Smart Security 4.0.417.0 - Full of bugs?!?

Discussion in 'ESET Smart Security' started by MindTwisted, Apr 12, 2009.

Thread Status:
Not open for further replies.
  1. MindTwisted

    MindTwisted Registered Member

    Joined:
    Apr 12, 2009
    Posts:
    15
    O/S - XP SP3
    Eset Smart Security v4.0.417.0
    ----------------------------------
    Virus signature database: 4002 (20090411)
    Update module: 1028 (20090302)
    Antivirus and antispyware scanner module: 1206 (20090409)
    Advanced heuristics module: 1092 (20090309)
    Archive support module: 1092 (20090324)
    Cleaner module: 1040 (20090401)
    Anti-Stealth support module: 1010 (20090302)
    Personal firewall module: 1045 (20090325)
    Antispam module: 1011 (20090114)
    SysInspector module: 1211 (20090325)
    Self-defense support module : 1005 (20081105)
    ----------------------------------

    Bugs found after two frustrating days of use:

    1) Thunderbird doesn't open properly anymore, ESET blocks loading of the program. The process launches, but no GUI is shown. Brilliant work ESET.

    2) Random sites being totally blocked by firewall for no good reason (google, yahoo, etc.) This only happens when firewall is enable, disabling firewall allows sites to load. I can only access Google about 50% of the time now.

    3) Intermittent periods of time where ALL internet traffic is blocked, for no distinguishable reason. My entire network was blocked until I rebooted this morning...eset firewall was to blame.

    4) Trying to upgrade from 3.x to 4.x is a nightmare, among other problems, the ESET service doesn't get uninstalled OR turned off during uninstallation. It took me 4 tries to get this software installed because it couldn't properly upgrade without a ton of user intervention. 4.0 didn't seem to know how to uninstall 3.0, lmfao. Norton is easier to deal with than this , and as we all know Norton sux. I've used every major a/v scanner on the market in the last 15 years, never have I had this many problems with any of them!

    5) No tooltips?!? In the advanced settings, with hundreds of cryptic settings, there aren't any tool tips to explain what all the settings do. Are you kidding me? Do you expect your customers to go online, look up, and memorize every last option and setting? Don't be lazy, this program desperately needs tooltips! This is a bug because is prohibits the user from using the firewall effectively.

    WTF! How nice of ESET to beta test on paying customers. Fix this pos firewall or give me my money back! BUGGIEST firewall A/V package I've used in the last 15 years :oops:

    I'm not a noob, don't give me stupid noob suggestions. Don't tell me to disable features of the firewall to make things work...I didn't pay $60 to disable the freakin' program! This firewall a/v package, at best, is still in its beta stages, and ESET has no business selling this pile of crap until these bugs are fixed!

    Is there a STABLE release of smart security 4 out there, or all they all as buggy as 4.0.417? Installing this software hurt my PC security, handicapped my email, and destabilized my system...what a terrible programming job! Unless this plethora of bugs is fixed immediately, I'll never buy another ESET product again!
     
  2. DarrenDavisLeeSome

    DarrenDavisLeeSome Registered Member

    Joined:
    Mar 23, 2009
    Posts:
    315
    Location:
    Riverside, CA U.S.A
    Yes. The lastest release of ESET Smart Security 4.0.417 is full of bugs. Not much noticeable changes from the previous build on my end (Build x.0.314.0)

    Couldn't agree with you more, even though I experienced only minor (almost trivial) issues myself. This is gonna nip ESET where it hurts.

    No. You might be better off sticking with v3.


    P.S.
    The download is not an upgrade per se. You have to uinstall any previous AV/Security suite OR version of ESS (using the same installation package that you used to install the earlier version is the best way) before installing the newer version.
     
    Last edited: Apr 12, 2009
  3. Temp Member

    Temp Member Registered Member

    Joined:
    Mar 28, 2009
    Posts:
    263
    Location:
    Glasgow
    No there is no stable v4 builds.
     
  4. silverfox55

    silverfox55 Registered Member

    Joined:
    Apr 28, 2008
    Posts:
    97
    Location:
    The Original Washington
    Install ver3 until sometime next year or there after. Maybe it will be fixed then, just maybe that is !!!!
     
