If you have any comments, questions or suggestions concerning the new ESS 4 beta, please post them to this thread. If you want to report an issue, create a separate thread where we can discuss it further and email issue details to betasupport[at]eset.sk as well.

First impression: very nice - very very nice in fact. This is like what I originally anticipated v3 might be like but it is even so much more than that!

To setup I used install over of ESS v3 and keep existing settings and for good measure a reboot which by the was wasn't actually required for setup and launch to complete.

So far all good and I'm going to have fun checking out all the nice new features :)

Thanks ESET

Cheers :)

Please give links to the English version! :o

Hello,


Version v4 BETA links


slovakia


http://www.eset.sk/download/beta_verzia




english versiion


http://www.eset.eu/download/beta

Download was very fast. Looks good

Yepie Kiya,Just downloaded put My license for v3 in place of V4 good to go.Beautifull GUI Thank you marcos and entire Eset team.:thumb:

ESS v4 is able to successfully prevent download of all 8 delivery types of the EICAR test file:
http://www.eicar.org/anti_virus_test_file.htm

That includes download of zip and double zip files as well as by HTTPS SSL protocol.

The kernel process ekrn.exe can no longer be simply killed on XP Pro even when logged in as Administrator.

I love it!

Cheers :)

So far so good. Very fast. Love the new look. Nice work guys :thumb:

screenshots please......

{QUOTE-> screenshots please...... <-QUOTE}
Why not test yourself?

{QUOTE-> screenshots please...... <-QUOTE}


Here is one but test EAV yourself - it acts very nice . Unlikely v2->v3 , v4 is similar to v3 (I see improvements only but based on v3)

Everything looks good except it kinda use a little more ram than be4. :/

{QUOTE-> Why not test yourself? <-QUOTE}




Right now I am at work I can not test but I am curious to see the new version at home:)



Most regards,

NF

{QUOTE-> Right now I am at work I can not test but I am curious to see the new version at home:)



Most regards,

NF <-QUOTE}
I see. later on more fun. Good luck than

{QUOTE-> Here is one but test EAV yourself - it acts very nice . Unlikely v2->v3 , v4 is similar to v3 (I see improvements only but based on v3) <-QUOTE}



I love this new GUI very clean and pleasant to ESET always be impressed:)


Thanks friend


Most Regards,

NF

{QUOTE-> I love this new GUI very clean and pleasant to ESET always be impressed:) <-QUOTE}

Yes , the GUI is marvellous ! :thumb:

So, when, is it on to do list for v.4?

Here V4 AV screen.

Here is another.

More screenshots - Do try it.

Personal firewall with new Learning mode and additional Austomtic mode with exceptions:
204096

Improved statistics:
204097

Watch activity for File and Network Activity graphs (up to last 30 Days):
204098

Intergrated ESET Sys Inspector with added/changed/removed comparison reporting:
204099

And every other feature Marcos has mentioned already here (http://www.wilderssecurity.com/showthread.php?t=225559) and including the new animated tray icon :)

Cheers :)

{QUOTE-> So, when, is it on to do list for v.4? <-QUOTE}



http://www.wilderssecurity.com/showthread.php?t=225576



Most Regards,

NF

I am having a problem with updates any idea what this is.

Hello, HIPS (http://en.wikipedia.org/wiki/Intrusion-prevention_system) isn't self-defense. :)

HIPS isn't included in plan of v4 according my information.

{QUOTE-> I am having a problem with updates any idea what this is. <-QUOTE}

Couldn't it be that you have changed the default username/password or the update server?

{QUOTE-> Couldn't it be that you have changed the default username/password or the update server? <-QUOTE}
Hi marcos I put my valid license in from V3 after a clean install.updates is set automatic.I know its beta but i assumed my paid license would work am I wrong?.

{QUOTE-> Hi marcos I put my valid license in from V3 after a clean install.updates is set automatic.I know its beta but i assumed my paid license would work am I wrong?. <-QUOTE}

V4 updates from a different location with beta update files and thus does not recognize other usernames/passwords.

{QUOTE-> V4 updates from a different location with beta update files and thus does not recognize other usernames/passwords. <-QUOTE}
I see err so what do I do know.

Try uninstalling v4 and installing it from scratch.

As I thought thank you.One other Note to Admin and Modes marcos etc,I see some other post are starting up with simliar topics and being we are talking about V4 here,May I suggest maybe merging them seems kinda crazy multiple post for same product v4 Beta.PS just a suggestion though.

{QUOTE-> Hello, HIPS (http://en.wikipedia.org/wiki/Intrusion-prevention_system) isn't self-defense. :)

HIPS isn't included in plan of v4 according my information. <-QUOTE}
Do you mean not in this build or not at all in this version?

Hi,

Any plans on incorporating antispam funcionality to The Bat! along with v4 final release?

{QUOTE-> As I thought thank you.One other Note to Admin and Modes marcos etc,I see some other post are starting up with simliar topics and being we are talking about V4 here,May I suggest maybe merging them seems kinda crazy multiple post for same product v4 Beta.PS just a suggestion though. <-QUOTE}

Perhaps we could have one thread where you could express your opinions about the beta and the issues you find would be discussed in separate threads?

All in this version.

