pcguy

I have temporarily disabled the option in NOD32 to add the cert into known browsers so as to curtail the pages of these errors in the log files. I totally agree Eset should generate less of a generic error message so that the end user can determine exactly which browser is causing the issue. I have no idea what "browser" here is causing the issue since Firefox is not installed and as far as I can determine Chrome which is currently my default browser has the cert installed.

I am about to give up on Eset. Since using the normal uninstall of firefox beta and nightly rebooting and installing NOD32 proved to not solve the problem I reinstalled FF beta and then used Revo Uninstaller Pro to delete all traces of firefox from registry and Win10. I ensured that TLS was disabled. Rebooted started up procmon and sure enough, as soon as I re-enabled TLS the error occurred at 10:12 PM. I currently do not have the strength nor desire to install Firefox Nightly reinstall uninstall and test today so I am attaching the Procmon and ESET log gather files NOD32CertError.zip eav_logs.zip

Oh ok thanks for that tidbit. Will indeed try the Revo Uninstaller Pro use with Firefox still uninstalled and sigh again redo the log collection yet again if the issue still occurs after the cleaning with Revo.

NOD32 was still uninstalled. I uninstalled Firefox Nightly and Firefox Beta via WIndows 10 Remove Apps option in Control center. I then rebooted I then installed Eset 12.1.34 and rebooted. Right off the bat the error regarding cert error showed up in the log files even before I was able to disable TLS. I disabled TLS rebooted. I started Procmon up and captured the events and then enabled TLS and like clockwork, the log showed the same CERT error. This all happened without any Firefox browser installed in WIndows10. I can not attach the logfiles here due to the size of the Procmon files. I have uploaded them elsewhere and can provide a link.

I had 2 months of log entries which repeatedly showed the same error message along with the updates to virus definitions but that was it in the logs. I had no clue to notification whatsoever that this issue even existed. I just stumbled across the issue because I went to the Eset logs looking for information to rely to someone about a Pup alert for a website. Only then did I discover approximately 1700 entries a vast majority of them being these alerts about Attempt to add root cert. Failing. Only other entries in the log was the regular definition updates.

Exactly why I am wondering how many other Eset users logs are full of this error and they have no clue that this is happening. it is too bad that Eset is also generating such a generic error message without identifying the browser it is having an issue with. It would help reduce the countless hours of hunting blindly. It is not uncommon these days with Windows 10 to have multiple browsers installed. Why did you resort to uninstalling Firefox using a Pro version of Revo. Have you attempted to uninstall Firefox using the normal means in Windows10 via the control panel? What version of Firefox did you have installed by the way?

First this installation of Windows 10 and in turn all of the applications in my case is less than 5 months old. Second how was it determined that in fact this is due to Firefox browser and not another browser. As I mentioned elsewhere in this thread every browser I could check (except for MS Edge) appears to have the appropriate cert installed in the browser's Authorities certificate store. In the case of Firefox I even resorted to importing the cert with no effect on the error. As I write this I have not yet decided what my next step is regarding Eset as it is still uninstalled. If I uninstall Firefox beta and uninstall Firefox nightly, install Eset antivirus are you saying that this error is no longer going to occur?

As I said in a prior post I wonder how many other systems that logs are being filled with these types of errors and the computer owners have no idea that its occurring? I just happen to stumble across it yesterday. I had been using Windows 10 without Eset on multiple systems with Windows10 and I am now wondering if the reason why its been happening for 2 months here which was the only one with Eset was because that was when Eset was installed in Windows10. I have been using Eset for years and had recommended it to clients and friends in the past. Going to have to touch base with some users to see if in fact this is a wide spread issue.

OK thanks for that info. Was debating on whether to retry the reinstall to see if it fixes the issue but it apparently does not. Are you using any additional security software like Malwarebytes Pro like I am on Windows10 Pro?

When Eset was installed here on Windows 10 Chrome was the release version with a standard installation. Firefox was the beta version as well as a nightly release both with the standard installation. I do not remember enabling any sandbox option in either browser. Both browsers are of course still installed here but Eset remains uninstalled for now. Is there no way of Eset indicating which browser it has cert installation issues with? With me I am always testing/trying new browsers and currently have 3 versions of Edge (Win10 native plus 2 Chromium pre releases) along with Chrome, Brave beta and Firefox plus Windows10 IE.

Well for me I also noticed that Eseential PIM Pro 8.5 which is an app that I use to keep contact information and appoints etc on Windows 10 would no longer sync up to my Google account. It was throwing a HTTPS denied error. Since I needed the sync to work between my iOS devices I uninstalled NOD32 12.1.34? via Windows10 App center. The Essential PIM issue was fixed. Right now I am using Malwarebytes Pro along with Windows10 Windows Defender. When I get some time I will try reinstalling NOD32. The only reason why I noticed this error is that I went looking for other information regarding a block that ESET did on a site because it deemed it was source of Pup. Only then did I see over 1200 entries of this error over the last 2 months. I just wonder how many other people are having this issue without knowing its happening

No Master Firefox password since I am using Lastpass for password storage. Even switch Chrome to the default browser did not help. Does Eset use the Windows10 app list for the known browser to import the cert into?

