ESET Smart Security 7 Beta & ESET NOD32 Antivirus 7 Beta Released – Give Feedback and win

[PodrskaNORT 17]

"Clear update cache problem - Could it be solved in v7 automatically/periodically?"

 

Hi all.

 

We receive a significant percentage of support calls regarding update failures.

 

Majority of those issues are solved simply with "Advanced settings" -> "Clear update cache" -> "Update now" procedure.

 

It would be nice (from support point of view, at least :-) ) if v7 could periodically delete cache by itself... Maybe to implement a  scheduled task "Clean update cache daily" which could be disabled if customer wants to keep cache intact for some strange reason...

 

Thanks

Tomo

[NRTID#20130717094602]

 

[PodrskaNORT 17]

SysInspector in v7

 

 

Wish list: Include export of all ESET logs to txt/csv/xml file (anything that is readable by human) in SysInspector log.

 

 

Thanks

Tomo

[NRTID#20130717095302]

Edited July 17, 2013 by PodrskaNORT

[Guest Vasilis]

Hips look about the same as V5 and V6...I mean the automated mode has only 1 rule.I think there are also some hidden too but they seem to be ''broken'' and they don't seem to work.''Advanced memory scanner'' seems good although it needs some improvements.As far as HIPS mode is concerned,why not offer some rules and users could choose what they want(custom rules)..I mean that ''filtering mode'' needs a redesign/remake..Eset in general is a really good internet security but it lacks the ability to deal with 0-day malware(apart from signatures).I know the 7 version is still in beta but are you planning on doing something to improve HIPS?

[Marcos 5,074]

HIPS already helps protect crucial ESET's and system processes and it also significantly contributes to detection and blocking of zero-day malware. It's not only about HIPS blocking everything that seems to be suspicious, otherwise we'd end up blocking thousands of legit applications which is definitely not what we want.

[0strodamus 5]

Some improvements that I would like to see in the next beta.

 

ALERTS: Add option to open the advanced options drop-down as default
HIPS: Improve rules window to remember position / size
HIPS: Allow adding a folder to "Source applications" like "Target applications"; i.e. C:\Program Files\*.*
HIPS: Improve file wildcard support; i.e. C:\Program Files\*.ico or C:\Windows\*.log
HIPS: Add command line parameter with wildcard support for cmd.exe
 

[Guest SteveP]

Since installing ESET Smart Suite v7 beta (allowing pre release modules) on Windows 8.1 Preview  Chrome has been a bit wonky, is there a way to turn off any modules that affect Chrome at all?

[Guest SweX]

Since installing ESET Smart Suite v7 beta (allowing pre release modules) on Windows 8.1 Preview  Chrome has been a bit wonky, is there a way to turn off any modules that affect Chrome at all?

What version of ESS V7 BETA do you have installed? Better support for Win 8.1 Preview was just added in the 104 update. Just FYI.

 

Hello,

 

Support for Windows 8.1 Preview has been added in v7.0.104.0, however, it should be considered preliminary, as the operating system itself is in a pre-release state.

 

Regards,

 

Aryeh Goretsky

 

 

 

More here: https://forum.eset.com/topic/569-eset-nod32-antivirus-and-eset-smart-security-70104-beta-released/

[dwomack 160]

Another question would be which version of Chrome is installed. We have had reports that the Chrome Beta upgrade has been wonky with v7 but the standard GA release of Chrome works just fine.

[Guest Mirko Spalla]

Hi, 

I'm encountering a bug in the last beta. After update my bluetooth driver I was no more able to start windows because em008_64.dat caused lots of 0x00000050 bsod

[Duluc 6]

Another question would be which version of Chrome is installed. We have had reports that the Chrome Beta upgrade has been wonky with v7 but the standard GA release of Chrome works just fine.

I'm using Chrome Beta (v29) with NOD32 v7.0.104 on Windows 8.1 Preview and there's no problem at all. Everything works as it should. No complains. 

[Guest John]

I am writing to tell you my opinion about HIPS which still seem unusefull(like in V5 and V6).I mean the automated mode has only 1 rule.I think there are also some hidden too but they don't seem to work.''Advanced memory scanner'' looks like it is good but that's not enough i believe...As far as HIPS mode is concerned,why not offer some rules and users could choose what they want(custom rules)..I mean that ''filtering mode'' needs a redesign/remake..Eset in general is a really good internet security but it lacks the ability to deal with 0-day malware(apart from signatures).I know the 7 version is still in beta but are you planning on doing something to improve HIPS?

[Peter Randziak 1,130]

Hi, 

I'm encountering a bug in the last beta. After update my bluetooth driver I was no more able to start windows because em008_64.dat caused lots of 0x00000050 bsod

 

Hello Mirko,

 

could you please provide us with full memory dump so we could analyze it?

 

Thank you.

[0strodamus 5]

After getting my bearings running v6 for a couple weeks, I went ahead and took the plunge with v7.0.104.0. So far, it is running smooth as silk. Great job ESET!

[betona 1]

Test System:
Win7 64-bit

Windows Live Mail Version 2012 (Build 16.4.3505.0912)
NOD32 Antivirus v6 was already existing on the system.

 

I had to revert back to v.6 from the first beta due to email client problems.

 

I installed the newer NOD32 v7.0.104.0 on top of v6 and it installed correctly.  After about two weeks of use, I'm happy to report that the email bug is gone.  Everything else is nominal.

