Smokey's Security Weblog

veritas odium parit

Warning: don’t use any ESET NOD32 V4.x Antivirus product together with Windows Vista SP2 or Windows Server 2008 SP2

The story: numerous ESET NOD32 V4.x Antivirus product customers reported severe problems after install of Service Pack 2 Windows Vista and Windows Server 2008. First reports showed up begin of May 2009, and at the moment I write this post these reports still continue. Embarrassing: the total lack of feedback from ESET regarding the issue. Like I today already wrote on DSLReports, looking at all the threads and posts in their own support forums regarding the severe Service Pack 2 related problems, like e.g.system crashes, BSODs aso, and the fact that (apparently) ESET refuse to communicate with their PAYING customers about the SP2 related occurances, it is evident that ESET will lose customers. Even worse, their name and products will be scratched. It is a pity because ESET have fine products.

Finally today an ESET employee made a short statement on their support forum, almost 1 month after the first reports were produced:

“An issue with ESET’s V4 software and Service Pack 2 for Microsoft Windows Vista and Windows 2008 has been identified and the developers are working on a solution for it. Currently, I do not have any information about when it will be available or what form it will take, but as soon as more information is available it will be provided.”

Again, 1 month after the first reports were produced. And, even more embarrassing, Service Pack 2 RTM for Windows Vista and Windows Server 2008 are released and ESET is not able to offer fixed software that will solve the severe problems related to Service Pack 2.

ESET, this is bad, really bad. You can’t treat your customers with such incredible arrogance and ignorance.

Considering all disgraceful facts, to me it is a pleasure to grant you the famous Smokey’s Security Weblog 2009 Hall of Shame Award.

My sincere congratulations with this valuable Award!

Smokey

Update 2009-05-30, additional info provided by ESET

“Just to let you know, the web pages ESET posted on the matter have been revised, problem explanation and FAQ (Newsbulletin): http://kb.eset.com/esetkb/index?page=content&id=NEWS30

Provides workarounds (Knowledge Base article): http://kb.eset.com/esetkb/index?page=content&id=SOLN2254

You may want to bookmark these web pages and check them periodically as they will be updated iwth additonal information as it becomes available.”

Update 2009-06-02: ESET patch available to solve the ESET NOD32 V4.x Antivirus products compatibility issues related to Service Pack 2 Windows Vista and Windows Server 2008

A spokesman of ESET just informed me they have a patch (an updated Anti-Stealth module, v1012, build date 20090526) ready to solve the ESET NOD32 V4.x Antivirus products compatibility issues related to Service Pack 2 Windows Vista and Windows Server 2008. According to ESET, right now it is still being tested but they are not aware of any issues or problems from users who have installed it on their Microsoft Windows Vista/Microsoft Windows 2008 systems with SP2 on them.

To obtain the patch, open the ESET user interface, press F5 to open the Advanced Settings window, select Update in the left pane, then Advanced Update Setup in the right pane and check Enable Test Mode at the bottom of the window.

The next time the client performs an virus signature database update, it will also download the updated Anti-Stealth module. If you are running ESET Smart Security, an updated Firewall module will also be downloaded for testing (it contains some other fixes and updates unrelated to the SP2 issue).

Update 2009-06-04: ESET Smart Security v4 and and ESET NOD32 Antivirus v4.0 compatibility update for Vista/Server 2008 SP2 – The fix has moved into production

Statement ESET

Testing of the new Anti-Stealth module to improve compatibility between ESET Smart Security and ESET NOD32 Antivirus v4.0 and Microsoft Windows Vista / Windows Server 2008 Service Pack 2 has successfully completed and distribution has begun. The updated module will be downloaded automatically when a virus signature database update occurs in ESET Smart Security and ESET NOD32 Antivirus.

After the update is downloaded, the entry for the Anti-Stealth module in the About window for ESET Smart Security and ESET NOD32 Antivirus v4 will appear as Anti-Stealth support module: 1012 (20090526). The update is also installed if your Anti-Stealth module has a newer version or release date.

If Anti-Stealth was disabled as a temporary workaround, re-enable it by opening the ESET Graphic User Interface, pressing the F5 key to open the Advanced Setup window, selecting Antivorus and Antispyware in the left navigation pane and enabling (checking) the Enable Anti-Stealth Technology option in the right pane.

Source: Wilders

Possibly related posts: (automatically generated)

May 26, 2009 - Posted by Smokey | Advisories, Alerts, Downloads, Friends, News, Security | , , , , , , , , , , , , , , , , , , | 6 Comments

6 Comments »

  1. I updated tp SP2 blissfully unaware of the nod32 problem. SP2 does indeed break nod32. I tried to uninstall it after updating but it wouldn’t completely remove all the files as the eset services were still running after uninstall. When you to try to stop the service in task manager, BSOD. Grrrrr….I finally got all eset files off my computer and I don’t know if I will reinstall it after this. Very disappointed in eset. How long have they known that SP2 was coming out???

    Comment by Gong | May 27, 2009 | Reply

  2. I understand your feelings of disappointment, and I know that numerous ESET customers are thinking the same way like you do.
    ESET didn’t do their homework in a proper way, you can call it also a crude negligence and customer contempt. And their lack of communication direction customer is condemnable too.

    Comment by Smokey | May 27, 2009 | Reply

  3. [...] Hall of Shame Award is seldom granted, therefore all Awardees need our unlimited attention. Yesterday I already mentioned in short that ESET is Awarded, but till yet I hadn’t the time to make an official [...]

    Pingback by ESET is Smokey’s Security Weblog 2009 Hall of Shame Awardee « Smokey’s Security Weblog | May 28, 2009 | Reply

  4. You guys are not alone.. After updating to SP2 final for Vista today. Eset NOD32 failed to protect system real time defensive. Removal was rather a pain to do, as it lead to safety mode to delete main 2 folders and also removing the services manual. orz

    Comment by Silver | May 28, 2009 | Reply

  5. Same issue. Saw the Windows Vista Service Pack 2 update warning and I upgraded – system rebooted and lo and behold – Nod32 was glowing all red in teh system tray. After some frantic searching on the www, after rebooting to linux, i managed to figure out that it was a long drawn out issue, and hadnt been addressed. As a person working in a firm where we release customer software, i cant see how an issue like this has not been addressed. And me, a 2 year paid customer of nod32. Needless to say, i feel extremely shortchanged. And prolly will NOT be renewing my subscription. Maybe move to Kaspersky or Avira – paid version. Currently, I am running Avast Free, to make do for a few days. That said, nod32 has run very well on my comp for the last 2 years almost. Just seems such a shame ..

    Comment by pigglywiggly | May 28, 2009 | Reply

  6. And going through teh forums, it seems extremely childish to read posts by an Eset employee named Andrew Goretsky who claims he is not able to reproduce the bug on his systems – whereas in fact, it seems to happen almost to everyone. Is Eset’s system testing environment limited to testing by one person?! on 1 pc?! Ridiculous, mate.

    Comment by pigglywiggly | May 28, 2009 | Reply


Leave a comment

« Previous | Next »