Future Changes to EAV

Discussion in 'ESET NOD32 Antivirus' started by Blackspear, Jan 20, 2008.

  1. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,662
    Location:
    Throughout the USA and Canada

    that would be VERY nice so an admin can tag a new deployment and group it immediately when deploying it from the client-side.
     
  2. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    Downloaded File Version Number Needed

    When I download a new Eset NOD32 AV file, the filename does not include the version number. And if I right-click the downloaded file and select properties, there still is no version number, although in most of my other downloaded software files, properties does include the version number.

    Eset should do likewise.

    Before downloading a new version, I check Wilders to see if there are some issues relevant to me. Those threads usually mention the Eset version number that has the issue. But since downloading the current version doesn't tell me the version number, I have no way to determine whether an issue is "ancient history" that likely has been fixed, or remains relevant to the current downloadable version.

    An example of this problem is in the "Strange NOD32 alert" thread, at https://www.wilderssecurity.com/showthread.php?t=272438, in particular on the third page, my message #73 (or at https://www.wilderssecurity.com/showpost.php?p=1770692&postcount=73.)

    Roger Folsom
     
  3. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    Future Changes to EAV - Severe Reorganization Needed

    Tanstaafl, writing in msg #336 about 'Block removable media', began by saying:
    Agreed.

    And there should be multiple forums (or threads), one for each major NOD32 version number, and perhaps one for issues that obviously pertain to all versions (e.g. this post, and my immediately preceding post).

    This "Future Changes to EAV" thread begins (after Blackspear's initial two posts) with a message about "Future Changes to EAV 3.0," posted on January 20th, 2008.

    In my judgment, that's absurd.

    Roger Folsom
     
  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,034
    Location:
    California
    Hello,

    I believe that version information is displayed on the download page. Perhaps it needs to be more prominent (different color or typeface?) to improve visibility.

    When a new version does come out, a changelog is posted to the web site, the support news RSS feed, and in a stickied post. All of these should contain the version information in the title or subject line as appropriate, e.g., "ESET {productname} vX.Y.Z released".

    I looked at the Details tab for several MSI packages, and it seems that a GUID-looking value is used in the Revision Number field, which is probably more advantageous for machine-based sorting than being a human-readable value. I did note that there is a Comment field as well and will ask ESET's developers if a version number could be stored here (it is unclear to me whether this information is stored in the actual MSI package or in the ADS associated with the file).

    Regards,

    Aryeh Goretsky


     
  5. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    I am feeling really stupid. The version is displayed in plain sight, "Version: 4.2.64.12," left of the download link on the download page (http://www.eset.com/download) after the user has provided a username and password. I don't think anything needs to be done to improve visibility.
    I don't know where that changelog is, and I don't bother with RSS feeds because I'm drowning in incoming information already. But the "stickied" post, at https://www.wilderssecurity.com/showthread.php?t=279806, announces version 4.2.64, not 4.2.64.12.
    I don't know what an MSI package is (unless it is tech-speak for an .msi file), but in my .msi files properties, Digital Signatures tab, Details button, General or Advanced tab, I could find a serial number but not a Revision Number, and not a comment field.

    I have many more .exe installation files than .msi installation files, so I naively expected the .msi files' properties to have a version number tab just like the .exe files do.

    By inspiring me again to look at ESET's download page, I now have the full version number.

    So long as ESET keeps that information right where it is now on the download page, that's all I (and I think any other user) need.

    Thank you very much. My apologies for being so unobservant that I wasted your time.

    Sincerely, Roger Folsom
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,441
    Click Changelog below the respective product name on the download page:
    Version: 4.2.64.12, File size: 37.88 MB, Manual, Quick Start Guide, Changelog

    At least you can search for MSI_PRODUCT_VERSION in a msi package to determine the version number quickly.
     
  7. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,034
    Location:
    California
    Hello,

    On download pages, there is a clickable link to the changelog on the same line as the version number. Around the 4.2 release timeframe, ESET started using the last set of digits in the version number (the "12" in 4.2.64.12, in this case) to denote incremental updates where actual program functionality did not change. For example, a builds in different languages, or re-releases where a change had been made to fix a typo in online help, a new address or phone number for local support and so forth. As such, these last bits of the version numbers may not be mentioned in the release announcements. They should, however, appear in places like the download pages.

