Discussion in 'NOD32 version 2 Forum' started by De Hollander, Oct 20, 2007.
Getting this alert when installing Online Armor Free. Sample send to "samples at eset.com"
IMO, on these layered security tools, users need to put their exe's into the exception lists.
Must do this for Nod32, TF and Online Armor.
It is work, but once done will save conflict, false positives like this one, and may best of all scan time won't be wasted.
Bottom line, review you exception lists.
Hi De Hollander,
NOD' s heuristic flagged many times OA installers or process as a threat. So of course, it's a FP
That is exactly the point I was making as well
With Nod 32 and OA , make sure each exe is in each others exempt/allow lists.
In OA, Nod32 is automatically a trusted program. (review your own list) See attached jpg.
In Nod32 that is where you need to add OA's exe's as exempt from review!
Doing this ( a one time task) I have never yet had one OA / Nod 32 false positive.
We really need to do this work, or our layered tools keep scanning and ratting on each other and giving the user redundant pop up messages which invite us to make an error in replying.
So, pour a cup of coffee, and list all your security tools, find their exempt/allow lists and enter them all in all lists (exclude the parent exe in their own list)
Hope, this helps members.
Hi, I notice from your screen shot that you appear to be using OA free? I have been using OA paid alongside NOD 32 and ESET AV v3 RC1 and ESS for several months and never had this happen. Both OA and NOD have been installed and uninstalled several times during this period with only pop up's from OA. I wonder if this is simply a problem with OA free?
You are right, I just put OA free in a week ago, I like the product!
You may be correct, that NOD 32 accepts the paid OA and challenges the free one! But I don't have the problem myself, and I am assuming ( always an error) that placing it OA free in the exempt/accept list avoids it.
What is needed is for the OP guy to do the list entry and see if the false positive reoccurs.
That's all I can suggest
The problem was OAFREEREG.EXE, created in the temp folder at install. Excluding this Temp folder was a option, but to avoid any problems with installing I just temporaly disabled Amon. After rebooting, OAUI.EXE , OASRV.EXE and OAEVENT.DLL where manual excluded from AMON by me. With Online Armor every related item from NOD32 is allowed. At this moment no problems.
Separate names with a comma.