{QUOTE-> Perhaps we could have one thread where you could express your opinions about the beta and the issues you find would be discussed in separate threads? <-QUOTE}


BTW updates all ok now @ default user name/password thanks

What is System status module?

Thanks guys for the new version, it's just great.
Well, But am i dreaming or nod has hooked my SSDT ??:dry:


I thought nod was not as the other blind AV hookers. :-\
i used to see this in nod
204122

and now...
204123

I think that nod will finish like all other AV, hooking all the SSDT, IDT.... just like malaware dose ...
- Hooking plays on OS stability
- Disturb other software
- Slowdown the machine
- Confuse user: example
If i am searching for malaware/rootkit on X machine, then i open an antirootkit, seeing SSDT hooked by a malaware + Security software:: then what are rootkit hooks ??
HOOKS ARE BAD :thumbd:
i think that hooks are added to improve self defense...
Hook hater here, if only we can decide on NOT installing hook/ self defense v4 would be just great.

Has the firewall been improved?

I occasionally have issues from the current V3 version. Sometimes I have to disable/re-enable a SHARED folder before it can be accessed from another PC in the house. For example, I get the shared folder working. The week goes by, files have been added, and removed randomly. Then I get on my latop, it attempts to access this shared folder. It denies it persmission until I turn the sharing off on that folder, and then allow sharing on that same folder. I indeed narrowed it down to ESET Smart Security when I temporarily uninstalled it, and the issue never happened.

Is there more SIMPLICITY MODE for a HOME network user? Something like, allow all access on your home/local network activities?

If not, I suggest such a mode.

I know about the trusted zone setup, but it's just more simple for an inexperience PC user to click, ALLOW ALL HOME NETWORK ACTIVITIES.

I often recommend ESET to all my clients, as I am a PC Technician.

{QUOTE->
HOOKS ARE BAD :thumbd:
i think that hooks are added to improve self defense... <-QUOTE}

I agree with you . I don't like the Self-Defence in the new version . Got only problems with it and have always had problems with Self Defences . In 2006 , after several years of using Panda , I ditched it because of problem between their Self-Defence and Windows . When testing , I have almost always had problem with Kaspersky's SelfDefence . I kind a hate such Self-Defences and products that do hooks .Hope ESET will change something till the final version .

Here is something just started to appear window security center warning Nod32 3.0 is not currently turned on but it is running system tray.I guess this could be as its still registed in security center as V3 perhaps.

Hello,

There are several new options in the firewall, as well as several new modes of operation, such as Learning Mode.

Whether the new beta version addresses the specific issues you reported, though, is something that will likely require your participation to investigate.

Regards,

Aryeh Goretsky

{QUOTE-> Has the firewall been improved?

I occasionally have issues from the current V3 version. Sometimes I have to disable/re-enable a SHARED folder before it can be accessed from another PC in the house. For example, I get the shared folder working. The week goes by, files have been added, and removed randomly. Then I get on my latop, it attempts to access this shared folder. It denies it persmission until I turn the sharing off on that folder, and then allow sharing on that same folder. I indeed narrowed it down to ESET Smart Security when I temporarily uninstalled it, and the issue never happened.

Is there more SIMPLICITY MODE for a HOME network user? Something like, allow all access on your home/local network activities?

If not, I suggest such a mode.

I know about the trusted zone setup, but it's just more simple for an inexperience PC user to click, ALLOW ALL HOME NETWORK ACTIVITIES.

I often recommend ESET to all my clients, as I am a PC Technician. <-QUOTE}

Is Eset v4, have a version updater? or still manual update and download the whole file again?

Kindly add Parental Control.

{QUOTE->
Kindly add Parental Control. <-QUOTE}


Kindly do not.

and no parental control...

For Sysinspector
there is (on right menu) "export..." but it is *.xml file.

For user newbies why don't add "export in zip file" ?
or " export zip file and attachement in mail" for directly send at the support ?

thank you.

{QUOTE-> Everything looks good except it kinda use a little more ram than be4. :/ <-QUOTE}
yup, it's getting bigger again.

So far so Gooooooooooooooooooooooooooooooooooooooood
Very nice work ESET.

{QUOTE-> I agree with you . I don't like the Self-Defence in the new version . Got only problems with it and have always had problems with Self Defences . In 2006 , after several years of using Panda , I ditched it because of problem between their Self-Defence and Windows . When testing , I have almost always had problem with Kaspersky's SelfDefence . I kind a hate such Self-Defences and products that do hooks .Hope ESET will change something till the final version . <-QUOTE}

The lack of self defense is what has me running Kaspersky more often than not. NOD32 has failed me before due to its lack of it. No, it can't detect everything, but when it misses something and that something shuts it down and proceeds to run wild, then you might as well be running nothing. If the way they are implementing it is bad, then by all means I hope they find a better way, but better self defense is something ESET products must have if I am to continue using them.

I am liking the beta 4 so far. We'll see how things progress.

{QUOTE-> but when it misses something and that something shuts it down and proceeds to run wild, then you might as well be running nothing <-QUOTE}

When that thing goes on running wild , you will not care about your antivirus (if it is working or not) because it has already failed . If the antivirus missed a threat no matter if the self-defence will be able to shut the AV down or not , the threat will be missed => resulting in information loss/damage/theft <= this is what will matter .

I will have a trojan + working AV or a trojan + destroyed AV - it will be the same and this doesn't matter

will give eset another shot when i get home today on my test machine. i used to love nod 2.x then 3.0 just had way to many issues so i swithced away from eset altogether. hopefully this is as good as it seems though i do NOT like the looks of the way it hooks

{QUOTE->
The kernel process ekrn.exe can no longer be simply killed on XP Pro even when logged in as Administrator. <-QUOTE}

Bagle kills ekrn.exe in nod32 v4 in less than 8 seconds:P

{QUOTE-> Here is something just started to appear window security center warning Nod32 3.0 is not currently turned on but it is running system tray.I guess this could be as its still registed in security center as V3 perhaps. <-QUOTE}

I believe it is because v3 is still registered to the Security Center. I got the same thing, and when I reset the repository, it shows nothing is installed at all. So it does not appear that v4 registers with the Security Center. I'm sure this will be fixed in later builds, but it is definitely broken now.


A quick update on this, now the Security Center shows everything is working correctly. I had it open and all of a sudden everything went green. Strange it would correct itself after several hours...

Another update, after looking more closely, it show version 3.0 is up to date, not version 4.0. So in any case, it is not working correctly.

Hookers suck!

Just installed it, so I've only got GUI feedback. If you're going to insist on having menu animations by default, make them as fast as possible. The new systray icon is rather awful. :o

{QUOTE-> I agree with you . I don't like the Self-Defence in the new version . Got only problems with it and have always had problems with Self Defences . In 2006 , after several years of using Panda , I ditched it because of problem between their Self-Defence and Windows . When testing , I have almost always had problem with Kaspersky's SelfDefence . I kind a hate such Self-Defences and products that do hooks .Hope ESET will change something till the final version . <-QUOTE}
i agree with you eset have to make a option for disable self-defence on and off

Hello, in my opiniom Self-Defense is necessary for every security software. When I tested v3 on one sample, it hadn't got problem to disable it. Now, with new module, v4 worked on. It has been very simple "to shoot down" whole protection before.

{QUOTE-> i agree with you eset have to make a option for disable self-defence on and off <-QUOTE}

That would be a fair solution, Kaspersky offers it. As long a it could not be done with a script, defeating the purpose of having it at all.

Do you want integrate Kaspersky, Symantec, etc. to ESET Smart Security? I see this just like that. >:(

Success of ESET's solutions must be based on unique, not copying other ideas.

{QUOTE-> in my opiniom Self-Defense is necessary for every security software <-QUOTE}
Ok what about using a spécial app for that ?, i mean just use a HIPS with your AV.
Many years with only nod32 av + firefox+ adblock, and NOT a single infection, my PC is runing smoothly, no conflict with other applications, and no BSOD.
And believe if someone is targeting you, with or without your HIPS you will be infected...

{QUOTE-> Ok what about using a spécial app for that ?, i mean just use a HIPS with your AV.
Many years with only nod32 av + firefox+ adblock, and NOT a single infection, my PC is runing smoothly, no conflict with other applications, and no BSOD.
And believe if someone is targeting you, with or without your HIPS you will be infected... <-QUOTE}

Why use a special app to compensate for a weakness in your security app? There are too many competitors that offer self defense. If ESET wants to remain competitive it has to happen. If there are a large number of people that don't want it, an option to disable should be sufficient for anyone.

{QUOTE-> Why use a special app to compensate for a weakness in your security app? There are too many competitors that offer self defense. If ESET wants to remain competitive it has to happen. If there are a large number of people that don't want it, an option to disable should be sufficient for anyone. <-QUOTE}
i vote +1

It is NOT a weakness but a design, remember ESET was renowned by its lightness, effective heuristique, and always not a bloated FAT security program that slowdown a computer and disturb other application.. just like a malaware does ...

yes please a disable option..

in scaning skip file option is very usefull
because if scanner take too much time in scan a compress file user can easily skip file

{QUOTE-> Why use a special app to compensate for a weakness in your security app? There are too many competitors that offer self defense. If ESET wants to remain competitive it has to happen. If there are a large number of people that don't want it, an option to disable should be sufficient for anyone. <-QUOTE}


+1 vote

Hello,

The version (program component) updater is built into NOD32 v2.50, NOD32 v2.70, ESET NOD32 Antivirus v3.0, ESET Smart Security v4.0 and the beta test versions of ESET NOD32 Antivirus v4.0 and ESET Smart Security v4.0.

If you have a list of web sites you would like to block, you can import them from a text file in the Advanced Setup. Here's how to do this, step-by-step:


Open the graphic user interface and press F5 to open the Advanced Setup window
In the left navigation pane, go to Antivirus and Antispyware -> Web Access Protection -> HTTP, HTTPS -> Address Management. In the right pane, HTTP address management will appear.
In the HTTP address management pane, select List of blocked addresses/masks from the drop-down list.
In the lower right corner of the window, click on the downward pointing triangle on the Add...▼ button and From File. The Open window will appear.
Browse to the location of your list of web sites to block and select it.


You can also whitelist sites from this location in the program so that the user will only be able to access specific sites listed in the program.

Regards,

Aryeh Goretsky



{QUOTE-> Is Eset v4, have a version updater? or still manual update and download the whole file again?

