firewall rule (i.e. 80, 443, 843), instead of being restricted to a single port or port range.
  • I find the firewall rule editor quite cumbersome. I much prefer the single edit window used in Smart Security where I can edit all elements of a rule, instead of the series of dialogue windows used by Cyber Security.
  • Ability to apply firewall rules to all profiles. There are a number of firewall rules that would make sense across all profiles, setting them individually in each profile is tedious, updating them if there is a small change is even worse.
  • Ability to modify the profile that a firewall rule appears under.
  • Ability to use a predefined zone as an argument to a firewall rule.
  • Improved window management (remember window sizes and layout). Having to resize the Rule and Zone Editor and then resize the column widths every time it's opened is beyond annoying.
Edited by panther-modern

Share this post


Link to post
Share on other sites

Add search for [name] and [Application] fields in the "Rule and Zone Editor"

 

v5.0.115 on OSX 10.9.5 -> don't know if yet implemented in v6?

 

Cheers

Edited by BDMSTUDIOS

Share this post


Link to post
Share on other sites

I'l like something that would list the interfaces that are in a specific zone inside the firewall 

 

When an interface is detected you get asked what zone it's in, and you don't see this inside the firewall preferences

Share this post


Link to post
Share on other sites

Hi planet,

 

Great thread, thanks for your effort and time! BUT, on the other hand it keeps me from upgrading to v6.0.14.0. Any idea when ESET will fix all bugs and issues, do you have direct contact with the techies at ESET?

 

Thanks again and cheers!

Share this post


Link to post
Share on other sites

I'l like something that would list the interfaces that are in a specific zone inside the firewall 

 

When an interface is detected you get asked what zone it's in, and you don't see this inside the firewall preferences

 

I think you get asked what profile you want to use for the interface, and then in advanced options you can add a zone if you want Cyber Security Pro to remember this connection. You can see current profiles used on active Network Interfaces by going to the main window, clicking 'Setup' on the right and then 'Firewall'. You can alter or modify zones either by staying on the same page and clicking 'Configure rules and zones...' and clicking on the 'Zones' tab, or by visiting the Preferences window via the menubar icon and clicking 'Firewall' and then the 'Zones' tab. There you can decide how to associate interfaces or networks with profiles, including using a whole interface to decide on a profile instead of a specific network.

 

 

Hi planet,

 

Great thread, thanks for your effort and time! BUT, on the other hand it keeps me from upgrading to v6.0.14.0. Any idea when ESET will fix all bugs and issues, do you have direct contact with the techies at ESET?

 

Thanks again and cheers!

 

I have no idea when or if anything will be looked into or fixed. :( No, I don't have direct contact.

Share this post


Link to post
Share on other sites

 

I think you get asked what profile you want to use for the interface, and then in advanced options you can add a zone if you want Cyber Security Pro to remember this connection. You can see current profiles used on active Network Interfaces by going to the main window, clicking 'Setup' on the right and then 'Firewall'. You can alter or modify zones either by staying on the same page and clicking 'Configure rules and zones...' and clicking on the 'Zones' tab, or by visiting the Preferences window via the menubar icon and clicking 'Firewall' and then the 'Zones' tab. There you can decide how to associate interfaces or networks with profiles, including using a whole interface to decide on a profile instead of a specific network.

 

 

I do not see a list of interfaces like ppp0, en0, awdl0 etc, all I see are rules, zones or profiles, and the zones lists subnets (and the occasional wireless SSID)

 

I don't see any tie in between interface and any subnet .. something that would be nice, i.e.  en0:172.16.1.1/24  in the zones would have been nice

Share this post


Link to post
Share on other sites

I do not see a list of interfaces like ppp0, en0, awdl0 etc, all I see are rules, zones or profiles, and the zones lists subnets (and the occasional wireless SSID)

 

I don't see any tie in between interface and any subnet .. something that would be nice, i.e.  en0:172.16.1.1/24  in the zones would have been nice

 

Hi Weety, in the zones section you can add or modify an existing zone where you are able to add an interface using the 'Interface' section and with your example you can also add a subnet to create the zone you require. Additional interfaces are automatically added to the list when the interface is active.

