high_tide1

So, is this an active threat to my system and information, or something that I can deal with when I have the ability to?

Is Computrace itself malicious, or just unsafe software? Also, was the reason for lack of previous detection an upgrade of the detection signatures in the latest version, or did this PUA just manifest recently?

To answer your questions in the order posed: I do not know what the retail version of ESET was for the 9/1 scan. The log records the detection engine as 17982, but I'm not sure how to translate that into a version number. The latest scan was run with detection engine 18058 The System Startup File Checks are still enabled, and report their last run time as of earlier today. They haven't reported any issues in the past. My computer is an HP ProBook 4540s, where the last shipped BIOS update was on ~July 2017, so I think that rules out a recent update introducing the issue. I've double checked the product specifications, and the laptop ships with Intel AT turned off by default, so I think that may solve the question of how Computrace got there (there by default) It's probably worth noting that ESET didn't detect the Computrace variants as malware, but as a PUA (Potentially Unsafe Application). With PUA detection disabled, no complaints are given on the UEFI. I haven't confirmed whether the same is true for the complaints on the HP Drive Encryption software and the unknown installer (which I believe is related to the HP software), but I would believe so. My main concern with this is whether this is a malicious threat or something that I can put off dealing with. I'm a bit ticked that I have to deal with this pre-loaded software that I don't need, but I'd rather avoid reflashing the BIOS since this is my primary computer, and if it were to be put out of service I'd be screwed. I feel like I'm fairly safe from a local network attack targeting Computrace since I'm behind a fair amount of firewalls and have ESET constantly protecting me, but I'm also paranoid about people stealing my passwords and the like. What would be the best solution here?

Since running a full-system scan yesterday, ESET has complained about detecting multiple Computrace variants within the UEFI and my pre-loaded HP Drive Encryption software, which has been on the computer since I bought it. As my last full-system scan on 9/1 reported no such problems, I'm unsure whether there is a legitimate threat on the system, potentially false positives on ESET's end, or just something that I can ignore all together. In any case, ESET doesn't offer any options for "removing" such a threat from the UEFI, so if this is a legitimate problem, what should I do?

With the laptop, it was previously reporting on an expired certificate whenever I visited reddit or any subdomains. After disabling the SSL filtering and visiting the site again, I get no warning from ESET or the browser. After re-enabling ESET, I get no warning, which is weird as it was previously warning me.

Also, if the router was hacked, wouldn't this occur on every website, and not only one in particular?

Well, I'm definitely hoping that's not the problem. My desktop is in a completely different state (I'm at school currently), so I don't think both WiFi connections would be hacked. The issue is also that it only happens some times, as there was a month or so between when it recently occurred and when it last occurred.

What do you mean by "Overriding Eset's cert. warnings, IE itself through an alert on the cert.." though? I can't make sense of that sentence.

I followed your advice on the previous post. After disabling SSL filtering, Chrome displays no warning. Viewing the develop console, I can see a couple blocked connections, but none of them are what I reported earlier. After re-enabling SSL filtering, I get no warning, so I don't know what is happening. My lapop is configured to use an Ethernet connection, while my other devices use WiFi.

Just to make sure, but doing this won't present a risk to my computer, correct? If Chrome doesnt catch the untrusted certificate, could something happen to my laptop?

Itman, could you possibly clarify on that? I'm a little confused. Why would I need to go through my laptop's stored certificates and do cleaning? Isn't the issue here that the certificate presented isn't valid, and not that a local one is expired? Also, aren't some expired certificates needed for backwards compatibility?

Hello. I recently had a repeat of a problem I first posted on these forums a little under two months ago, where ESET blocked an untrusted certificate on a specific site and machine. Now, I know why the certificate is untrusted (due to having expires around the beginning of August), but I'm still unsure why the problem only occurs on a laptop I own, and no other machine. I've tested the issue across multiple different machines, but despite all having the same browser and ESET settings, only my laptop has the untrusted certificate. In addition, antivirus and aware scans come up with nothing, and the warning in question appears only on a single site, so the problem doesn't appear to be caused by malware or a browser hijacker. The issue is the same as last time, with the certificate being for sync#madnet#ru by madnetex#com, but it doesn't make sense for me why, with the problem being the sane, it would just dissappear for a month and show up again. If anyone could help me with this, I would be grateful, as every time the warning shows I get a little more nervous. Thank you.

Thanks for replying. I realize that reddit uses the *.reddit certificate, and I've validated that information is what reddit uses. I was confused as to why ESET only detected that certificate on reddit.com when it failed to do so on any other computer I had visiting reddit.com as well, nor had it done so until recently. The problem only occurs on reddit.com.

Hey everyone. Folks over at BleepingComputer.com sent me over here for some help with a problem I've been having recently. Whenever I visit reddit, or any subdomain, since 9/14/2017, I keep getting an untrusted certificate warning for sync.madnet.ru, which requires me to keep blocking every time. The certificate itself seems to be issued for madnetex.com, by the Let's Ecrypt Authority X3 from April to July-ish. This issue, though, only seems to appear on my laptop, while my desktop and phone, which both also use ESET, experience no such issues when visiting the same site. I'm unsure of what the exact issue is, but it only occurs on reddit, and it worries me if something else would be wrong on my laptop to trigger it so.