Kindly add Parental Control. <-QUOTE}

I installed this Beta over my full build on Vista Ult 64 SP2.

I have had slow web due to DNS issue with Virgin Media (now a totally crap ISP unlike the good old Telewest Blueyonder service) for days so cannot comment on slow surfing if caused by Eset like some other users report.

I do not like the washed out Tray Icon, its needs brightened up same as the r and orange versions of it, it was fine the darker blue it used to be

I cannot close Windows Mail after a Mail is caught by ESET AntiSpam (fine if none is caught).

I am having issues with Updates both Auto and Manual, changing user/pass to my own does not fix so changed them back to Beta User/Pass.

I have finally learned MS are full of crap about using your Firewall to turn of Network Discovery and Sharing as it can only work if you use the Windows Firewall (so no idea why they even put that info in the Network Section).

EDIT : (Adding from my other post to keep all my issues in 1 place).

Ok it was not the best idea to test this Beta on same night my ISP was having their normal DNS issues due to oversubscription etc (Virgin Media, used to be no1 ISP Telewest Blueyonder but now a total joke).

Anyhow back to issue, I assumed the next day was still DNS issues as I could hardly use the web but downloads were full 20meg speed and I was trying to load dozens of sites (inc this very site) at less than 14kbit modem speeds from the 1990's and even some of them would not load.

Two days later I think enough is enough so try using OpenDNS, it makes no difference so I think it cannot be my normal crap ISP DNS issues and I read some have slow browsing issue with this Beta.

I ignored the above initially because I had tried to surf with all 3 aspects of ESET disabled using the Tray Icon and it made no difference but here is the weird part.

Ok I decided to uncheck HTTP Scanning and my browsing is back to full speed, nearly all sites open and load 100% instantly.

It works if I leave that 1 setting unchecked, no matter if all 3 aspects of ESET are enabled or disabled it works.

I think not much testing went out on this before public got invited to test added to the other bugs I and others are getting.

We need another new build FAST.

i am fan of this option
shutdown PC when complete scan

In Web Access Protection - List of Blocked Addresses - please allow each address in the list to be conditional on the currently logged in user and the time of day and day of week (e.g. block bebo.com if user = "amy" and time = between 00:00 and 18:00 Monday to Friday).

Alternatively allow a certain address dependent on logged in user and time of day & day of week.

It would also be useful if firewall rules could be dependent on currently logged in user and time of day & day of week.

According to the list of known issues on this page (http://www.eset.eu/buxus/generate_page.php?page_id=22184) it seems that you have had a similar idea for the firewall:

"# Filtering of http addresses according to user missing
# FW filter according to user/time missing"

{QUOTE-> It is NOT a weakness but a design, remember ESET was renowned by its lightness, effective heuristique, and always not a bloated FAT security program that slowdown a computer and disturb other application.. just like a malaware does ... <-QUOTE}

It is not my intent to argue about this all day, but I consider it a weakness when I have been infected before because of it. This entire subject came up because someone determined v4 already hooks the system as part of its self defense, and if this is correct, I have not found it to slow things down in the least, and I have had no stability issues yet. Plus, if an option to disable is given, it makes the discussion of this particular subject pointless, so my 2 cents is include it with a disable option. That should leave nobody unhappy. Malware is evolving, and products must do more. If the concern is for the "lightness" of the product, I think they are still doing a fine job there.

doesnt seem to heavy to me, scanning is pretty fastit does use more ram than before. web browsing imo is faster with kis2009 or nis2009 than with the new version 4. i have had firefox hang more than a few times on a few web pages. the same pages do not hang with either of the other mentioned.

the new gui is pretty nice i personally miss the good old 2.xx gui myself but i guess everyone is going this way now.

i am seeing spikes of 50% cpu for a min or two or longer at times.

i would really like a self defense option to be available.

and vista security center is not seeing ess v4 as being turned on.

ess flagged a couple of files i know for sure are NOT virus' so im not sure if this new engine has better or worse hueristics?? have they been changed. a quick scan with ess3 did not flag 3 files ess4 did??

ill report more as i can if eset can get this one right like what i was hoping ess3 would have been i will switch back over. i have been a nod user for so many years with the older versions but ess3 just didnt do it for me. for those i know that are using suites like kis2009 a freind of mine for instance HAS TO USE parental controls for his daughter. this would be a great feature for those people to be able to have and maybe have a "custom" option during instal so those that dont want it dont have to install it. i would also like to see a suite that allows turning things off if i want to for a while without screeming at me to turn them back on i.e. kaspersky..

Just installed beta4. Ugly interface. Specially new icon. Too bright colors.
Please change back to old 3.0 GUI, or give an option to choose between another colors atleast. Well i prefer the old one.

My network speed really got much slower with v4. I had around 600mbit. Down to 200Mbit with v4 installed. (Firewall in Interactive mode)
(i have 1gb/s lan)

Otherwise seems fine and like a good work. Seems to be working just fine atleast for now.

{QUOTE->
ess flagged a couple of files i know for sure are NOT virus' so im not sure if this new engine has better or worse hueristics?? have they been changed. a quick scan with ess3 did not flag 3 files ess4 did??
<-QUOTE}

As usual, please send those files in a password protected archive to samples[at]eset.com with this thread's url in the subject.

will do today when i get back home.

i agree about the colors

Hello,


Suggestion


Possible Update offline database virus ESS/EAV v4



MOst Regards,
NF

This feature won't be added because of ESET's policy.

