ESET SysInspector v1.2.021.0 has been released

[agoretsky]

Hello,

ESET SysInspector v1.2.021.0 has been released in English for 32- and 64-bit versions of Microsoft Windows, with additional languages to follow. This release contains the following changes:

• Improvements to stability
• Improved detection of running services
• Updated EULA

Copies of the software can be downloaded here on ESET's web site.

Regards,

Aryeh Goretsky

[ESS3]

Hello,

SysInspector 1.2.021.0(Anti-Stealth support module 1013, SysInspector module 1214), does not show servises-drivers Rootkit TDSS:
Olmarik, Win32/Rootkit Agent.ODG(proactive detection of active rootkit)

agoretsky
When will?

[agoretsky]

Hello,

Please send samples of the undetected malware to samples@eset.sk per the instructions in this knowledgebase article and include a link to this message thread for reference.

Regards,

Aryeh Goretsky

Quote:

Originally Posted by agoretsky

Hello,

Please send samples of the undetected malware to samples@eset.sk per the instructions in this knowledgebase article and include a link to this message thread for reference.

Regards,

Aryeh Goretsky

Aryeh ,
it is practically impossible to send undetected files of this rootkit because they are too much and vary from PC to PC (there are numerous /new/ variants) . ESS3's question was about something else , I am sure - about the fact that NOD32/ESS v4 might detect the rootkit present in the operating memory but do not mention the hidden files . Additionally , ESET SysInspector is completely unable to detect the hidden files/drivers (etc) of this rookit. ESS and NOD32 v4 are also unable to eliminate that rootkit.

[Cosmo32]

Quote:

Originally Posted by agoretsky

Hello,

ESET SysInspector v1.2.021.0 has been released in English for 32- and 64-bit versions of Microsoft Windows, with additional languages to follow. This release contains the following changes:

• Improvements to stability
• Improved detection of running services
• Updated EULA

Copies of the software can be downloaded here on ESET's web site.

Regards,

Aryeh Goretsky

Aryeh,
Good morning,
I just went and got the new release of System Inspector. I like it and use it often.
Is there some good reason that even this latest version of SI still codes all of my internal ESET files as Risk Level 5 - Yellow - UNK?
Is SI trying to tell me:
1. I use an older version of ESET A/V (Enterprise V2.7.39)?
2. SI just treats all "scanner" type apps the same?

[agoretsky]

Hello,

I'm aware of the customized nature of the rootkit's drivers, but apparently ESS3 is aware of the infestation and, presumably, the objects it has created on the system, so getting those in for analysis will help with additional detection, not just for ESET SysInspector, but ESET Smart Security/ESET NOD32 Antivirus as well.

Regards,

Aryeh Goretsky

Quote:

Originally Posted by ASpace

Aryeh ,
it is practically impossible to send undetected files of this rootkit because they are too much and vary from PC to PC (there are numerous /new/ variants) . ESS3's question was about something else , I am sure - about the fact that NOD32/ESS v4 might detect the rootkit present in the operating memory but do not mention the hidden files . Additionally , ESET SysInspector is completely unable to detect the hidden files/drivers (etc) of this rookit. ESS and NOD32 v4 are also unable to eliminate that rootkit.

[agoretsky]

Hello,

It would be helpful to see the log file in question. I will send you a private message with information on how to forward it.

Regards,

Aryeh Goretsky

Quote:

Originally Posted by Cosmo32

Aryeh,
Good morning,
I just went and got the new release of System Inspector. I like it and use it often.
Is there some good reason that even this latest version of SI still codes all of my internal ESET files as Risk Level 5 - Yellow - UNK?
Is SI trying to tell me:
1. I use an older version of ESET A/V (Enterprise V2.7.39)?
2. SI just treats all "scanner" type apps the same?

[Pedro]

One question. Is it free for commercial use, am i allowed to carry i on my usb drive, and use it anywhere (at work and so on) as freeware?
I don't remember if this was discussed already.

Quote:

Originally Posted by Pedro

One question. Is it free for commercial use, am i allowed to carry i on my usb drive, and use it anywhere (at work and so on) as freeware?

Yes , it is free . You can carry it where you like

[Pedro]

I downloaded it after reading your post, but that EULA gave me some doubts.
Legalese makes my head hurt.

I really appreciate your view on this, specially since you seem to be "in the know" regarding ESET.
But, i wish agoretsky could confirm this. I don't use software i'm not allowed to.

[agoretsky]

Hello,

I have contacted the product manager for ESET SysInspector and the legal department and asked them to confirm the program is free for commercial use, subject to the terms of the EULA.

Regards,

Aryeh Goretsky

[Pedro]

Thank you agoretsky. I appreciate it.

[agoretsky]

Hello,

Here's the response I received back from the architect of ESET SysInspector:

Quote:

[...]it is free for any to use, but there is a EULA, too.

So, as long as you agree to the terms of the EULA when using the software there should be no issues with using the software in a commercial environment.

Regards,

Aryeh Goretsky