  5. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    I think you're blowing it a tad out of proportion ;)
     
  6. The PIT

    The PIT Registered Member

    Joined:
    Sep 4, 2008
    Posts:
    185

    Or perhaps not.

    Got to admit I'm very surprised how buggy V4 is.
     
  7. MindTwisted

    MindTwisted Registered Member

    Joined:
    Apr 12, 2009
    Posts:
    15
    Thank you for the replies...I'll downgrade to a stable v3 build for now.

    ------------------------------

    To any ESET admin or mod that might care:

    If downgrading ends up being the only solution to these problems, rest assured that I will never purchase anything from ESET again. They'll get added to my blacklist along with Norton, McAfee, Zone Alarm, and the other b.s. firewall a/v programs that are overpriced and don't work properly. Each year, I recommend firewall and a/v solutions to dozens of friends and family; and they won't be buying again from ESET either.
     
  8. bodgy

    bodgy Registered Member

    Joined:
    Sep 22, 2005
    Posts:
    2,387
    Location:
    Qld.
    Feeling in a pedantic mood this morning :)

    I think a lack of tool tips is an oversight, whereas a bug is where something unintended happens when attempting to perform an action that was intended. :)


    In the log is it the incoming packets from Google that are getting blocked or the outgoing?

    Although I no longer get blocked outgoing packets, and there is nothing in the log, I do occasionally get very slow response when using Opera 9.64 (on XPsp3), but if I open up IE8 everything is fine. I wonder if Opera (which has its own quirks) is causing the live threat checking to be super thorough. Having said that the problem is not so obvious on my Vista system.

    Colin
     
  9. MindTwisted

    MindTwisted Registered Member

    Joined:
    Apr 12, 2009
    Posts:
    15
    Bug OR lazy oversight; bad programming is bad programming...call it whatever you want...it isn't worth the $60 ESET is charging for their beta software.

    When Google is blocked from loading, the log entry reads:
    "4/12/2009 2:23:42 PM Detected DNS cache poisoning attack 192.168.1.1:53 192.168.0.100:53878 UDP"

    ^^Now this, of course, sounds like total old-fashioned nonsensical b.s. to me...it sounds like ESET can't tell the difference between my Linksys router trying to assign DNS via DHCP to my pc, and a hacker that is attempting a "DNS cache poisoning attack"...another charming bug I assume?

    In general, the firewall is randomly and inconsistently blocking web sites, most frequently/noticeably with Google...most likely due to incompatibility bugs with my router. Not to mention the two episodes this morning when it was blocking ALL internet traffic...had to reboot (twice)to fix those problems (and yes, I made sure that I didn't have the firewall set to block all traffic, it was in filtering mode and was still blocking everything).

    ESET YOU RUINED MY EASTER :mad:
     
  10. silverfox55

    silverfox55 Registered Member

    Joined:
    Apr 28, 2008
    Posts:
    97
    Location:
    The Original Washington
    No they don't. It does not matter how many people post here, there are enough mugs who buy the system and then move on because it does not work out of the box like it is supposed to. Then you have the people who DO care and ESET just accuses them of being a 'one off ' or takes no notice of them.
    I just wonder if ESET will ever 'stumble upon the fix' or wake up from the trade fair and say ' oh!!!!! is something wrong with our incredibly brilliant product' and then go back to sleep.
     
  11. bodgy

    bodgy Registered Member

    Joined:
    Sep 22, 2005
    Posts:
    2,387
    Location:
    Qld.
    Maybe the reason I no longer get the PC to Router blocking is because I've disabled the DNS poisoning attack option, but then on my laptop it is enabled.

    Also Tool Tips are working on both my systems, which doesn't help you other than, the reason for them not appearing is more complex on your system.

