Using
-
Posts
23 -
Joined
-
Last visited
Posts posted by Using
-
-
Well there is ESET KB article with more details kb3509. SysRescue was tested under Windows 10 but still not officially released, some issues might arise during use. Not exactly stated there if Live USB/CD Creator affected too.
-
Live CD/USB creator download page claims the creator was for Windows version up to 8.1. Really not compatible with Windows 10? No hints in user guide.
-
I invested in purchase of the 5 years duration license pack for up to 5 devices each device of any platform and os type. I use two of them on Linux however regretting this invest as Linux version of NOD32 receives highly infrequently updates and it is unclear how well can Linux version detect threats in file formats typical for Windows platform (executables, other binaries, Microsoft Office documents, other). Scanning files for Windows on my Linux machines is major use-case. There is also great debate in public on efficiency, conflicts with Windows native design of AV solutions generally, this regarding my invest for Windows based machines.
-
I know Vista is end-of-life and this topic quite vantage.
I have migrated to current Windows version, and Vista had been converted to virtual machine (isolated from I-net and got rid of software showing extraordinary frequently security gaps) just for the case user will like to have a short look how some stuff was used, was running, looked like in the days as regular/production job was done on Vista.
Problem described in this thread is not solved. Unfortunately all hints given here miss the problem.
So i like to reword the issue once again.
Usually when someone starts the on-demaind scan some kind of NOD32's graphical feedback comes up on screen. Here in this case such feedback is missing. No feedback received confirming that NOD32 conducts the ordered scan. Additionally NOD32 icon in system tray is not present (from OS start time on), even it is not under hidden system tray icons. If to proceed in following way and sequence the on-demand scan works fine: start the on-demand scan (as always - from file's to be scanned contextual menu) then start ESET gui from Windows Start Menu.
-
I know Vista is end-of-life and this topic quite vantage.
I have migrated to current Windows version, and Vista had been converted to virtual machine (isolated from I-net and got rid of software showing extraordinary frequently security gaps) just for the case user will like to have a short look how some stuff was used, was running, looked like in the days as regular/production job was done on Vista. Problem
-
Thanks for your input. Actually my concern is quite different. Please accept my apologize for not been accurate enough.
I afraid NOD32 for Linux operating on Linux does not conduct real scan if the file is an exe (executable built for Windows).
This conclusion raised from observation that a tarball file of same size takes significantly longer.
Put in other words, for instance to apply any kind of heuristics on Windows exe files NOD32 needs to emulate Windows
environment in some extend. If I am right (???) it is a question of feasibility.
-
The behavior described below have being observed since Ubuntu 14.04 LTS and keeps to exist with Ubuntu 16.04 LTS.
Described behavior is encountered only while NOD32 AV for Linux Desktop is installed, 4.0.82.
Used setup is a Ubuntu virt. machine running on VirtualBox or VmWare Fusion, in both cases problem reproducible.
After the OS shutdown have been initiated by user from Ubuntu gui or from shell
frequently OS needs very long time to complete shutdown, it seems to been got stuck in Ubuntu shutdown screen.
How to fix it?
-
and syslog is filled with messages from esets_gui, esets_daemon, systemd, and others:
warning: Cannot read from socket: Resource temporarily unavailable
error: Cannot get setup from daemon: Daemon closed connection
This or quite similar behavior encountered last few days after had applied updates (security, recommended updates) to OS Ubuntu 16.04.1 LTS.
Plenty of "socket read" errors in syslog. OS (a virt. machine) poorly responsible. Got rid of these problems by uninstalling NOD32 for Linux.
Since that removal no AV solution installed till now.
-
This machine is provided with latest updates.
If it was an issue of hidden system tray icon why the start of on-demand scan does not result in any reaction too,
no sings of on-demands scan start got, see initial post?
As mentioned on-demand scans work if to start nod32 from start menu in prior of this.
If ESET service was not running would this work?
-
NOD32 AV does not auto-start after had completed the upgrade from 8.x to 9.x.
Currently the last official 9.x release installed.
Host OS is Vista 32 Bits.
Before the upgrade NOD32 AV auto-started without any problems.
Use could interact with it via the system tray icon.
Now the icon is not there.
Furthermore, if to invoke on-demands scan for some file(-e) or folder(-s)
by file/folder right-click NOD32 AV does not give any signs of life.
All is fine if to start NOD32 AV manually from Start menu, also on-demand scans
work in that case.
Please help.
-
Is it a good, or just in opposite, a bad idea to scan exe files (executable binaries for Windows family platform)
using the Linux version of NOD32 AV?
One can see that such scans take a tiny fraction of one second (unable to observe the scan in progress) while a scan of tar ball
of similar size needs noticeable time.
-
To be honest it's not the user's concern where the reason is placed.
Can not follow back in short time what the use case were. However, we can remember
the feature had to be disallowed cause to often the addressed issue as obstacle in daily work.
-
I guess once in the past, yet in the days of 7.x or 6.x major version of ESET security products for home user
there was an issue with SSL protocol filtering and Firefox.
An issue in that way both together did not comply.
So in the end effect for users who use Firefox as standard browser the SSL protocol filtering was practically useless.
How does it look today in this regard? I mean if to take ESET security products with 8.x major version for home users
and Firefox/Thunderbird of current official builds. Still not compatible?
-
Thank for your hint!
Is this the best solution for these probs?
Unfortunately no signs in the web of similar probs on pc's of other jzip & nod32 users?
Are we alone?
