Why I downgraded from 9.0.318 to 8.0.312

[FredW 1]

Three times I tried to upgrade from Eset NOD32 8.0.312 to 9.0.318.

Three times after the first restart when I clicked in the icon in the taskbar for NOD32 my computer froze, even the time stopped.

 

Some time after my last restore back to 8.0.312, I remembered that I had similar problems when upgrading from version 7 to version 8.

Eset NOD32 and my firewall (PrivateFirewall) did not work together very well and in the end I had to turn of HIPS in NOD32 and everything worked fine.

 

So I spent many hours examining various scenarios with NOD32 with and without HIPS and with several firewalls (uninstall, install, see what works (or not), restore, etc.)

I ran trial with NOD32 versions 8.0.312, 8.0.319, 9.0.318

I ran trial with firewalls from Comodo, ZoneAlarm, TinyWall and PrivateFirewall.

 

I am now back to NOD32 version 8.0.312 and PrivateFirewall.

I am not going to update to any higher version, unless:

– Eset allows switching off HIPS without punishing the user by producing a permanent not-removable error message (home screen all red)

– Eset allows NOT selecting a not-used, not-present and not-wanted email program (Microsoft only) for email protection without punishing the user with a not-removable and not-justified permanent error message.

– Eset allows the use of a firewall of MY choice (PrivateFirewall) without forcing me to use a non-HIPS firewall.

– Eset solves the strange (and very repetitive) messages appearing in my second browser (Opera 12.17) about not complete/incorrect security certificates for some security websites (Avast, Avira, Eset); I noticed these messages appearing for some days (it can happen that security certificates are not in order), but they disappeared, quite unexpectedly, when I went back from NOD32 9.x.xxx to NOD32 8.x.xxx

 

Furthermore I used to download the offline-installer from:

https://www.eset.com/us/download//home/detail/family/2?installer=offline

But for some weeks that link had not been working for me anymore, a mystery why.

After having NOD32 three (3) times downloaded and installed via the Eset Live installer,

I discovered – almost by accident – that sites in North America are apparently no longer allowed for customers outside North America.

I have to download the offline installer now from an International link:

https://www.eset.com/int/download//home/detail/family/2?installer=offline

One may speculate why Eset does so, I can think of no reason, I do not want to know, I find it plain silly.

 

The outlook of NOD32 9.x.xxx is modernized (whatever that may be), but the functionality has suffered because of this, it is more complicated to do an advanced setup.

 

Finally I expected that downgrading to 8.0.319 would solve my problems with 9.0.318, but I had a hunch and went further back to 8.0.312 (after the umpteenth restore) and now also my KeePass 2 is fully working again.

 

I used to be a happy user of NOD32, I have been using it for many years, last year I have renewed my subscription (3 pack) for another three years..

But now I am disappointed with developments at Eset with NOD32 9.0.318.

I will stay some time with Eset and Nod32 and see how things develop.

Meanwhile exploring NOD32 for Linux.

[Marcos 5,070]

Eset allows switching off HIPS without punishing the user by producing a permanent not-removable error message (home screen all red)

 

It's not only HIPS that you disable but also Advanced memory scanner and Exploit Blocker as well as Self-defense that you disable too as they are dependent on ESET's HIPS. The mentioned features are of similar importance as real-time protection, ie. disabling HIPS substantially lowers protection capabilities of ESET (ie. malware won't be detected upon execution if protected by writers against emulation, or if malware attempts to exploit a vulnerability in popular software applications).

 

Eset allows NOT selecting a not-used, not-present and not-wanted email program (Microsoft only) for email protection without punishing the user with a not-removable and not-justified permanent error message.

 

I don't understand. Nobody forces you to use supported email clients. If you don't use MS Outlook, just leave the settings intact. Otherwise it's like disabling sound signals in the setup by deaf people just because they can't hear sound anyways.

 

– Eset allows the use of a firewall of MY choice (PrivateFirewall) without forcing me to use a non-HIPS firewall.

