rugk
-
Posts
1,716 -
Joined
-
Last visited
-
Days Won
54
Posts posted by rugk
-
-
That's great. But could you tell for us and future visitors of this topic how you solved it?
-
At first thank you for sharing your arguments.
If I couldn't use ESET then I would have a problem I think...
Well, maybe I would give Emsisoft a try, but as I haven't tested it (so much) so I can't evaluate this. -
If the file is what it shows to be it's Daemon tools - a software which emulates virtual disk drives. Basically this is legitimate.
However like @TomFace said it's a PUA detection, so you have to decide how you want to react.
Did you downloaded it from the official website, because the fact that the PUA file was created by another exe which doesn't seems to be a browser ("AppDownloader.exe") looks like a PUA download manager?
-
Yes I can confirm the issue. Now it's VSD 5680 in EMS and on virusradar it states 5651 would be the newest update.
-
Great statement, @Marcos!
However I still like to defend the idea of the simple text change. It's just to prevent users from being confused.
I mean the upgrade shouldn't be done automatically. It should just be shown (if the user clicks on "Check for upgrades") that there is a new version out, but not released as a PCU yet, which is basically want we already explain to all users who complain update the "non-functional updater" here after they saw the message.
-
Okay, now I'm assuaged.
-
@Marcos
I could reproduce the issue and also the solution.
However this can't be the permanent solution as this checkbox should work without modifying the settings. Especially not such a important one which practically disables the UAC for ESET completely (so you can e.g. now deactivate any modules without any UAC prompt).
Instead of this ESS or NOD32 should just trigger UAC if you try to exclude the file this way.
-
Did you tried uninstalling in safe mode and reinstalling?
-
It would be more accurate, and even a little bit helpful, if it was someway possible for the internal updater to determine that a user's current version was not the most current, and then inform the user that the newer version would be available soon. As it stands now, the information given is inaccurate, and users are supposed to understand this throttling business.
Well... the thing with the different message is a decent idea. You're of course right that "<An older version> is the latest version." is a wrong statement, so yes maybe a different piece of information there would be nice. This would also prevent such questions like "Why doesn't work the internal updater ?", because you can clearly see that it's working, but actually not intended to serve the update. (Maybe a note about the manual upgrade or a sentence like "The automatic/internal upgrade will be released soon." would also show the possibility to upgrade manually)
However I don't think the reason for this is server overload, but we don't know this of course.
-
So what happened to you is that the certificate could not be validated by a trusted root certification authority, so unless you removed some CAs you shouldn't ignore this warning.
This doesn't mean the certificate is expired, because if it would be expired ESS would (according to your settings, which are the defaults) block it without notifying the user, because the certificate is invalid.
If this only happens at yahoo.com then please export the certificate (click on cornet.yahoo.com in the popup and go to "Details", "Copy to file") and post the file here.
If you know how to do it you can also compare the hash of the certificate with the ones I linked below. I have visited the site you posted in your screenshot and the connection wasn't refused (of course not, that's yahoo..) and uploaded the correct cert here: https://mega.co.nz/#!jRhwlRyS!MonUypyjN5qIa1wzJ3Pua9ERABdQBjFLa0mC9n81dkE
For the ones who don't want to wait here is the hash: 4e eb 31 09 63 39 4e 8e a0 4e 70 9c a9 1d cd a6
-
Ahh okay, do you mean IDS? Or just the pre-defined firewall rules?
-
AE?
Well... of course it's policy based - why do you think can you create rules?
HIPS alone is more or less policy based, but "sub features" like the exploit blocker or the advanced memory scanner are maybe less policy based and are working differently.
-
@cutting_edgetech
If you have a firewall rule you can enable logging for it. So if it's a firewall rule which blocks the communication for an application then you should get such logs.
-
1. & 2.Usually you can switch the network mode here:
And of course you can also switch freely between the modes.
1.Normally zones with the "privilege" as a trusted zone should be created automatically (they are shown as "automatically authenticated" in the rules and zones editor)If this isn't the case then you can add it manually by adding this IP to your trusted zone:
This will add the complete LAN to the trusted zone.