    Colin
     
  12. cssoz

    cssoz Registered Member

    Joined:
    Apr 11, 2009
    Posts:
    79
    my other PC uses v4.0.417

    i have no problem with it @ all! (XP SP3)

    also you should always fully uninstall NOD32 v3 (or older version) with software like Your Uninstaller! 2008 to get rid of registry keys, and left over stuff BEFORE installing the new one
     
  13. Temp Member

    Temp Member Registered Member

    Joined:
    Mar 28, 2009
    Posts:
    263
    Location:
    Glasgow
    Peeps ain't dumb, I cleaned it further than most users would even know how to and if I thought standing on my head while holding my breath would fix it I would. :p

    Again I read both your recent posts and can see you love ESET so no further comments needed. :rolleyes:

    P.S we all are to blame (end users) its not ESET but our PC's to blame same as the 3 buggy builds after v3 .650 stable build that miraculously worked on the build after that. :D
     
  14. DarrenDavisLeeSome

    DarrenDavisLeeSome Registered Member

    Joined:
    Mar 23, 2009
    Posts:
    315
    Location:
    Riverside, CA U.S.A
    These "poisonings" are more related to your ISP's DNS system. The whole DNS naming system wasn't initially developed with security in mind and have often produced "unintentional" cache poisoning situations. These situations are often produced when using Transport Layer Security (formerly known as SSL) through a DNS. Routers often send these "poisonings" back to the system(s) that they originated from and ESET's SS firewall is picking up on that, more than likely as an oversight.

    I can only assume that when you are going to Google that you might be going to a secured server for...email or banking perhaps??
     
  15. Iagree

    Iagree Registered Member

    Joined:
    Apr 13, 2009
    Posts:
    1
    I couldn't agree more. I'm an old eset user, and i can't believe they haven't learned from the V3 launch. I recognize the problems, google dies on me as well from time to time with V4. It never did that in V3.
    I'm also a thunderbird user, and V4 does indeed cause some problems. I have to kill the thunderbird process, and start it again to get it working.
    I also noticed some firewall anomalities, inaccurate speed readings and such.

    Anyways. I did an upgrade on the latest V3, so i thought this possibly could be the culprit. I then did a complete re-install of windows, installed intel chipset drivers, SP3 and then tried to install V4. It worked fine until the last or second last step, but then the installation froze, and completely crippled windows. Nothing worked, so about 10 minutes later i did a reboot, which said eset wasn't properly installed. Now, i'm not a rookie either, and i know my hardware which is stable. 58 hours of prime torture test, intel stress test, UDR3 mobo, seasonic psu and etc.
    Granted a re-install takes 15 minutes, i have had enough of V4. I have just re-installed windows again, but i'm not going to bother with V4 anymore.
    I think we again can expect 6-9 month, before V4 is in the state it should have been at launch.

    Cheers
     
  16. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Actually the problem with DNS cache poisining is being investigated. It looks it occurs under the following circumstances:
    1, have a service with multiple servers (e.g. Gmail, Google, etc.)
    2, if a response from your prefered DNS server times out, the computer queries the alternate DNS server
    3, a response is sent from both DNS server, each resolving the address diffently and your computer obtains different IPs for the same address which is deemed the DNS cache poisoning.

    We haven't been reported this problem until recently so it takes some time to investigate it and find a solution/workaround. To confirm our theory, you could try using an IP address (e.g. Google uses 209.85.135.xxx) instead of the dns name.
     
  17. patch

    patch Registered Member

    Joined:
    May 14, 2007
    Posts:
    178
  18. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Don't assume that thre's one and the same reason for any cache poisoning or port scanning attack detection. From the technical point of view the problem with Google is ok as the firewall evaluates different name resolution from different DNS servers as DNS cache poisoning so we just need to find a way how to recognize when it happens due to a time out of the prefered DNS server. Another problem was with ARP cache poisoning when the firewall detected and blocked uninitiated ARP requests from outside the Trusted zone. Again, this was not a false positive although it seemed so. I've also run into a case when the firewall was preventing the user from printing on a network printer. Eventually it turned out to be the printer which produced udp port scan attacks so no FP again. Every case needs to be investigated carefully as the reason for blocking communication may be different. If you have a problem with the firewall blocking certain attacks, do the following:
    1, disable as many network-aware applications not necessary to replicate the problem as possible (e.g. instant messengers, email clients, browsers)
    2, create 2 logs using Wireshark. One with the firewall disabled when the problem does not occur and one with the firewall enabled.
    3, send the logs to support[at]eset.com along with a description of the problem and your network and system configuration (include information about the router/firewall you use). Also enclose a SysInspector log from the affected system.
     