 

You can use PrivateFirewall or any other that you want. Again, there is no restriction to use ESET's firewall and it's not part of ESET NOD32 Antivirus anyways. As for HIPS, I explained it above. Still, as wrote elsewhere we will consider making the warnings less strict. Of course, there will always be some notifications when a critical feature substantially affecting protection and detection capabilities will get disabled.

 

 

Eset solves the strange (and very repetitive) messages appearing in my second browser (Opera 12.17) about not complete/incorrect security certificates for some security websites (Avast, Avira, Eset); I noticed these messages appearing for some days (it can happen that security certificates are not in order), but they disappeared, quite unexpectedly, when I went back from NOD32 9.x.xxx to NOD32 8.x.xxx

 

Unlike v8, v9 has SSL scanning enabled by default. Please post a screen shot of the message you're getting with v9.

[FredW 1]

Thank you, Marcos, for your answer.

 

I use Win7HP64SP1.

As a firewall I have PrivateFirewall installed.

hxxp://www.privacyware.com/PF_support.html

 

NOD32 and PrivateFirewall do not cooperate (very well), I have to switch off HIPS in NOD32 to enable the firewall to work, if I don't switch off HIPS my computer freezes.

In version 8 switching off HIPS gave no problems, but in version 9 I get the permanent red screen.

I refer to this topic:

https://forum.eset.com/topic/6258-disabling-hips-alert-in-v9/

and NOD32 is also not cooperating with another firewall (Agnitum FW).

 

You state that HIPS is very important for NOD32, I accept that, but that means that the choice of a firewall is limited to … (I have no idea to which firewalls).

Your statement that I can use any firewall I want does not compute, at least my firewall and another firewall will no longer work because NOD32 requires exclusive rights to HIPS.

 

When I switched off HIPS in version 9 some other features were also (automagically?) switched off, but I could switch them (most of them?) back on.

 

In version 8 / Email client protection / Email client integration, I can integrate three (3) email clients.

I had chosen to select none, as they are not relevant to me, that gave no problems.

When in version 9 I select none (same reason), I get a permanent error message, so I have to cheat and select one (anyone?) to avoid the permanent red screen.

https://forum.eset.com/topic/6265-e-mail-protection-non-functional/

Why do I have to cheat to avoid a permanent (in my opinion not justified) error message?

(more like giving hearing aids to people who have no hearing problems, if I may say so)

 

As I no longer have version 9 installed (see subject) I cannot reproduce the 3,4,5,? consecutive certificate messages I get in Opera 12.17 when I click on any of:

https://www.avast.com/virus-update-history

https://www.avira.com/en/support-vdf-history

hxxp://www.virusradar.com/ (an Eset site with incomplete security certificates?)

The following link could not be found in Opera 12.17 with NOD32 version 9 (Could not connect to remote server), but is again available in version 8:

https://www.security.nl/ (Dutch security site)

SSL scanning seems to do amazing things.

;-)

 

I am patiently waiting for the next version 9.

[Marcos 5,070]

Thank you for clarification Fredw. If there's a conflict with a 3rd party application, please always let us know so that we can look into it. If it's possible to make a workaround on our part even if ESET is not the culprot, we'll be glad to help so that you can use both applications together. Of course, it may not always be possible for us to make a workaround and the other vendor will need to fix the issue in their software.

 

As for disabling HIPS, it's needed for the following protection features to work:

- Self-defense (protects ESET's and system processes from being terminated or otherwise tampered by malware)

- Advanced memory scanner - the last layer of defense. Scans already unpacked code in memory upon execution, terminates the malicious processes and cleans the malware. It ensures that tricks such as using obfuscation or protectors to evade detection will not be successful.

- Exploit Blocker - detects and blocks malware that attempts to exploit vulnerabilities in certain popular applications (e.g. Java, Flash player, etc.)

 

Last but not least, I've mentioned elsewhere that we plan to give users an option to disable particular critical protection features without generating a warning.

[siljaline 57]

Hello FredW!                  

Thank you for visiting the official forum at my suggestion to get real answers from ESET Staff.  You are in most capable hands.