rugk

The links you posted are still clickable... And I think ESET will do what they can.

And a small notice about IObit... https://en.wikipedia.org/wiki/IObit#Malwarebytes_conflict https://forums.malwarebytes.org/index.php?/topic/29681-iobit-steals-malwarebytes-intellectual-property/

Okay, so maybe this will now be installed by default. (as important updates are automatically installed)

Recently the mystic Windows update KB3035583 was released. It's a "recommend" update, which means it normally must be explicitly checked to download it. However you can also configure WIndows update to automatically download recommend updates. The update KB3035583 "enables additional capabilities for Windows Update notifications in Windows 8.1 and Windows 7 SP1" based on their own description. Now a German magazine reports (English translation by Google Translator or Bing Translator) that it's an "downloader" for Windows 10 which will show several notification to encourage users of Windows 7 and Windows 8.1 to upgrade to Windows 10.

With the default settings it reacts the same like it also reacts with other scans. All malware is automatically (i.e. quarantines) removed and it asks for PUA and co whether to remove this. And you can configure this in the ThreatSense settings here: And FYI there are also some options in the scheduler where you can configure how and what the startup (files) scan should scan and of course you can also configure it to start at other times than the system start:

Well... of course you could completely deactivate the protocol scanning (which triggers this message) or exclude your browser (as you can see in the second screenshot below), but this would deactivate an important protection layer of NOD32. So could you provide some screenshots of the message, where it states it "seems" to be infected? If this is not a PUA detection and "seems" to be infected then this is a bit strange. You can also post some links here, but if you do so please "unlink" them by replacing hxxp:// with hxxp:// e.g.

My question was no April fool... So I hope someone can answer it.

Here you can get more information about PUAs: What is a potentially unwanted application? There you can also see a message of a blocked download of a PUA and as you can see you can continue it. But if it's malware then you can't do this of course. Maybe some specific examples or screenshots would help to determinate what kind of detection it is.

Yeah, you're right this are mostly technically limitations. I don't know if you read through my feedbacks, but I mentioned similar ideas in my first feedback to DriveSecurity. You can look there to get some answers. However here are the short answers: With the old versions you could manually update. With v3 this doesn't seems to be possible anymore. No and it also doesn't autostart. With the pre-installed (encrypted) USB drives it started (and still starts if you install the new version of them) automatically.

What problem exactly? In this topic were mentioned many different problems. So what problem do you have? If you have a problem with ESS and Window 10 then just remember that WIndows 10 is actually a pre-release built so it's expectable that there are problems. More information you can also find in other threads in this forum about Windows 10, e.g. Windows 10 or Any plan to make HIPS compatible with Windows 10 Tech Preview?.

If you have a username/password then just enter it into the activation window of NOD32. They should be accepted. If you have an activation key then you should already got a username/password by mail (after the first activation) which you have to use. And just to be sure of course you have to download and install NOD32 Antivirus before you can activate it.

No it doesn't lock the topic. It just shows the best answer at the top. So don't worry, choose the answer you like best (and answers your question/solves your problem) best and mark it as solved. And if you want to praise some posts you can also do this by giving kudos...

Normally the uninstall entry should be shown correctly. However you should also use be able to use the "Uninstall" entry in the start menu. Or you uninstall it by running one of these commands from the command line: MsiExec.exe /i {75F06437-40F4-4A65-BC65-FC194D6B7EBA} "%programfiles%\ESET\ESET Smart Security\callmsi.exe" /i {75F06437-40F4-4A65-BC65-FC194D6B7EBA} Alternatively you can also download the correct version (32/64 bit) of the offline installer and run it. It should also result in uninstalling ESS. And if everything fails you can also use the safe mode uninstaller.

Wouldn't it be a good idea to merge this posts? I think the TS posted it 2 times accidentally. https://forum.eset.com/topic/4529-solved-cant-install-eset-cybersecurity-on-osx-1095-due-to-unspecified-installation-error (this post) https://forum.eset.com/topic/4528-solved-cant-install-eset-cybersecurity-on-osx-1095-due-to-unspecified-installation-error

Normally all posts should be autosaved... Just look at the bottom left of the editor.

