A Techie Newbie

Discussion in 'ESET Smart Security v3 Beta Forum' started by fhaber, Jun 27, 2007.

Thread Status:
Not open for further replies.
  1. fhaber

    fhaber Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    18
    I've recommended about twenty copies of NOD32 to friends and clients, but I had AVG licenses. They're expiring, and I decided to try this beta. I initially loaded it up with the firewall and antispy disabled, in order to evaluate the interface and AV. Looks OK so far, but of course I have questions. I'm a fan of low overhead AV, and NOD used to be that. What's below is based on a clean (first) install of the brand-new "b" beta.

    o Is there any way to exlclude a subtree of a drive from a manual scan? I understand why modern anti-malware has to flag things that I USE, but I'd sure like to keep it on my HD, without constant interruption when I do a scan. I was flagged twenty times for keyfinder, in various versions, and twice for CMDOW, a perfectly benign commandline util. I was also flagged for a file in the DOS WordStar directory (!). I presume that was a fp.

    o Twice, files were quarantined when I'd explicity commanded that they be left alone. This is not nice. They did seem to be restored from quarantine, when I ordered that.

    o CPU load: I saw peaks of 45-50% from the main engine of ESS, declining to 4% when it seemed to have little to do. I was dismayed that the CPU load stayed high when ESS was just waiting for my response to an ALERT! window. OTOH, the CPU load from just AV, when the firewall and antispam are disabled, and you're NOT scanning, is very light. Bravo! (Pardon for mixing NOD comments with suite comments, but I AM a newbie to this program.)

    o Question: is there still a service that conflicts with Google Desktop? I remember that from way back.

    o The GUI component does seem to suck considerable CPU. This computer (P4 3.2 with HT, vintage 2004) seems much more responsive during a scan when the scan is flipped to "background." I vote for a hotkey to do the above.

    o What's the deal with the tray icon? Is it ever green?

    o Buglet?: Reported percentages of scan completion RESET when one logical drive is completed, and ESS moves on to the next. ESS again counts from 0 to 100. This is probably confusing to other than us geeks.

    Thanks for the opportunity to respond,
    -Frank
     
  2. Chappy

    Chappy Registered Member

    Joined:
    May 1, 2007
    Posts:
    69
    Hi Frank

    First let me say that you'll be glad to get rid of AVG, it really is garbage and it fails VB tests regularily, but users of AVG never know just how bad it is as long as it reports to them that "Everthings OK". Well, of course it'll say that when it fails to recognize known threats...so please my friend...stay away from that one.

    Ok, yes there is a way to take a subtree of a drive out of the manual scan process, simply click "Computer Scan" and then "Custom Scan" from the main window, and you'll get a tree view where you can select what to scan and what to leave alone. This can take you right to the single file level so it's easy to eliminate a certain file or folder tree from a scan.

    2nd, sorry, I don't have an answer for this one. I believe all threats are automatically moved to Quarantine and depending on the Cleaning level you set in the Advanced setup, you're asked whether you wish to clean it from there or it's done automatically. It's set to Ask by default.

    3rd - CPU usage may vary wildly, I would watch that for awhile longer to see if you can pinpoint something. Like maybe the IMON or AMON modules are doing something during that period...(just a guess really)

    4th - I believe thats long in the past, the Google problem. Besides, right now there is no Browser plug in support in ESS.

    5th - Yes, mine is almost Always green. What does your System Security show? It may be because of the switch to Beta 1b and the license is about to expire fo the 1a beta.

    6 - Yah, this is how it works on multiple drive/partition systems, it reports for each drive/partition. I have 3 HDD's and 9 partitions, and it goes 0 to 100% for each drive. No biggie really and it could be quite useful at times, to know just where each drive scan is at on that certain drive. Like for me I've had freeze-ups today and I can tell exactly at what drive and percentage the scan froze up on. I think I actually prefer this look rather than lumping all drives into one large percentage block.

    Welcome to Eset World!
    Enjoy, and please, feel free to keep up the questions, it's how we all see what's happening with others and not just our own.

    Dave
     
  3. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    Please keep in mind the version of ESET Smart Security you download is a beta test version, used to helpESET test the features and functionality of the codebase. As such, it is not a final version and should not be treated in the same fashion as production softare.

    Very old versions of Google Talk had an LSP which was incompatible with the Internet Monitor (IMON) module in NOD32 v2.x. This module is not present in ESET Smart Security.

    Regards,

    Aryeh Goretsky
     
  4. fhaber

    fhaber Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    18
    Thanks, everyone. I'm getting to like this program. I'll dispute the "AVG is garbage" statement, though. It's a great lightweight, often free solution, since AV isn't the main problem these days. To protect against idiot users on bad sites and IRC, you have to have much more. If the user is a teen-age boy, only manacles will help (g).

    Back to the product of our kind hosts- I see nice touches everyware: the semi-transparent popups, the logical main menu. I'm not used to that (g).

    The tray icon is now green, but all modules somehow got turned on overnight, when I started this machine this morning. By design? I had the firewall and antispy off at install, and they showed as off last night. (Actually, antispam is indeed off. Everything else is on.)