  19. patch

    patch Registered Member

    Joined:
    May 14, 2007
    Posts:
    178
    Have a read through the above threads.
    If you still think ESS doesn't have a long standing issue with false DNS attacks then I wish you luck selling it to someone else. As that would signal to me that it is time to move on.

    For beta software loaded on a test system, when I'm in the mood to debug software I would agree with the recommendations.
    Otherwise using alternative software while intermittently watching the forum for evidence that at least some of the issues have been addressed is a better alternative.

    Marcos it comes down to reputation & trust.
    ESSET choose to sacrifice it for an expedient release of V4. Unfortunately regaining it is much more difficult than loosing it.
     
  20. JohnPlayer

    JohnPlayer Registered Member

    Joined:
    May 29, 2007
    Posts:
    53
    Location:
    Hertfordshire UK
    On a clean install of XP Pro SP3 I've been running 4.0.417.0 for over 24 hours with no problems at all.:) I just installed out of box, so to speak, and all works fine.
     
  21. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    Well my corp was looking at and trying ESET and after the horrible system performance we got with 4, they eventually went with Symantec Corp 10 (No Endpoint since no need for softwall).

    One of the major gripes was support, after 6 "test support response ticket requests" we got no replies for days or some went w/o a reply at all.

    That of course made me look like an ass since being a NOD 2.7 user I initially recommended the corp to look into NOD...(Now you know why i was soo pissed on NOD and telling them to get their **** back together, I was hoping that they will fix it, they were being evaluated for a 10k+ seat Agency wide lic). That was the reasons why I kept asking about comparissions between 2.7 and 4.0, was hoping that there was no real detection change...but there apperently is. And I can't give a correct justification to use a 2.7 (3 year old) stable version vs. a buggy 4.0 even when detection comes to light.

    Well I guess that what a company gets when they rush things to market wanting to compete with all the "New year AV version Releases 2009 etc etc etc" .
    10k might not be much, but at least it would have been a nice foot in the door.

    Oh well, live and learn, maybe next time they will actually listen to the customers before sending out a half baked Version.


    P.S.
    Symantec Replied within 2.5 hours on their e-mail and directly on their chat and phone...and they actually worked on weekends and provided custom removal instructions.
     
  22. MindTwisted

    MindTwisted Registered Member

    Joined:
    Apr 12, 2009
    Posts:
    15
    Nope. Secure servers don't seem to have anything to do with this problem. When I complain about Google not loading, the only internet connection open is the one to Google...no other servers are involved. The problem is that ESET cannot tell the difference between a DNS cache poisoning attack, and normal router/DHCP/DNS interaction...for some reason it affects Google more than other sites. Yesterday I had to switch my DNS servers over to opendns, rather than have my ISP's DNS info pass along via my router's DHCP. That temporarily fixed the problem, but is a major inconvenience due to ESET's terrible programming work on v4.

    AND it has been over 48 hours without any response from ESET's technical support department...not that they have any idea what they're talking about anyway :p I'm sure they'll just tell me to disable some important part of my firewall...they like to do that, "disable this", "disable that"...lol It's the only way they know of to make error messages go away, just disable the whole damn firewall A/V package.

    The best way to fix ESET errors seems to be to use a different company for your a/v software...anyone have any luck with Trend?
     
  23. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    From personal testing I would not recommend TREND.
    Good support but horrid detection.
     
  24. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,728
    Location:
    Texas
    Stay on the topic of ESET products in their support forum. In addition, if you have commented on a particular problem using the software in the past, do not continuously enter threads with the same comments. They will be removed.

    Wilders is a free forum to use, not abuse.


    This thread is closed unless ESET cares to comment further.
     
    Last edited: Apr 13, 2009
Thread Status:
Not open for further replies.