{QUOTE-> This feature won't be added because of ESET's policy. <-QUOTE}

I read somewhere that they where thinking about the possibility to do it.

I think that it would support "black" versions. If you find the link, PM me it, please.

{QUOTE-> This feature won't be added because of ESET's policy. <-QUOTE}



It is with great sadness my Kosak, I would really like to have that opportunity.

A lot of people would like to have a free version of NOD32, too. ;D

{QUOTE-> I think that it would support "black" versions. If you find the link, PM me it, please. <-QUOTE}

Then why other companies offer that feature?

{QUOTE-> A lot of people would like to have a free version of NOD32, too. ;D <-QUOTE}

I completely agree. But I understand the side of ESET was also just a simple suggestion.

;D

{QUOTE-> I think that it would support "black" versions. If you find the link, PM me it, please. <-QUOTE}


Could you explain this to me your statement? I did not understand what you mean ....

{QUOTE-> Then why other companies offer that feature? <-QUOTE}

Because other companies validate their subscriptions with product activation. Since your subscription with ESET products is validated by the update servers, offline updates are difficult. I prefer this system as I don't have to call someone and explain why I want to reactivate because of new hardware. I have dumped others vendors for this reason, so I hope nothing changes here. I personally don't mind paying for a good product. But not everyone else feels that way, so I consider the online updates a way better alternative than what some are doing.

{QUOTE-> Could you explain this to me your statement? I did not understand what you mean .... <-QUOTE}

"black" versions - I guess he means cracked/fixed/pirated versions

{QUOTE-> "black" versions - I guess he means cracked/fixed/pirated versions <-QUOTE}


Thanks friend :)

{QUOTE-> Thanks friend :) <-QUOTE}

YAW :)

{QUOTE-> Hi marcos I put my valid license in from V3 after a clean install.updates is set automatic.I know its beta but i assumed my paid license would work am I wrong?. <-QUOTE}

No, it doesn`t work correctly with v3 UN/PW. It is advised to use it with UN/PW which are already embedded in the installation package.

suggestions :

Enable/disable : auto add block URL when you are it ! (multi infection ) :

27/11/2008 02:06:55 HTTP filter file http://***.com/progs/rvfffsp/pmiij.php probably a variant of Win32/Statik potentially unwanted application connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Internet Explorer\iexplore.exe.

26/11/2008 17:35:12 HTTP filter file http://***.com/progs/rvfffsp/xhuhuv probably a variant of Win32/Kryptik.BJ trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:34:22 HTTP filter file http://***.com/progs/rvfffsp/urabb.php Win32/TrojanDownloader.Small.NTQ trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:33:54 HTTP filter file http://***.com/progs/rvfffsp/wsccpqqda.php probably a variant of Win32/Agent trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:33:27 HTTP filter file http://***.com/progs/rvfffsp/wsccpqqda.php probably a variant of Win32/Agent trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:33:00 HTTP filter file http://***.com/progs/rvfffsp/wsccpqqda.php probably a variant of Win32/Agent trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:32:38 HTTP filter file http://***.com/progs/rvfffsp/pmiij.php probably a variant of Win32/Agent trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:32:10 HTTP filter file http://***.com/progs/rvfffsp/pmiij.php probably a variant of Win32/Agent trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:31:45 HTTP filter file http://***.com/progs/rvfffsp/pmiij.php probably a variant of Win32/Agent trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:31:23 HTTP filter file http://***.com/progs/rvfffsp/hwgtdqq.php probably a variant of Win32/Agent trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:30:58 HTTP filter file http://***.com/progs/rvfffsp/hwgtdqq.php probably a variant of Win32/Agent trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:29:29 HTTP filter file http://***.com/progs/rvfffsp/rnkxy.php probably a variant of Win32/Agent trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:29:02 HTTP filter file http://***.com/progs/rvfffsp/rnkxy.php probably a variant of Win32/Agent trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

26/11/2008 17:28:34 HTTP filter file http://***.com/progs/rvfffsp/rnkxy.php probably a variant of Win32/Agent trojan connection terminated - quarantined PC-de-InsTeR\InsTeR Threat was detected upon access to web by the application: C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe.

I used V2 for a long time, v3 wasn't what v2 was. Also, the detection rates are lower. I found an test here: http://ssupdater.com/modules/Forums/index.php?showtopic=3938 and Eset v4 beta has been tested:

Nod32 4.0 beta – 89.79% (48.000k)

This is very low for an AV these days, AVIRA Free edition got AntiVir Personal Edition - 98.74% (50.000k)

(BTW, the xx.xxxk is memory useage when scanning, so that's good Eset!) Marcos, are you going to improve the scanning capability? Would be nice!

I noticed that it could still be disabled by fake mouse clicks. Here (http://www.sendspace.com/file/8nmx0w) is a video.

i know it's a beta, but please eset don't make it too big! i got a yorkfield quad and 4gb ddr3 and everything is noticeably faster since i put v3 back on, don't forget all the gamers who started with nod because it was the best and it was the lightest, all other av's seem to be getting smaller please don't go the wrong way!