    Is there any way to save a template for a manual scan, so my excluded subdirs are sticky?

    Is there an explanation of the web protection anywhere?

    The tracking-by-service tree of the firewall screen is truly a thing of beauty! That'll be handy.

    Any hint of the pricing on this thing? Do Eset offer a multi-year or SOHO license?

    Even with everything on, overhead seems low, and the bursts when scanning new objects don't seem to clog the machine.

    I noted that the default priority on a background manual scan is Low, which explains the better responsiveness of the machine when the scan is dumped to background. Vista should offer even finer control. This machine, like all my production machines, is XPSP2, for reasons you've all heard before.

    -frank
     
  5. ASpace

    ASpace Guest

    What I bolded is exactly what I wanted to write before I read it . You cannot disable anti-spyware module because there is no such . Both NOD32 and ESS have one engine to fight all ciber-crime (threats) .



    Read the Help file , you'll find a lot information there.


    About NOD32 - yes , but ESS is still beta product and for ESS - no.

    Yes , but still for NOD32 only.

    :thumb:
     
  6. fhaber

    fhaber Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    18
    Hitech,

    Thanks, that leaves only the firewall turning itself back on as a mystery.

    --frank
     
  7. Chappy

    Chappy Registered Member

    Joined:
    May 1, 2007
    Posts:
    69
    Hi Frank

    I don't usually call something "Garbage", but AVG's history in VB 100% awards is less than stellar, 22 Failure, 17 Success, 13 No Entry (which means they knew they would not pass, or they're not ready for that test platform)
    AVG Test History
    Other testing laboratories find the similar results and AVG averages less than a 50% success rate. Again, I'm sorry and it's not a statement at you in any way, but AVG just is not the "Wonderful Life-Saver" that it's users proclaim. As I said, they just don't know any better, as long as AVG says "You're Secure", the user will never know different. Of course, that can also be said about ANY product an that's why we have to rely upon well trusted testing facilities like VB.

    VB (Virus Bulletin) is the oldest & most respected, non sponsored AV testing facility out there, and has been the Bible of AV testing since...well forever. If you ever want to see how any vendor fares against the most comprehensive testing suite, VB is where to go look.
    Eset's NOD32 has the most VB 100% awards to date, and set the record for the most consecutive VB 100% awards @ 23 (I think that was the #), and is hands-down, the best AV product around.
    We can only hope that their ESS is just as tenacious!!

    Welcome Frank!
    Good to see you here, and I agree with your assesment in my other post (shell crashes), plus I wholeheartedley agree with your above statement as well!! AV is less now than before, but still a vital security issue non the less I think. Even if you don't go with ESS as a suite, stick with NOD32 AV and you'll never be sorry. I'm "considering" NOD32 and Comodo Firewall, but Comodo is still in Alpha stage for Vista and I prefer something sooner. Still, Comodo really outperformed everyone in the Matousec firewall tests....

    Dave
     
  8. fhaber

    fhaber Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    18
    Thanks, Dave. The above messages were all posted in blissful ignorance that NOD32 has a *combined* AV and antispy engine. Please filter for that.

    I hadn't looked at VB since Hector was a pup, F-Prot DOS was hot stuff, and Norton was a good program. I'd call that AVG report card "erratic," with a failure this month. I can't tell any more without shelling out $500US.

    Actually, I'm not here to argue. AVG now detects a bit of malware, maybe 90% of the viruses that are still around, and doesn't get in the way, even on a 400MHz pII running 98, with an idiot behind the wheel. It serves a function. It may be a sieve, but it's a benign sieve. If Grisoft calls that a ringing endorsement, they can quote me (g).
     
  9. Chappy

    Chappy Registered Member

    Joined:
    May 1, 2007
    Posts:
    69
    LOL!!!

    No Frank, I don't mean to Argue either, and I never meant to make it seem that way. I guess I've just grown tired of all those AVG fanatics all over my forums (I admin 3 others) telling my members to switch to it, and me knowing just how poorly they perform.
    Kinda gets all pent up after awhile...;) I guess for a freebie, it'll be good for some, but the AVG stuff is officially Dropped as of now....lets just help Eset make the best Suite possible and we'll ALL be better off!!
    I made some suggestions for intensive firewall logging including packet sniffing an the Eset engineers wrote back saying they couldn't put that in now, but it's under consideration for a near-future version upgrade. I pointed out how successful Sygate was and allot of that was due to just how well everything was logged..they agreed so hopefully....

    I follow VB and get the newsletters by email, and AV Comparatives is also great place for reliable info. These products are so complex nowadays, you HAVE to have a huge laboratory full of employees to properly test this stuff anymore...not like the old days of Boot Sector virus spread by Floppies eh.
    I used to test new/unknown varients for certain companies, and at one time I had over 486 virus specimens, 114 Trojans, and numerous Spyware dll's in a sandboxed testbed system. That was back when they were fairly simple designs and nowhere near as complex as they are today. The attack vectors used today make those older virus look like single celled Amoeba compared to todays stuff, and I simply can't keep up with them anymore. Besides, nobody uses independant testers anymore.
     
    Last edited: Jun 29, 2007
Thread Status:
Not open for further replies.