As mentioned in the changelog,the self-defense function which consider to be the one of the weakness in previous verison has benn improved.A simple test has suggested the kernel process can not be end in the Task Manager now.

Is there anyone trying to introduce further test?:-*

{QUOTE-> As mentioned in the changelog,the self-defense function which consider to be the one of the weakness in previous verison has benn improved.A simple test has suggested the kernel process can not be end in the Task Manager now.

Is there anyone trying to introduce further test?:-* <-QUOTE}
That's the same test I did. Functioning fine. v3 failed this one

I heard some one tried to delete or replace the files in V4 directory with some tools,and failed at last

{QUOTE-> I heard some one tried to delete or replace the files in V4 directory with some tools,and failed at last <-QUOTE}
Don't need a tool for that. Tested manually and with a lockup tool and ESS both passes

I just tried to terminate the Ekrn.exe with a tool named Wsyscheck.
Ekrn.exe disappeared and restarted immediately as well as V3.

Hope Self-Defense of ESET will be further improved.

I test it on Win32/TrojanDownloader.Agent.VJT. V3's service is "successfully" switched off, v4 successfuly protects.


All problems report to ESET! :)

{QUOTE-> Bagle kills ekrn.exe in nod32 v4 in less than 8 seconds:P <-QUOTE}



self-defense ......improved emergency :-X

When hackers want, they "kill" every software. Instead of criticism I would suggest you test BETA version. Then you will satisfied with FINAL, maybe. :D

{QUOTE-> When hackers want, they "kill" every software. Instead of criticism I would suggest you test BETA version. Then you will satisfied with FINAL, maybe. :D <-QUOTE}



I'm not criticizing Kosak.

The only negative point for me is when ekrn.exe consumes 50% of the CPU when I scan.


Metamorphosis phrase for me :P



Most Reagrds,
NF

{QUOTE-> When hackers want, they "kill" every software. Instead of criticism I would suggest you test BETA version. Then you will satisfied with FINAL, maybe. :D <-QUOTE}

Self-Defense should be improved! Bagle, Ekrn.exe should not kill you can finish Ekrn.exe it but only after reboot;)

I thought I'd test it again this morning and it was easy to disable ESS through Taskmanager :(

Hello,

Self protection is a new feature in the beta test release of ESET Smart Security v4, and development of it is ongoing.

Please continue to report any new issues or questions that you might have. Thank you.

Regards,

Aryeh Goretsky

agoretsky see that post
http://www.wilderssecurity.com/showthread.php?t=226156
ekrn.exe was terminated by Advanced Process Termination

{QUOTE-> I thought I'd test it again this morning and it was easy to disable ESS through Taskmanager :( <-QUOTE}

Well, I for one strongly feel that a user should be able to kill any process via task manager...

{QUOTE-> Well, I for one strongly feel that a user should be able to kill any process via task manager... <-QUOTE}

The killing here will restart the ESET Service . I would also prefer to be able to restart the service (just like now with v2 and v3) . With v4 , one will have to restart the whole computer to restart the ESET service . Sometimes it is necessary to simply restart one single service . So I agree with you , doktornotor :thumb:

{QUOTE-> Well, I for one strongly feel that a user should be able to kill any process via task manager... <-QUOTE}
I agree. Especially if ESS is hanging and you want to restart it. Having to do a hard reboot of your computer is becoming a old solution because a piece of software is locking up your comp.

I do feel that Eset should protect its own file system though. Which they seem to be working on.

Bagle is specific, because uses kernel driver and then he can do everything.


I tested Avast (with new self-defense, too). His installation has been succesful, but protection was disabled.

Kaspersky Internet Security 2009 wasn't possible to install.

ESET repair installation failed on writting eamon.sys.