Hello
i tried installing v4 ess and it borked my vista laptop.
i read a post that said the person had installed over v3 no problems.
i tried that.
v4 installed.
but updater wouldn't work.
so i tried to uninstall it but that wouldn't work.
no sign of it anywhere in my programs list.
even the ess uninstaller said no program installed.
when i rebooted,blue screen.
tried safe mode,and removed all traces of ess.
restarted ,and blue screen again.
i had to use my backup image on an external hdd to reset vista.
i saw marcos's post later to uninstall v3 and fresh install v4.
i will try that next.
just thought i would let people know about installing over v3.
any ideas.?

{QUOTE-> Hello
i tried installing v4 ess and it borked my vista laptop.
i read a post that said the person had installed over v3 no problems.
i tried that.
v4 installed.
but updater wouldn't work.
so i tried to uninstall it but that wouldn't work.
no sign of it anywhere in my programs list.
even the ess uninstaller said no program installed.
when i rebooted,blue screen.
tried safe mode,and removed all traces of ess.
restarted ,and blue screen again.
i had to use my backup image on an external hdd to reset vista.
i saw marcos's post later to uninstall v3 and fresh install v4.
i will try that next.
just thought i would let people know about installing over v3.
any ideas.? <-QUOTE}

it says it on the first line http://www.wilderssecurity.com/showthread.php?t=225559

Rescue CD creation is likely to be WAY beyond the capabilities of your average customer.

If a customer tries to follow ESET's directions they will probably manage to download the Windows AIK, even though they don't know what it is. Some of them may even see Microsoft's instruction to burn it to a dvd. Will the average consumer realize they have to run the install program and point the rescue disc utility to the resulting folder? Even if they get that far, when the utility creates another ISO instead of a CD I suspect they will give up.

How about step by step instructions? Surely Microsoft can't object to that.

I work in tech support at Micro Center and every day I get customers who were unable to install NOD32 v3 correctly. That's easy by comparison!

Any release date of the final version of ESS v. 4?

{QUOTE-> Any release date of the final version of ESS v. 4? <-QUOTE}

Sometime next year.

Is there any hotkeys to block network traffic, enable firewall, etc. ?

{QUOTE-> Any release date of the final version of ESS v. 4? <-QUOTE}


Estimative June 2009


Most Regards,

NF

{QUOTE-> Estimative June 2009
<-QUOTE}

What's your estimation based on? Please do not tell any dates as only ESET staff are entitled to do so.

Hello,

The technical writers and training department have been notified of your request for instructional materials.

Regards,

Aryeh Goretsky


{QUOTE-> Rescue CD creation is likely to be WAY beyond the capabilities of your average customer.

If a customer tries to follow ESET's directions they will probably manage to download the Windows AIK, even though they don't know what it is. Some of them may even see Microsoft's instruction to burn it to a dvd. Will the average consumer realize they have to run the install program and point the rescue disc utility to the resulting folder? Even if they get that far, when the utility creates another ISO instead of a CD I suspect they will give up.

How about step by step instructions? Surely Microsoft can't object to that.

I work in tech support at Micro Center and every day I get customers who were unable to install NOD32 v3 correctly. That's easy by comparison! <-QUOTE}

{QUOTE-> What's your estimation based on? Please do not tell any dates as only ESET staff are entitled to do so. <-QUOTE}


Hello,

View link: http://www.wilderssecurity.com/showthread.php?t=225612



Most Regards,
NF

Hi nodyforever !

sxe asks about date . ESET never announced to the public a sticky date re. v4 commercial release . However one can have opinion when this may happen - in 2009 ;D In 1H of 2009 as written on the web-sites . But this could be March , April , June and even February or May. And as everything could happen and something might go wrong , it might even be not 1H of 2009 . So , nothing absolute ;)

Hello,

The training department reminded me that installation videos for ESET Smart Security and ESET NOD32 Antivirus v3.0 can be viewed at http://www.eset.com/training/ (http://www.eset.com/training/).

Regards,

Aryeh Goretsky

{QUOTE-> Rescue CD creation is likely to be WAY beyond the capabilities of your average customer.

If a customer tries to follow ESET's directions they will probably manage to download the Windows AIK, even though they don't know what it is. Some of them may even see Microsoft's instruction to burn it to a dvd. Will the average consumer realize they have to run the install program and point the rescue disc utility to the resulting folder? Even if they get that far, when the utility creates another ISO instead of a CD I suspect they will give up.

How about step by step instructions? Surely Microsoft can't object to that.

I work in tech support at Micro Center and every day I get customers who were unable to install NOD32 v3 correctly. That's easy by comparison! <-QUOTE}

hello again
i fully uninstalled v3 ess.
i installed ess v4.
stopped half way through install,and computer blue screened.
rebooted.
orange tray icon.
real time file protection disabled.
checked box in settings.
rebooted.
same thing.
tried default username password.
wouldn't update.
tried my original username password.
wouldn't update.
had to uninstall v4.
what a hassle that was.
any ideas what may be wrong?

First of all, remove v3 completely (you can use MSI cleanup from Microsoft or Revo uninstaller in case of problems with uninstallation). BSOD can also be caused by problematic NIC drivers, the best would be to get a complete memory dump when a BSOD occurs.