-
jzip crashes on every zip archive access due to nod32 positive founding alertjzip is the only application on our two pc's for handling the zip archives.NOD32 AV of the latest current release build 7.x.x.x is used on those pc's as well.jzip crashes on opening of every zip archive. The crash is always accompanied by nod32 av positive finding error.So the user's impression is the jzip crash occurs due to the positive founding alert of nod32 av.The problems do not occur if to switch off the nod32 av real-time protection.Why must these crashes be?Attached are logs produced by nod32 AV.
-
Thanks for information.
Pre-Release udpates had been enabled temporarily in order to perform the
Internet protection update to 1092.
Following that "check for for product update" button was pushed.
No reaction.
Only pushing the virus data base update button resulted in huge update, about 40MB.
1. I wonder why the component update is included in db update instead of
in program update.
First trial using virus signature update didn't result in update of Internet
protection component to 1092. I had to repeat this in order to initiate a second
update (signatures) exact big as the first one. Not until the second trial was
completed the Internet Protection module showed 1092.
2. I wonder where does this behavior come from.
Now I can open https://forum.eset.com by following a link from to this discussion\
-
Thanks so much!
I wish I had more knowledge about how the system looks when ssl filtering is enabled.
I could then better decide which workaround to apply.
As for now, I understand that with ssl filtering enabled the nod32 av emerges as
peer on the side of client machine and communicates with service on another end-point
- the ssl communication based on service certificate.
Than it forwards the traffic to real client using own certificate, the firefox in this case.
Is this working this way in the fact?
-
Thank you for your answers in very short time.
A) Filtering means that the data will be routed to ekrn by ESET's tdi / wfp driver ...
b..) ...This will enable spam filtering as well as scanning email received by the email client regardless of the protocol used.
C) On systems with WFP support, all HTTP(S)/POP3(S)/IMAP(S) traffic is scanned.
D) Probably the only disadvantage of using the local proxy is that you won't be able to make firewall rules for applications communicating via http/pop3 as the firewall will see ekrn.exe as the application initiating the communication.
E) The effect of disabling either of them is that potential malware received via http/pop3 will not be detected by web protection and access to blocked websites will not work either.
A) That's means, no filtering - no scans possible.
b..) Great facility, unfortunately not supported for current version of my mail client.
C) It means, named ports are scanned regardless to used browser.
D) Yeah, I could observe it long time ago, after that given up and used without protocol filtering - not the optimal solution.
One is forced to choose between traffic control or av, malware protection
It seems no improvement possible for systems before WFP.
It must also mean, on systems with WFP such routing is no more necessary.
E) So in my opinion, these two could be reduced to one single option
- "Protocol filtering - Integrate into system", and
- "Protocol filtering - Enable application protocol content filtering"
-
The used configuration is Windows XP SP3, NOD32 AV 7.x latest available version.
Firefox 17.010 ESR
Protocol Filtering is enabled
"Enable application protocoll content filtering" is checked
SSL protocol filtering mode is set to "Ask about non-visited sites..."
Automatic export of ESET... root ceriticate to Firefox succeeded
support.mozilla.org certificate is listed on the trusted cert. - nod32 av
By some reason Firefox is automatically redirecting some http urls to https -
just for information, not an objective of this thread.
Problem occurs with
support.mozilla.org
forum.eset.com
Problem does not occure with
www.google.com
After had the non-https url invoked in address bar and the Firefox's automatic redirection
to https url the browser opens following error page
Secure Connection Failed
An error occurred during a connection to support.mozilla.org.
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: ssl_error_no_cypher_overlap)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.To get those urls working following is necessary
- put Firefox on the list of excluede applications on nod32 side, or
- uncheck "Enable application protocoll content filtering", or
- change to do not scan ssl protocol
Following does not help to get these urls working
- add the url to the list of url excluded from filtering
- to add the url to the list of allowed addrresses
What is the reason?
Why is https://www.google.com not affected?
How to solve the prob, (to disable ssl protocol filtering is not the real solution)?
-
In the description below I am referring to NOD32 AV's web and email modules as
the user manual for advanced configuration use these terms. All this is about NOD32 AV 7.x.
Please help to fill the gaps in my understanding how the relations
and behavior of these modules are.
- user manual is using two terms, "scanning" and "filtering"
What is the difference between them two?
"will be filtered", or "is filtered" - what does this exactly mean?
- email client integration. Does this integration produce just additional
toolbar in the enabled email client and nothing more?
How is the advanced configuration module "email clients" related to
"email client integration" ? No direct relation, just two quite independent modules,
also in their services?
- Some advanced options are not available on Windows versions where WFP
is used. For instance, Web and email clients.
How is then the behavior of "Use HTTPS protocol checking for selected ports"
on thoses systems? It is not described in user manual.
- NOD32 AV seems to use some internal proxy server on systems where WFP
is not available. Where to find more details about reasons, function, purpose
and pitfalls of that proxy?
- How does resulting grade of protection look if to
check "Protocol filtering - Integrate into system", and
uncheck "Protocol filtering - Enable application protocol content filtering"
-
The files are being exclusively used by the operating system, hence access for other applications is denied.
Even if the scan is made on other machine, it means that os is not running?
Actually no files should be open because the os is after shutdown.
-
A system disk was removed from some pc, Vista installed on it,
and put into pc with EAV 6.0.316 installed on it.
So, no files should be open by running os, nor by running application.
A full scan of Vista disk was carried out.
The scan results in several warnings as the attached scan log export.
What is the possible reason of all those
"[4] Object cannot be opened. It may be in use by another application or operating system"
warnings?
ESET contact form not accepting my e-mail address.
in General Discussion
Posted
We have got license for ESET product in HOME product family. However not able to contact ESET as their contact form https://www.eset.com/int/support/contact/ does not accept my e-mail address
which is in my own private domain within .online TLD. Does ESET read this?