    By ".MSI package" I meant ".MSI file." Apologies for any confusion; I tend to use the terms interchangeably, since an MSI file is a packaged installation for a program. When I looked at MSI packages files to determine what data was present on the various tabs in the Properties pane, I looked on a computer running Microsoft Windows 7. If you are using an older operating system, it is possible less information is displayed). The exact information which appears in the Details tab of the properties pane varies by filetype. For example, an .MP3 file's Details tab show information about the album, artist, bitrate and so forth.

    No worries. Glad to be of assistance.

    Regards,

    Aryeh Goretsky


     
  8. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    Found it. Thank you.
    Using the download file for NOD32 v4.2.64.12 as a test, I don't find a search capability. It may be there, but following a remark from Aryeh Goretsky's message #358, I suspect the reason I can't find it is that I am using Win2kSp4.
    Nevertheless, I'm happy now that I know that the complete version number is available on the download page.

    Thanks for the help.

    Roger Folsom
     
  9. rnfolsom

    rnfolsom Registered Member

    Joined:
    Nov 9, 2005
    Posts:
    247
    Location:
    Monterey, California
    Thanks for the reminder about the last set of digits. Actually, you said something similar in thread NOD32v4.0.474 Installation Questions message 21, where you described the last two digits as "trivial." But I had forgotten that. I think the "trivial" descriptor is a good one, as were your other descriptors.
    All of that applies to me, because at least for now I am sticking with Win2kSp4. And for an .msi file (from Eset or others), after right clicking the filename to get Properties, the tabs are: General, Digital Signatures, Security, Custom, and Summary --- no Details tab (although there is one under Digital Signatures).

    However, in the NOD32 v4.2.64.12 installation file, by looking at the Summary tab more carefully, I did find the Comments field (there were none) and the Revision Number {566C9F11-BF76-4D1E-A131-FAD4DA1B54D2}.

    A New, Off-Topic FYI: In the Strange NOD32 alert thread about mysterious ghost warning flags (for examples, see Gaslad's initial May 11th post on page 1, and throughout the thread see siljaline's posts and also others), on the third page there is some evidence that the problem began with NOD32 v4.2.64.40 (although that's not certain, because not everyone who has the problem has mentioned his version number). But there is one contributor, Jim Willsher, who has not experienced the problem even though he is running a significant number of NOD32 v4.2.64.12 computers.
    Although the problem doesn't affect me yet (I'm still running 4.0.474.0), I attempted to guess the source of Willsher's success. If that interests you (or anyone dealing with this issue), in particular on page 3 see messages 77-80, 83-86, 88, 90.

    No need to respond to any of this. Thanks for your help.

    Roger Folsom
     
  10. darkzeus

    darkzeus Registered Member

    Joined:
    Oct 14, 2010
    Posts:
    4
    hello all,

    actually i want to some change in sysrescue, sorry if i am request in wrong room. when i scan using sysrescue, all file that quarantined by sysrescue was permanently deleted. is very risk if the file is false positif from eset. maybe when i using sysresue we can change location of quarantined folder, and if some file deleted by eset. We can restore form that folder.


    thanks
     
  11. yaslaw

    yaslaw Registered Member

    Joined:
    Feb 27, 2005
    Posts:
    168
    Location:
    Poland
    IMHO nod does need to have some kind of cache - whitelist mechanism. Now all files are constantly scanned but most other vendors choose diffirent approach (avast, norton, avg, panda, f-secure and kaspersky), and scan only files that are unknown/without digital signature/doesn't belongs to OS /changed their content). I guess that could have a huge impact of performance.
    Now nod is a light av despite the fact that its scanning enormous amount of file all the time, but with this cache included it would be absolutely top performer.
     
  12. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,441
    It's already there. Currently you need to enable pre-release updates in addition to enabling smart optimization for a particular protection module in the program setup.
     
  13. yaslaw

    yaslaw Registered Member

    Joined:
    Feb 27, 2005
    Posts:
    168
    Location:
    Poland
    Didn't know that thanks Marcos for update.
    "Intelligent optimalization" - this is the option that you are talking about?
     
  14. Habakuck

    Habakuck Registered Member

    Joined:
    May 24, 2009
    Posts:
    544
    What i would like to see in v5...

    Hi @ all.

    I would like to see a really good gaming mode in v5!
    Not the stupid stuff that only disables the popups an so on.
    More like the gaming mode which is implemented in Bullguard.
    You can configure gaming profiles and define that the AV should switch to on-execution mode if the game is running and/or disable web traffic scan, exclude the game directory from beeing scanned and much more!
    That is absolutely great!

    NOD32 has such a fast engine, combined with a gaming mode like that it would be perfect for gamers!