V4 can only be updated from a specific server using the built-in username and password. Other credentials won't work because v4 beta doesn't update from the same location as v3 does.

hello Marcos
thank you for your reply.
i used revo uninstaller to uninstall essv3.
i even used a registry cleaner to remove all traces of v3.
I tried using v4 with the username/password it installs with,but no update.
i then used my v3 username password.
still no update.
when i went to uninstall v4 ,ess uninstaller on program menu said no application is installed.
i looked in revo uninstaller,no entry for it .
i like using ess and hope i can sort this out.
thank you.

{QUOTE-> Hi nodyforever !

sxe asks about date . ESET never announced to the public a sticky date re. v4 commercial release . However one can have opinion when this may happen - in 2009 ;D In 1H of 2009 as written on the web-sites . But this could be March , April , June and even February or May. And as everything could happen and something might go wrong , it might even be not 1H of 2009 . So , nothing absolute ;) <-QUOTE}


Hello,

I agree totally


Most Regards,
NF

Hi:

I don't know if this has been requested here but I have certainly added it on the V.3 forum: PLEASE add support for Opera's M2 Mail client !!!
There is a lot of people using it, it's a great mail client with a lot of features that has been recently improved on Opera's v.10 alpha and will continue to grow.

So guys, this is all good. The new nice gui, better self-defense and improved firewall. BUT is it just me, or haven't NOD32 had any technical virus detection improvements since version 2.7 were the addition of rootkit detection were a new feature.

When there are new releases of Kaspersky, Norton, AVG or whatever they all come with detection improvements. NOD32 is missing these, and therefore it is lacking in detecting viruses compared to some of the others ??? This is the MOST IMPORTANT FEATURE OF AN AV, so I recommend you will include some of these features in version 4. You can't relay on signatures more, now less then ever. Maybe some kind of improved Heusteric or HIPS or something(you will know, you are working with it)

Anyway, I still use your AV, because it's simple and light, so don't destroy this

{QUOTE-> So guys, this is all good. The new nice gui, better self-defense and improved firewall. BUT is it just me, or haven't NOD32 had any technical virus detection improvements since version 2.7 were the addition of rootkit detection were a new feature.

When there are new releases of Kaspersky, Norton, AVG or whatever they all come with detection improvements. NOD32 is missing these, and therefore it is lacking in detecting viruses compared to some of the others ??? This is the MOST IMPORTANT FEATURE OF AN AV, so I recommend you will include some of these features in version 4. You can't relay on signatures more, now less then ever. Maybe some kind of improved Heusteric or HIPS or something(you will know, you are working with it)

Anyway, I still use your AV, because it's simple and light, so don't destroy this <-QUOTE}

Not sure what you mean, new detections are added all the time, and ESET's heuristics are arguably one of the best.

{QUOTE-> So guys, this is all good. The new nice gui, better self-defense and improved firewall. BUT is it just me, or haven't NOD32 had any technical virus detection improvements since version 2.7 were the addition of rootkit detection were a new feature. <-QUOTE}

This statement is completely wrong. How come v3/v4 detects more than v2 then? Improvements are made to the engine and advanced heuristics module which enables us to react immediately without waiting 1-2 years for a brand new version. Actually a lot of significant heuristic improvents have been made recently and distributed to all version users.

{QUOTE-> This statement is completely wrong. How come v3/v4 detects more than v2 then? Improvements are made to the engine and advanced heuristics module which enables us to react immediately without waiting 1-2 years for a brand new version. Actually a lot of significant heuristic improvents have been made recently and distributed to all version users. <-QUOTE}
sorry about that statement then :wacko: seems like i wasn't right informed then.

Hello,
ESS4 Very much it was pleasant, I am very happy, thanks Eset :thumb:

But is, not the big problem,UAC Blocks eset GUI!!!
Windows Vista 64 bit Ultimate SP1-beta SP2
1.Custom scan...
-Scanning of operative memory:Malware The started from a name ADMINESTRATOR-It is not found out, in operative memory

-boot sector -It is not checked, there are no rights

I think from for shortages of the rights, there can be problems, with a finding and removal Malware
http://smages.com/i/88/4a/884a6ced9de39db6049e64a682371097.png (http://smages.com/)

2.When it is started Eset GUI. Automatically, it is checked, operative memory, shortage of the rights
about
http://smages.com/i/69/7b/697b0fdda18796be98f40877aadcd5ad.png (http://smages.com/)
--------------------------------
P.S
It is clear. That threats, will neutralise, other modules, functions

I switch off UAC (Strictly, it is forbidden, it to do),- works correctly
Or
The started From a name-Administrator- Eset GUI -works correctly
-------------------------------
I want the best research SysInspector, 32 bit areas Windows, in 64 bit Windows

Now the good.
But I want, hundred percentage disclosing of the crimes, all modules. Malware the processed: Protector, Crypter, packed

If it is chosen: potentially unwanted applications, potentially unsafe applications
The most part malware, uses it, for concealment

Excuse, I use the automatic translator. It can be not clear.

I from Moscow:)

It would be nice if you add a warning message in ESS "Removable Media Blocked by ESS" or something like that when removable media is being blocked and the option is enabled by the admin. without the user knowing -or not- because as of now, when a CD is not allowed to start by ESS there is no warning and I believe it should be.