Yes it probably does but ever browser I have installed has this cert installed. I could not find any way of checking the original MS Edge browser certs I rarely use the original MS Edge as a browser. Firefox and Chrome with MS Edge Chromium on occasion. All of which have the Eset cert installed. I do use Thunderbird email client but that appears to have the Eset cert that expires on May 5, 2029 w a SHA Fingerprint of F1:31:6C:34:83:3A:B7:1F:58:8F:A6:93:35:2C:F5:8F:39:EF:ED:F0 installed. As soon as enable the TLS option or the option to Add Root cert blam I get the errors in ESET log. I wished the heck the log file would indicate what particular app/browser its supposedly having issues with!

I disabled the option in ESet to Add Root Certificate to Know browsers.

Firefox both of them have the cert already installed as well as Brave Beta. Just wished the heck the log file in NOD32 would indicate what web browser its complaining about. Perhaps its a red herring since I checked Firefox, Brave and even Edge Chromium and IE all have the cert installed. With me if I disable the TLS option and delete the events showing the error for May in the log file as soon as I re-enable the option with no browsers open it shows the error in the Logfile

I also have the same problem and disabling TLS rebooting and before running any application in WIndows10 x64 I re-enable TLS and as soon as I do I get the error. I have Firefox beta and nightly both x64 installed along with CHrome, Brave Beta and MS Edge Chromium Dev and Canary. This has been going on for about 2 months well before I installed MS Edge Chromium.

I have ESET NOD32 Antivirus 11.2.63.0 installed on Win7 x64 here and using Symenu app to download updates to a series of utilities I use. When it goes out to get two errors when it attempts to connect to a particular domain: "My Antivirus is blocking SyMenu from downloading Adaware and several other utils because the Polish site that is using to serve up these files is on a blacklist of malware sites. Is there no way of changing the download source for utils in the SyMenu app?Time;URL;Status;Application;User;IP address;SHA110/3/2018 1:30:40 PM;hxxp://dpcdn-s13x.pl/narzedzia/GPU-Z.2.11.0.exe;Blocked by internal IP blacklist;AdwCleaner 7.2.3.0 The remote server returned an error: (403) Forbidden.Please retryGPU-Z 2.11.0 The remote server returned an error: (403) Forbidden.Please retryHWiNFO 5.88 The remote server returned an error: (530) Not logged in.The remote server returned an error: (530) Not logged in.Please retryMozilla Firefox Portable 62.0 The remote server returned an error: (404) Not Found.Please retry" Yet when I do a scan on that domain using Virustotal it shows no issue with Eset https://www.virustotal.com/#/url/a7b9d6fe19affd1ddf45f2f8ceb3590181fe5d7d6741aa7eec1cf13dbcff27ff/detection is this blacklisting on the domain on my computer warranted?

I tried downloading Free FileSync syncing app from https://www.freefilesync.org/ and got the following warning E:\Downloads\FreeFileSync_9.0_Windows_Setup.exe » INNO - a variant of Win32/FusionCore.I potentially unwanted application Yet when I scanned it via VirusTotal.com it showed no issues at all.

I was wondering if someone could check into a possible false positive I got for a Win32/Olmarik.TDL4.Trojan after I downloaded and installed hxxp://www.surfright.nl/en/kickstartto a USB flash drive. I booted the flash drive, which was recently long formatted under Win7 shut the machine down and booted normally. WIthin several minutes Eset 7.0.317.4 alerted me that Win32/Olmarkig.TDL4.Trojan was on this computer. The Eset removal tool hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3339 did not find anything neither did a bunch of other utils including TDSSKiller. I am wondering whether the above util is actually installing a rootkit or whether this is a false positive by Eset NOD32. To fix the problem I booted with a Windows7 install disk and did a bootsec install followed by a fixmbr. Subsequent scans by NOD32 show no infection.

Yup that is what it was. I added the single IP to the excluded list and now am able to access the web interface.

I have a Win7 x64 w NOD32 ver 7.0.302 Pace 5168N-010 Internet Gateway box supplied by my ISP. It has a web interface accessible via 192.168.100.254. The other day I tried accessing the interface from Windows 7 x64 via the LAN here through IE 10, Chrome 31.0.1650.34 beta-m, Opera 17.0.1241.45 via hxxp://192.168.100.254 and was told that the page could not be displayed. For some reason Firefox 25 has no such problem. A Windows 8.1 box with NOD32 Ver 7.0.302 and IE 11 and Chrome has the same problem. An XP computer with NOD32 version 6 has no problem with IE 10 or Chrome. On the Win7 x64 box I tried using https rather than http. I ignored the security cert warning and was able to access the box's web interface! problem using hxxp://192.168.100.254. On my Win7 x64 box I disabled NOD32 and had no problems with IE, Chrome nor Opera. Same thing with the Win 8.1 box. Why is NOD32 7.0.302 blocking access to this address?