Edited by planet

Share this post


Link to post
Share on other sites

Planet

 

I had noticed that, but could not work out if the Activators were 'AND' or 'OR' together

eg "Interface = Wifi"  *AND* "Subnet = 192.168.1.1/25"

 

Documentation does seem a little sketchy on Zones and Activators in the User Guide

 

Not all interfaces are available to add (for example utun0 and ppp0 can only be added if present, e.g. in a VPN)

Edited by Weety

Share this post


Link to post
Share on other sites

Planet

 

I had noticed that, but could not work out if the Activators were 'AND' or 'OR' together

eg "Interface = Wifi"  *AND* "Subnet = 192.168.1.1/25"

 

Documentation does seem a little sketchy on Zones and Activators in the User Guide

 

Not all interfaces are available to add (for example utun0 and ppp0 can only be added if present, e.g. in a VPN)

 

I asked about the AND/OR rule operators and brought up the lack of documentation a few months ago. I realize that writing documentation is not particularly enjoyable, but if users are willing to go through the effort of documenting issues and suggestions, I would hope that ESET would at least participate in the discussions here a little more. The tone of this forum has been relatively constructive, instead of the usual internet vitriol, but it is beginning to seem like a bit of a one-sided conversation.

Share this post


Link to post
Share on other sites

ESET already has a huge knowledgebase. Also for ESET Cyber Security Pro.

So you can e.g. find this about the firewall rules:

How do I create a firewall rule to allow/disallow use of a certain application in ESET Cyber Security Pro?

 

This "online documentation" they can edit of course fast and you can even send comments about a specific article to ESET if you find something to improve (below the article).

Updating the internal (offline) documentation of course needs more time, firstly because any changes needs to be checked many times there and secondly it needs of course a new version upgrade.

 

So be patient and maybe and let them some time.

Share this post


Link to post
Share on other sites

ESET already has a huge knowledgebase. Also for ESET Cyber Security Pro.

So you can e.g. find this about the firewall rules:

How do I create a firewall rule to allow/disallow use of a certain application in ESET Cyber Security Pro?

 

 

Unfortunately this lacks information about the new options on configuring a Zone

Share this post


Link to post
Share on other sites

 

ESET already has a huge knowledgebase. Also for ESET Cyber Security Pro.

So you can e.g. find this about the firewall rules:

How do I create a firewall rule to allow/disallow use of a certain application in ESET Cyber Security Pro?

 

 

Unfortunately this lacks information about the new options on configuring a Zone

 

 

This is what I don't understand, it would only take a few minutes for a member of the ESET team to provide a little bit of additional information, like how zone activators are interpreted (AND/OR), yet they can't be bothered. Why they refuse to respond at all to most of the requests for info here is beyond me, they seem to have left things to other forum users to provide support for their product.

Share this post


Link to post
Share on other sites

I am not sure whether it has already been mentioned, but I would like the logging to be improved. Looking at the events log, virus definition updates whether succeeded or failed are not listed. If virus definition updates would be logged as well I would know for sure whether those definitions are up-to-date and the update process itself is functioning properly. Currently I only get these update pop-ups. So no update history is available anywhere.

Share this post


Link to post
Share on other sites

I am not sure whether it has already been mentioned, but I would like the logging to be improved. Looking at the events log, virus definition updates whether succeeded or failed are not listed. If virus definition updates would be logged as well I would know for sure whether those definitions are up-to-date and the update process itself is functioning properly. Currently I only get these update pop-ups. So no update history is available anywhere.

 

Updates that have failed do appear in the 'Events' log, under the 'ESET Daemon' module and entries begin with 'Error updating Antivirus modules:', although there is no logging for successful updates (you could view in the update section the 'Last successful update' entry to see the last time it was updated, or else you receive the 'Update is not necessary' message). An option to also view successful updates along with the failed entries would be nice, like what Smart Security has.

Share this post


Link to post
Share on other sites

Just wanted to say thanks to ESET for fixing the number of major issues with ECS & ECSP, especially with the shutdown issue and problems with esets_proxy.  :) Will continue to update this topic on the first post for the last few things here and there that need to be certain it has been fixed after a few days of using ECSP, but it looks positive!

Share this post


Link to post
Share on other sites

Just wanted to say thanks to ESET for fixing the number of major issues with ECS & ECSP, especially with the shutdown issue and problems with esets_proxy.  :) Will continue to update this topic on the first post for the last few things here and there that need to be certain it has been fixed after a few days of using ECSP, but it looks positive!

 

Great thread and KUDOS to @planet and all others participating here. What are still the main (crull pit) issue with release 6.1.12.0 of ECSP for Mac? My ECSP 5.0.115.0 is working perfect, except for the shutdown lag.

 

Cheers

Edited by BDMSTUDIOS

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...