Very good work. Always improving, especially the heuristics are doing very good. That is, without making tons of false positives, which is very good. Though the signature detection is not very good, when used along with advanced heuristics the results are great. Keep up the good work and I wish you'll be able to make heuristics even better.:thumb:

Hello,

Sugestions:


1. I would like the animated icon was not simply turn on the eye contour, but do something more useful for example to fill the eye in concordance with the scan is being done? I think it would be more useful ....

2. I would also like the tab "Watch Activity Monitor" could see the samples of virus sent, received and confirmed as also submit the false positives that user sent to the laboratory of ESET presenting all these data together in a graph can show the same results a global level.


no more matter of time ...


Most Reagds,

NF

{QUOTE-> 2. I would also like the tab "Watch Activity Monitor" could see the samples of virus sent, received and confirmed as also submit the false positives that user sent to the laboratory of ESET presenting all these data together in a graph can show the same results a global level. <-QUOTE}


I think this can't happen because the way ESET Virus Labs works now . They don't inform the end user of the results of the samples submitted . Placing such an option in the program(s) itself means any end user will have some kind of access to the information ESET have and we will be able to see how they have or haven't dealed with a file sent . In cases where a FP has been sent but NOT fixed for more than a week (for example) , the end will have a confirmation they have actually received the sample but haven't dealed with it. The same applies to sample that has been received but for some reason hasn't been added to NOD32/ESS database . Yes , it can be malicious , it could have already been analysed , but detection NOT added . This will open a big whole between ESET and their users who will ask why this or that was still not added (but ESET got it) or why a FP wasn't fixed . ESET won't appreciated this . Additionally , hackers and malware writers will also be able to look in the Lab if some information appears to the public (in forums , for example) .

ok i am being really nit picking im trying this out now instead of just the nod beta. i think the GUI ON ESSv4 beta when installed on WINDOWSXP is really old looking as well as the light baby blue tray icon looks dated. i hope its made a little more appealing like the Nod 32 v4 beta is and i know this is probably not the final packaging of this great product which even though my license on nod 32v3 is good till july but when ESSV4 comes out of Beta I am UPGRADING pronto. thank you for all the hard work involved in getting this Application just right and putting up with comments like mine.

{QUOTE-> I think this can't happen because the way ESET Virus Labs works now . They don't inform the end user of the results of the samples submitted . Placing such an option in the program(s) itself means any end user will have some kind of access to the information ESET have and we will be able to see how they have or haven't dealed with a file sent . In cases where a FP has been sent but NOT fixed for more than a week (for example) , the end will have a confirmation they have actually received the sample but haven't dealed with it. The same applies to sample that has been received but for some reason hasn't been added to NOD32/ESS database . Yes , it can be malicious , it could have already been analysed , but detection NOT added . This will open a big whole between ESET and their users who will ask why this or that was still not added (but ESET got it) or why a FP wasn't fixed . ESET won't appreciated this . Additionally , hackers and malware writers will also be able to look in the Lab if some information appears to the public (in forums , for example) . <-QUOTE}


Never thought of that precious.

you have a different perspective to the my perspective is valid?

Now that I have read all of the positive comments about this new beta release, I have taken the plunge and installed it this morning, and so far everything seems to be working OK.

One added bonus I found is that this release blocks the Gibson's "Leak Test" from making an outbound connection when the filtering mode on the firewall is set on: "Automatic mode with exceptions" and I defined this in the rule settings, which was not possible with ESS version 3.
My thanks to the developers for making this rule possible.

Where's the love for the new SysRescue bootable CD? This is my favorite new feature. One suggestion I have for it is that the most recent definitions be included on the CD when you are creating it, rather than having to download them once booted to the CD. Also, I guess that it is asking a little much of typical end users to download/install Windows AIK to be able to create the disc, but I guess this feature isn't really geared towards the typical end user.

As others have said, keep the bloat down so I can keep selling your products and I'll be happy.

I'm loving the 4 beta so far....would love to test a newer release soon (hint, hint)

I posted this in the v3 section....but I personally would LOVE to see this added in v4:

Don't know if anyone mentioned this, but I would love to see some sort of an visual in/out activity meter. (similar to zone alarm, filezilla, etc?)

I would love to see something like this:

- general "Eye" icon is a dark desaturated green.

- the outer ring of the eye icon lights bright green with incoming traffic

- the inner iris/pupil of the eye turns red with outgoing traffic

with the more activity in each, the brighter the colours flash (on a five grade colour scale). what ya think?

Improve firewall, fails alot of leak tests.

i hope eset will improve the "External Applications"
so i can add more than one application and install software just like in windows but into the SysRescue build instead

i need one that supports adding cdkey so i can add my Acronis Disk Director and Acronis True Image into the SysRescue build

keep up the good work and if this is added SysRescue will be awesome and a great tool for File Backup & Virus Cleanup

Hello,
What's this new module "System Status Module"?

it is windows update.
Eset check if you make system update

{QUOTE-> What's this new module "System Status Module"? <-QUOTE}
It's the SysInspector module.

{QUOTE-> It's the SysInspector module. <-QUOTE}
very thanks