    And i would like to see a good Behavior Blocker! Anything like Norton's ex AntiBot (AVG's ID Protection), Threatfire or NovaShield (Bullguard).


    If you would implement those features in your already very good smart security your product would be perfect! :)
     
  15. dr pan k

    dr pan k Registered Member

    Joined:
    Nov 22, 2007
    Posts:
    204
    the usb feature BLOCK REMOVABLE MEDIA should be some how more evident in the gui.

    i realized i couldnt access any usb mass storage and it took me 2 days to remember there was such an option and i had it enabled. in the mean time i was removing all previous progs installed cause i though i had some sort of conflict, after trying all possible ways of getting access to my usb...

    my suggestion is to create an indication on the main screen of the gui with the possibility to enable/ disable the option
     
  16. rolarocka

    rolarocka Guest

    A whitelist cache that survives a reboot and a virus definition update.
     
  17. Habakuck

    Habakuck Registered Member

    Joined:
    May 24, 2009
    Posts:
    544
    Boah. I won't use that at all! That would be light-headed. :ninja:

    Btw.: Set up an exclusion and you have your persistent whitelist.. ;)
     
    Last edited: Nov 13, 2010
  18. tanstaafl

    tanstaafl Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    207
    Yes, this is a huge problem...

    To reiterate... this won't really become useful for me (and everyone I know) unless/until it is possible to distinguish between IDE/EIDE/SATA based CD/DVD-ROM and USB devices, *and* USB devices can be further distinguished as to MEDIA devices, and USB printers, keyboards and mice.

    The best way for this to be implemented would be to have the following options under the "Removable media" section:

    [ ] Block floppy & IDE/EIDE/SATA based CD/DVD-ROM media
    .....[ Exceptions list... ]
    .....[x] Allow read-only access
    ..........[x] Use advanced heuristics on executing files

    [ ] Block all USB access
    .....[ Exceptions list... ]
    .....[x] Allow USB printers, keyboards and mice (access to any card
    ..........readers that might be attached to them will still be disabled)
    .....[ ] Allow read-only access
    ..........[x] Use advanced heuristics on executing files

    Options with the [x] should be the defaults... ie, if the parent option is enabled, the sub options should be enabled by default.
     
    Last edited: Nov 15, 2010
  19. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,034
    Location:
    California
    Hello,

    Your enhancement request has been forwarded to project management. Thank you for the suggestion!

    Regards,

    Aryeh Goretsky


     
  20. PhoenixUA

    PhoenixUA Registered Member

    Joined:
    Jul 16, 2008
    Posts:
    13
    +100500
     
  21. tanstaafl

    tanstaafl Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    207
    This is by far the most important problem that needs to be resolved for me right now...

    Apparently this feature already distinguishes between USB MEDIA devices and non-media devices like printers, keyboards and mice? Or at least that is what someone else said in a different thread (haven't had time to test it yet).

    But what about USB printers or keyboards that also have media card readers built into them? Does enabling this allow the use of the device *minus* the card reader capability? I don't have one of these to test...
     
  22. Matthijs5nl

    Matthijs5nl Guest

    It really is time ESET is going to disclose some information, atleast for me. My current NOD32 Antivirus license ends mid-January. The differences between NOD32 Antivirus and Smart Security in version 5 will be decisive for my decision to renew my current license or upgrade to Smart Security.

    What we know until now:
    • NOD32 Antivirus;
    • Smart Security = NOD32 Antivirus + Personal Firewall + Antispam + Parental Control (in version 5).
    If that would be the case I would just stick to NOD32 Antivirus, but what if Smart Security gets an additional feature (related to protection though, Antispam and Parental Control are not related to protection in my eyes)?

    So please, ESET, to keep a loyal customer satisfied; there are two options:
    1. disclose some proper information about the new version within a month, the argument you don't want to disclose information before you are sure it is included is not legit anymore, because of the development time invested upto now;
    2. give us a Beta in a month.
    Option 1 seems to be more close to the reality.
     
    Last edited by a moderator: Dec 3, 2010
  23. tanstaafl

    tanstaafl Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    207
    o_O

    Did you not know that your license allows you to install either one?
     
  24. Woodgiant

    Woodgiant Guest

    Hello tanstaafl
    If you have a Ess 4 licens you can choose between to keep Eset Smart Security or go for Nod32 not the other way around.
    Best Regards :)
     
  25. tanstaafl

    tanstaafl Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    207
    Right... I've had it for so long I had forgotten...
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.