BTW where is the TS gone? I hope(d) he can mark this as solved now... And BTW: He already got the answer to this thread months ago, because he asked nearly exactly the same at this time. www.piriform.com And a note about piriform: This statement on their builts site includes the slim installer: So yes, (of course) they disallow other sites to use their non-PUA built for downloading. They want users to download the one with PUA... And the advanced user-statement is of course also funny...

Read more: hxxp://googleonlinesecurity.blogspot.com/2015/03/out-with-unwanted-ad-injectors.html And also the Safe Browsing should block PUA: hxxp://googleonlinesecurity.blogspot.com/2015/03/even-more-unwanted-software-protection.html But some sites like hxxp://playstation3emulator.net it doesn't block. But ESET does. It even not only blocks this as a PUA (where you can skip the warning), but it uses the same behaviour as with a malware, so obviously ESET categorizes it as adware.

You're welcome!

About... there is no link enabled. You correctly "disabled" it by replacing http with hxxp, so it's all okay. As for the "wrong" update. I assume you mean the VSD update? However in any case this is most likely done because you don't have a official version of ESS installed (or "patched" it afterwards). I would strongly recommend uninstalling the current version, also using the safe mode uninstaller, and download the installer from the official ESET site and install it. BTW how did he bought it? And another time BTW: hxxp://eset-me.com/ is already blocked by ESS.

About the first part: Try to return your license and get the money back. If it would be a (more or less) serious vendor you can get it. So did you bought it on hxxp://eset-me.com or did you activated it there? For the second keep in mind that you have to activate the license on the official website or in the product only. The other thing with the update and IP address I don't understand. What was updated and what has this to with the IP address? The only thing I can say is that the IP address doesn't belong to ESET.

Yes in this case Google Chrome is the (attention:) potentially unwanted content. But I think you're not really reading what we write here. @SweX already explained this very good, so read it again. BTW there is nothing LOL about it.