[dwomack 160]

ANNOUNCEMENT!

 

We are pleased to announce the Grand Prize Winner of our V7 Beta Feedback Contest, @Arakasi!

 

He and a guest will be joining us next week at Black Hat USA in Las Vegas, Nevada. Arakasi provided some significant feedback which (along with all of your feedback) is already being used by ESET developers to improve the quality  of our V7 products.  Congratulations to you Arakasi, and a big thank you to all of our Beta testers. 

 

That said, our v7 products are still being beta tested by some awesome people, YOU! Thanks again for all of your efforts and help and please keep the feedback coming.

 

CONGRATS ARAKASI! We'll see you at Black Hat next week!

[DaZa9 0]

Please add these to tray menu

 

-Update (Product and virus database)

-Gamer mode

 

I was wishing to see a new UI or at least an improved one not v6.

[DinGo 22]

I requested Gamer Mode being added to the tray menu in v6.

However in hindsight it's not really necessary if you have Gamer Mode enabled when running full screen apps.

[DaZa9 0]

Can you add an option when threats detected it put this option (Delete,Clean, and No action) which applies for all detected threats

for example I did scan and found about 500 threats, some of them cleans automatically and some needs a user choice (and which needs user choice <Delete, No action> is more that which cleaned automatically which about 400

 

so I'm forced to change every threats from <No Action> to delete and that's boring

 

So I suggest that you add a selection box when I select an action (delete for example it applies for all detected threats)

 

Hope you understood this, and sorry for my bad English

 

Regards. 

[puff-m-d 120]

Hello,

 

We are pleased to announce the Grand Prize Winner of our V7 Beta Feedback Contest, @Arakasi!

 

Let me add my congratulations to Arakasi!!!

 

I guess that means also that all the winners of the one year ESS licenses have been determined and notified   ...

[Marcos 5,074]

Can you add an option when threats detected it put this option (Delete,Clean, and No action) which applies for all detected threats

for example I did scan and found about 500 threats, some of them cleans automatically and some needs a user choice (and which needs user choice <Delete, No action> is more that which cleaned automatically which about 400

 

so I'm forced to change every threats from <No Action> to delete and that's boring

 

It is mentioned in the action selection window that multiple items can be selected at once, e.g. by pressing Ctrl+A.

[Arakasi 549]

Thank you Kent. Thank you Dan.

I'm really looking forward to BlackHat as well as becoming more aquainted with the forums and Eset staff.

I hope I can provide much assistance where & when needed.

Cheers~

[Arakasi 549]

One more addition to feedback, that i am not sure if has been mentioned.

I really think the operating system update warning is very useful.

 

- There are many consumers that do not pay attention to that AT ALL.

Believe me i know from some of my clients.

However they do tend to pay attention to their AV just in-case they stumbled upon malware.

It seems NOD32 is quicker to recognize these out of date systems quicker then even Microsoft's checker, possibly because MS has different intervals and concentrates on internet resources for the average user,

and Eset up front has a check during boot or after the profile has loaded.

 

Amazing job devs!

[Arakasi 549]

Another very nice feature that could be a nice addition to eset is a stronger termination protection. We all know eset runs as executable egui.exe and so do malware devs.

I wanted to add an example from the well known SAS as a running process.

 

In Task Manager it reads as :

Image Name: 6985c66f-6756-4002-aa08-a1038fcf4b79.com

Description: SUPERAntispyware Application

 

I have been seeing many posts and user comments about how eset was terminated by malware or similar.

I am unsure of the technology behind this but it looks similar to encryption.

 

 

To the devs:

TerminateProcess is a weak attack but malware may use it because its quick and efficient. I am confident this has already been blocked by eset engine.

I am assuming we already have a form of WM_Close with destroy window protection ? If not may be good to investigate for future releases !

I also assume SetWindowsHookEx protection is there as well ? This is where the question of 32 bit and 64 bit versions come into play as i heard Marcos discussing earlier ; as with DLL injections....

a 32-bit DLL can't be injected into a 64-bit process and a 64-bit DLL cannot be injected into a 32-bit process.

I was curious to how many methods of process to process protection nod32 has ?

 

I'm amazed at how the window handle name or image name, whatever,  has been altered by superantispyware. Although it still has a PID. I am not sure how they did it, but if eset were to develop a form of technology, of course with software copyright in mind , we may have an even stronger piece of software on our hands to protect against some of the more nasty malware that i hear users are complaining about.

 

Developing this protection can be fairly difficult however a simple change in running name may be an easier addition to app term. prot. then the previous discussed methods.

[Ego_Dekker 16]

v7 is unable to detect Windows AIK.

7.0.104 has automatically detected WAIK and i could create ESR medium (ISO). Well done!

[Guest Loke]

I have installed Eset Smart Security 7 Beta on one of my PC´s.

I have set the HIPs settings to Interactive.

When I install the AMD grafic driver while ESS 7 Beta is installed I have to click "Create rule" 13 times during installation. An additional 3 times more is needed when completing the installation.

 

With the ESS 6 installed and HIPS settings to Interactive I only need to create ONE rule.

 

Why have you made such change with the HIPs like this? It is very anoying.

I have installed Adobe Reader and I have to create 9 rules to complete the installation.

With ESS 6 only ONE rule is needed.

 

It would be nice to know why you have done this change.

Is it possible to change the settings somehow to avoid this? I do not want to have automatic settings, I like Interactive settings.

 

Regards

Loke