NOD32 v16.0.22.0 prevents KeePass from using Secure Desktop when unlocking database

[Cubittus 0]

I just updated NOD32 to v16.0.22.0 on Windows 10 v22H2.  I was previously on NOD32 v15.

Upon starting Keepass (v 2.52 - the latest) it loads it's password database file and requests the master key.  It does this by switching to a Secure Desktop and presenting a dialog box.  (Unsure if this is default behaviour - it is configured in the Options->Security->Advanced->Enter master key on secure desktop)

Before I can type anything, Windows switches back to the main desktop and KeePass pops up a message saying 'An Application has switched from the secure desktop to a different desktop.  Click [OK] to switch back to the secure desktop.'

Clicking OK does just that, but only briefly, and the message pops up again.  This repeats until I am able to click cancel on the secure dialog box when it briefly appears.

By a process of elimination, I determined that the newly upgraded NOD32 is causing this, and that if I switch on Gamer mode, then the problem stops occurring.

Obviously I don't want to keep Gamer mode enabled all the time as it's less secure.

Can someone please look into this and let me know if you need more details?

Thanks

[Minimalist 16]

It's happening on my system also, although I had to enable master password on secure desktop in Keepass which is not enabled by default.

[Marcos 5,074]

I can't reproduce it:

[Cubittus 0]

Not sure if it's a factor, but my KeePass program is installed on "D:\Program Files\KeePass" . I install the portable version from the zip file, rather than using the windows installer.  I'm mentioning this just in case the location of the exe might influence NOD32's behaviour.

I've attached video of the problem.  Excuse the quality, but screen recording won't work with switching desktops, so I had to use my phone.  I try to open the database 3 times - first with NOD32 fully functional and it bugs, then with gamer mode ON and its OK, then back to gamer mode OFF and it bugs.

 

[draytox 0]

Same issue here. Windows 11 22H2 w/ESET Internet Security 16.0.21.0 keeps kicking me out of the secure desktop with KeePass 2.52

Works fine with v15

*Enabling Gamer mode also resolves the issue for me

Edited October 29, 2022 by draytox

[Minimalist 16]

@Marcos you should disable Gamer mode to replicate the problem.

[Marcos 5,074]

Eventually I was able to reproduce it on Windows 11 22H2. A ticket has been created for further investigation by developers.

P_ESSW-15710

[rstoller 0]

Same issue here, running keepass portable version on Windows 10 Pro, 21H2.

[cyberWorzx 2]

What a mess!

[Marcos 5,074]

The bug has been identified and fixed. The fix will be included as of v16.1.

[Cubittus 0]

Thanks! 😸

[draytox 0]

Will keep an eye out, thanks!

[cyberWorzx 2]

Man I am so bummed! I have loved and recommended ESET for many years. Afraid those days are now over. Not only keepass, but it's killed an old plugin from Aladin's in Outlook on a friend's machine. Turn off everything in ESET and still occurs. Uninstall ESET and everything works. Reinstalled and problem back. Guess I'm done. Sad day!

[Gummy 0]

Just get forced update to v16 and aware this bug. Keep popping out from secure desktop prompted by KeePass. Appreciated if it can get fixed ASAP

[Marcos 5,074]

8 hours ago, cyberWorzx said:

it's killed an old plugin from Aladin's in Outlook on a friend's machine.

Since this issue is not related to Keepass, please open a new topic and provide information if temporarily disabling Outlook integration makes a difference.

As for Keepass, one can temporarily disable "Enter master key on secure desktop" until v16.1 is available.

[cyberWorzx 2]

Hi Marcos & The Whole ESET Team,

I want to apologize publicly for my snippy replies to this thread. Had a really bad week and both issues hit at the worst possible time. No excuse, I was wrong. I've been a happy ESET user for many years and I do understand the challenges you guys face with your software.

I re-installed again and played around with all settings and found disabling Advanced email client processing prevented the error and his plugin now works again. Was getting Access violation in module AladEL65.dll which is located in C:\Windows\SysWOW64\AladEL65.dll

Again, sorry for my unprofessional replies.

[ADisplayName 1]

On 11/2/2022 at 12:51 PM, Marcos said:

The bug has been identified and fixed. The fix will be included as of v16.1.

Does it apply only to the NOD32? Or did you mean ESET Internet Security 16.1 as well?
I'm experiencing the exact same problem with the portable KeePass, after I updated ESET Internet Security to 16.0.22.0 just today.

Thanks.

 

[Marcos 5,074]

ESET NOD32 Antivirus does not contain Banking and payment protection so it should not be affected.

Edited November 7, 2022 by Marcos
Redacted

[User2345 0]

Not sure if I understand the last comment correctly:

I am currently using ESET NOD32 Antivirus 16.0.22.0 and are experiencing exactly the same problem when trying to enter my master password for KeePass on Microsoft Windows 10 Version 22H2 OS Build 19045.2193.

I hope this will also be fixed for NOD32 Antivirus and not just Internet Security...

Can you share an ETA when 16.1 will be available?

[Minimalist 16]

8 hours ago, Marcos said:

ESET NOD32 Antivirus does not contain Banking and payment protection so it should not be affected.

I don't think that Banking and payment protection is the source of the problem. I experience this problem with Nod32 Antivirus installed and also with Internet Security when I was using it.

[Marcos 5,074]

I stand corrected, you're right. I confused it with another issue. In this case the issue didn't occur with Gamer mode enabled and the bug was pinpointed to eguiproxy. As a workaround you can temporarily disable "Enter master key on secure desktop" until v16.1 becomes available. Minor versions are released in 2-3 month cycles, ie. 16.1 is scheduled for the beginning of 2023.

[ADisplayName 1]

> ie. 16.1 is scheduled for the beginning of 2023.
 

Unacceptable. I refuse to give up a core security measure because a security software I pay for has a conflict with it.
This should be patched sooner in a minor version. Meanwhile I will install back the version 15 and block future updates, until the issue is resolved.

Also, 3 months barely make it 'temporarily'.

Edited November 7, 2022 by ADisplayName

[SwissJay 0]

Same issue also affects Veracrypt when the option to prompt for the password on the secure desktop is enabled. It is now next to impossible to type in a lengthy passphrase without making it visible for everybody else to see while one tries to type a few characters in-between "flashes". As a longtime customer, I cannot believe I will have to wait for the next point release for this to get fixed!! I use both Veracrypt and KeePass so this is a major pain. Luckily the latter allows authentication via Windows Hello!

Granted, I could disable Secure Desktop prompting but, uhm, no, why should I have to?!

[Marcos 5,074]

The latest news I've got is that we are working on finalizing a hotfix build of v16.0 and it should be available soon.

[mbu 0]

Hello there,

Same problem here with Keepass v.2.52 and ESET NOD32 AV 16.0.22.0, since I just updated NOD32.

I wasn't able to type master password for opening my database until I switched on player mode at NOD32 configuration console. Yes, this works as a temporal fix (thank you, draytox).

Please fix this mess ASAP.