ESET SysInspector v1.1.2.0 released

Hello,

ESET SysInspector v1.1.2.0 has been released in English and Slovak. This release is a minor update and fixes the following issue:

• Fixed vulnerability in the anti-stealth driver allowing mis-use of kernel processes under administrator privileges.

No other changes have been made to the program. If you have further questions, please your local ESET office, distributor or reseller.

The new version is available for download from ESET's web site at http://www.eset.com/download/sysinspector.php .

Regards,

Aryeh Goretsky

 

Hello, with new generation v4 has been released new SysInspector, which is integrated. Do you plan new separated version?

 

Hello,

ESET SysInspector will continue to be updated and offered as a standalone product.

Right now, though, ESET has just completed integrating ESET SysInspector into ESET NOD32 Antivirus, ESET Smart Security and ESET Remote Administrator, so, as you might imagine, they are very interested in getting feedback on how the integration of the program is working with the public beta test versions of those programs.

Regards,

Aryeh Goretsky

 

How ?! It is more or less the same as the standalone version . It is just integrated there but hidden for the "average Joe" because it is accessable only in Advanced mode . This way it is just a 3 Mb crap because it won't help the average Joe at all , it will simply sit there and do nothing . However , I can see it as advanced user . But I am advanced and I don't need it because it is not me who gets infected on daily bases ... and I do know users/clients who get infected on weekly bases .

Unless ESI does something automatically and warns even the average Joe of potential problems (red and yellow entries) , its integration is pointless.

I emailed a suggestion to ESET betasupport long time ago , let's see if there will be something later ... not that they are bound to do it.

 

Hello,

Ensuring that all components work correctly is the point of releasing the software as a public beta. As it is, issues have already been identified which ESET's developers are investigating.

ESET SysInspector is a very useful program for a variety of purposes beyond helping identify malware. Very common uses for it by ESET's support department include troubleshooting software conflicts and network conflicts. Having it present where it can be accessed right from within the program provides ESET's support department with a way to quickly resolve customer's issues without having to ask them lots of questions about their system, download and run various standalone programs, send the resulting log files back for analysis and so forth. I think it is fair to say that solving problems quickly benefits both ESET and its customers.

Also, keep in mind that just like everything else, additional features and functionality are planned for future versions of ESET SysInspector that will make it even more useful.

Regards,

Aryeh Goretsky

 

I can see how this is going to be very useful to me as a tech. Can someone tell me where the status of the MBR is indicated?

 

Hello,

That functionality is not available in ESET SysInspector v1.1.2.0.

Regards,

Aryeh Goretsky

 

Thank you for the reply, even though it was not what I was hoping to hear. The SysInspector download page lists it as a key feature. Is this functionality still in the works for subsequent releases?
My concern, of course, is the detection of the likes of Sinowal/Mebroot.

Regards,
wjal

 

Hello,

Allow me to clarify, ESET SysInspector can detect Win32/Mebroot infections, but it does so heuristically. When no threat is found, ESET SysInspector does not display information about the master boot record.

You can also download the standalone EMebRemover program from ESET's web site to remove the malware.

Regards,

Aryeh Goretsky

 

Ahh.... thank you,
and congratulations on the development of a truly elegant application.

 

There has been a bit of a flare up in the forums regarding a POC exploit for version 1.1.1.0 that you may wish to address.
http://sysopt.earthweb.com/forum/showthread.php?t=202168

 

v 1.1.2.0 has already been released . The previous version has been removed from all official places/servers , etc . No point in discussing it anymore

 

TCP view has improved as it seems the rest looks similar to 1.1.1.1

 

Hello,

I took a quick look at the message thread, and it seems to be addressed by that forum's regular posters.

Regards,

Aryeh Goretsky

 

I justed wanted to say, nice job with SysInspector!
Really nice tool, integrated with NOD32 it will kick ass!

 

My deepest regards and thanks for posting this update.

EASTER

 

I've tried SysInspector and it crashes on my home and work computers every time during start up. Just start scanning and then crash at 'Critical Files' point.

Asked ESET Support for assistance (as a registered customer), but seems they are unable to say something worth (stupid template responses and questions like 'Why do you want to run sysinspector?'). Sorry, just got angry of them.

 

Just answer their questions.

 

Hello,

Hopefully, you won't find these questions stupid, as knowing the answers to them will be helpful in troubleshooting the problem.

Were you running ESET SysInspector because you suspected you had an infection or other malicious activity occurring on your computer, or just wanted to try the program? Also, were you trying to run the 32-bit or the 64-bit version of ESET SysInspector?

What other security software is present on your computer?

Which version of Microsoft Windows and what service pack level is your computer running? Is it fully patched?

Regards,

Aryeh Goretsky

 

Hi Aryeh,

Your questions are quite reasonable.

I just wanted to try the software in comparison with the Sysinternal's Process Explorer.
The computers were:
1) Windows XP 32bit SP3 (ESET Smart Security v3.0.667 installed and active)
2) Windows Vista 32bit Business SP1 (PCTools SDAV 6 installed but inactive)
Just a couple of minutes ago I've installed latest updates, run chkdsk, restarted, unload all unneeded apps and processes (except system ones) - no luck. Still crashes (got a fresh version from the site, just in case).

Also, I asked my colleague to run SysInspector and it runs ok (Vista 32 SP1).
Apparently something wrong with my software environment, but I've no idea what's.

 

m3y, I advised you to contact the support that will help you.
http://www.eset.com/support/contact.php

 

Fixer, I did. They replied 5 times, always not related to the issue, and finally just stopped responding when I asked to give me the contact of their manager or a team leader.

But support quality is not the issue. Especially in this thread. If they can't help, OK, no problem.

 

Hello,

Although it is not active, it is possible that a service or driver from PC Tools Spyware Doctor with Antivirus is still resident in the operating environment and conflicting with ESET SysInspector's anti-stealth driver. I would recommend temporarily uninstalling the program, running ESET SysInspector, and then reinstalling it when you are finished. If possible, be sure to export your settings so that you can quickly re-import them once PC Tools Spyware Doctor with Antivirus is reinstalled.


Regards,


Aryeh Goretsky

 

Uninstalled, no changes.
Info from Process Monitor shows last activities before crash were the following:
1) QueryInformationVolume (...)\drivers\etc\hosts SUCCESS
2) QueryAllInformationFile (...)\drivers\etc\hosts BUFFER OVERFLOW
3) ReadFile (...)\drivers\etc\hosts SUCCESS
4) QueryNameInformationFile (....)\SysInspector.exe SUCCESS
Then crash initiated by svchost.

 

Hello,

Does the crash occur if you run ESET SysInspector in Safe Mode or log in as a different user?

Regards,

Aryeh Goretsky