No... a potentially unsafe application. This are two different things in ESETs software and (much more important to know) two different settings. (I'm referring to the "standard" download: https://www.piriform.com/ccleaner/download/standard) Detected as: Win32/Bundled.Toolbar.Google.D potentially unsafe application Also this is funny from you: No you're right. They don't use OpenCandy, they use another PUA. @LabVIEW707 Also please don't be such stubborn and only refer to Virustotal. Just ask yourself: Is there something (potentially unwanted) bundled in the installer? If you can answer this question with yes a detection as a PUA is correct. And in this case you can. To show whether a malware detection is (not) a false positive is difficult, but to show whether a PUA detection is (not) a false positive is easy. (and you don't need virustotal for this). Additionally on Virustotal you don't know how the products/scanner are configured. Why this is not detected as a potentially unwanted application, but as a potentially unsafe application we can only speculate. There may be legal reasons or completely other reasons for this. IMHO it would be better to name it a PUA (potentially unwanted application). It could be a similar reason why they also don't detect OpenCandy (another PUA) as potentially unwanted application. This is detected as a potentially unsafe application. However back to CCleaner. And all information are already in this topic. Anyway I'd like to summarize some facts (and maybe add some new one too ). General Yes, ESET detects the standard CCleaner installer. (Win32/Bundled.Toolbar.Google.D potentially unsafe application) It is detected as a potentially unsafe application which is deactivated by default, but it can be activated manually by the user.This results in Techy users? - 1. (below). It was already detected by ESET in the past too. (@SweX has already listed more links in his first post in this topic) ESET is one of only some few companies really "fighting" against PUA. The PUA detection of ESET is one advantage of their software. [IMO] I would describe it as a potentially unwanted application. Terms A potentially unwanted application (PUA) is not malware (larger article about malware here). Malware is not PUA. (just to be sure... ) If I use the abbreviation PUA I mean potentially unwanted application. (this is usually used here in this way) A potentially unsafe application is described by ESET as "legitimate programs whose function is to simplify the administration of networked computers. However, in the wrong hands, they may be misused for malicious purposes." (source: product internal help of ESS) Detection The standard installer contains some unwanted content: It's detected as Win32/Bundled.Toolbar.Google.D (Virustotal) This content may be shown/installed or may not be shown. But ESET detects it because it's included in the file. The content may be the browser Google Chrome. The detection name including the word "toolbar" has not necessarily many to say. The content may not be "offered" to you if..you have already installed Google Chrome. do an upgrade from a previous installation of CCleaner (maybe some other cases too) Some properties of the file:file name: ccsetup504.exe digitally signed by: Piriform Ltd (hash: 78 5a f6 d5 21 f6 7e 13 2d 53 38 57 42 ce 9b 35) file hash (SHA-1): 95515E5CD54F8D3B375FAFB34E53C0C1D2E7C344 (please note that this values of course may change with a new version) Also the professional and professional plus (this is the same installer file) versions contain this PUA. So what to do? There are different things you can do. Choose the one you like best. I will concentrate on how to install CCleaner (without this bundled stuff). You can easily prevent ESET from detecting it. The easiest way is to turn off the detection for "potentially unsafe applications". But the best way is to download another installer. Piriform is so kind to offer an installer without this PUA. It's called "slim installer". There are no disadvantages of this installer, except of the fact that it doesn't contain such a "software offer" we talk about here.You can see the download link of the installer on this page at the bottom. The link will be: www.piriform.com/ccleaner/download/slim (make sure there is "slim" not "standard" in the URL). (direct link) This slim installer is NOT detected by ESET as it doesn't contain any unwanted (or unsafe) content. (Virustotal) Some properties of the file:file name: ccsetup504_slim.exe digitally signed by: Piriform Ltd (hash: 78 5a f6 d5 21 f6 7e 13 2d 53 38 57 42 ce 9b 35) file hash (SHA-1): B670352124B1CAF77BD3C13DDA9CEA3152F57CB0 (please note that this values of course may change with a new version) I found no slim installer for the professional (plus) version of CCleaner. And finally you can also use the portable version. It's a ZIP, so there is nothing bundled with it. (file hash (SHA-1): 3CE550D8C7C371B3EA703A3528AF15CDE498FA82)It's downloadable through the earlier linked builts site or here. Techy users? As it's not detected by default, the user must at least by such "techy" that he changed the settings the way to detect it. Also for potentially unwanted application the user has to choose whether he wants to detect it. A user which doesn't want to be bothered and has not so much knowledge about computers would surely (and should of course too) choose not to enable such a detection. Back to topic However I think there is another thing which was has to be considered as well. I think the TS quoted a message from CCleaner here. So CCleaner fails at an update. If it's this way then there could be an explanation for this: CCleaner is trying to update and downloads (of course) it's built update-function tries to download the standard (PUA-containing) installer and updates it. However you may not be presented with the PUA because you're upgrading. But as the file is the same ESET is correct to detect it. Either update manually (with the ways I described above) or just allow the update by clicking "No action". To prevent the display of this message in the future you could also exclude CCleaner from protocol scanning. Edit: Sorry, I had problems with the BBCode. It's now corrected. Edit2: Added "Back to topic".

Installing the newest version isn't a bad idea either way. ESET has added some very nice new protection layers in v7 and v8. (e.g. exploit blocker and botnet protection)

Well... it's working. It just scans all files written to the USB drive, but of course it has no self-defense or other features and it doesn't run with/need admin rights. Yes the companies are different. They are only partnered. About selling there is another point that has changed in v 3.0: Maybe you already read that ClevX DriveSecurity was preinstalled on a few USB devices. On these devices the latest version you can run is v 2.18. This version is also the latest downloadable from the ESET website. ClevX DriveSecurity v3 is a kind of "incompatible" with these old version, i.e. if you want to run it on a preinstalled USB drive you have to buy a new license and can't use the preinstalled one. But you can downgrade at any time of course.

I have a small question about the licensing. As we know there is unilicense which allows users to use up to 3 ESET products on the same machine (in a multiboot environment e.g.). And there is a multi device security pack, which allows to use (usually) 3 or 5 devices with the same license. So my simple question is: Can you use it together, so can you use e.g. a 5-devices license in 6 places, where one device is a multiboot device, which uses two OSes and two ESET products?