3.
Theoretically the public network mode is safer than the home network mode. E.g. if you're in a public WLAN (e.g. in a café or similar) then the public network mode is the one you should use (otherwise you would leave your device at risk).
If you're in your home LAN then it's usually not important for your security which mode you choose. As long as you are behind a router then you can choose the home mode without any risk. But if you don't need features like remote desktop or file sharing, which are run from another device in your network, then you can also set it to public mode without any disadvantage.
-
Okay great your problem is resolved.
Maybe there was a kind of inconsistent state of Anti-Theft as it shows in your first post that Anti-Theft would be enabled.
-
Does this happen only on some drives/paths or everywhere?
-
No if it's excluded not. This will then be done - like it's normally done - by your browser.One solution would be for an option for Eset to allow cert path verification for excluded certs. but not scan the traffic using the SSL protocol feature. As I understand it, once the web site cert. is excluded, Eset will not verify the cert. chaining path to the Trusted Root CA store?
However it doesn't matter "who" it does. The only advantage (besides the malware scanning of course) would be that you can (theoretically) check the certificates yourself and built up a list of trusted certificates with ESET. To do so you of course would need to use the mode "Ask...".
-
ESET will check virus database automatically during the screen is on and off. When the screen go dack for few minutes, it turns into sleep mode as Windows8 default setting, ESET can still check for the update.
BUT RECEIVE NO UPDATE BECAUSE NO INTERNET CONNECTIONS. THERE ARE OVER 10 ESET'S NOTIFICATIONS ON THE RIGHT BOTTOM CORNER OF THE SCREEN.
In standby it of course can't check for updates, however there shouldn't be displayed any messages about.
However there were already issues with connected standby so maybe this is the problem you're encountering.
-
Okay, I can understand this. Then you can exclude them.
Adding this by default wouldn't be a good idea I think. Additionally there are many banking sites worldwide, so this would be a high effort for ESET.
But BTT you could exclude it now successfully?
-
So you are using NOD32 for Linux 4.0.81? If so then you're right of course you can't upgrade.
Have you looked at the installation instructions? Did you do everything like it's described there.
Additionally are you using a 64bit version of Ubuntu?
I don't know what you mean with the "GUI popup" - maybe a screenshot could help. Because there is a splash screen at startup but it disappears automatically.
Other things shouldn't be shown at startup so there should be nothing to close.
Please also note that Ubuntu 14 is not listed as a supported OS, however this of course doesn't have to mean that it doesn't work.
-
Okay, then leave it as it is. Funny fortuity...
-
This depends on what license you bought.
If you only bought a license for one computer (which I assume otherwise you wouldn't ask this question) then you can of course only activate it on one computer, so you need a separate license for the other device.
However you can also buy NOD32 licenses for more than one computer or even buy a multi-device license which you can use with different devices.
I would suggest you to contact your local customer care and ask them whether you can change your license and maybe they can do something.
-
If you want to prevent NOD32 from scanning the internet traffic at all (so that this "redirection" won't happen) you could of course completely deactive the protocol scanning:
However this is not recommend as you will lose many protection layers if you do so. Additionally if you do so the phishing protection won't work and e-mail protection will be restricted.
-
Usually the certificate should be accepted automatically, because ES ads it's own root certificate into the certification store of Firefox.
So just to be sure that we can exclude this cause: You can access other SSL sites without problems?
I think I found the issue: The SSL certificate ESS uses for scanning the connection is expired. In your screenshots it states it's expired on 13/04/2015. This was 3 days ago, so this may be the reason why it happened such surprisingly.
I don't know how ESS creates these certificates, but I thought they were created on-the-fly so this shouldn't happen.
However it seems you're using a old version of ESS, so I would recommend upgrading to the newest available version. Maybe this even solves the issue - and of course you can enjoy all the new protection layers.
If not then you can deactivate SSL scanning, apply the settings and activate SSL scanning again, so that a new root certificate will be created if this should be expired.
Ways anti-virus software lowers your HTTPS security
in General Discussion
Posted · Edited by rugk
Thanks for sharing. I just wanted to post this too.
So to focus on ESET: