Windows Update

Discussion in 'ESET NOD32 Antivirus' started by pakratt, Jun 21, 2012.

Thread Status:
Not open for further replies.
  1. rcdailey

    rcdailey Registered Member

    Joined:
    Dec 25, 2009
    Posts:
    233
    Yes, that is what I did. I assumed that the box needed to be checked in order for the exclusion to work. I wanted to go back to "Always scan SSL" because then I would not have to answer what to do with the certificate for each new secure site. I do hope there is a module update so that excluding the Windows Update certificate won't be necessary, but if that is the only certificate that has to be excluded, it's not so bad.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,441
    Internet protection module 1041 addressing the Windows Update issue is now available on pre-release servers.
     
  3. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,770
    Got the update and still have the issue Marcos.
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,441
    Do you use v. 5.2 or Endpoint?
     
  5. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,770
    5.2.9.1 ESS on a Windows 7 workstation. Are there any options I should configure in SSL scanning? So far the only way to get Windows Update to work (for me anyway) was to disable SSL scanning.
     
  6. alfa100

    alfa100 Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    5
    ESS 5.2.9.12 Windows7 Home Premium (64-bit)
    HTTP, HTTPs protocol checking: enabled.

    Current settings Protocol filtering:
    Excluded applications: none
    Protocol checking mode is now set to "Always scan SSL protocol."
    Apply created exceptions based on certificates: checked
    Block encrypted communication utilizing the obsolete protocol SSL v2: checked
    Trusted certificates: none
    Excluded certificates:
    imap.gmail.com
    .ww.update.microsoft.com
    login.live.com

    I added imap.gmail.com and login live.com to the list excluded certificates because adding them to the list trusted certificates didn’t exactly work, encountered problems sending/receiving email with Windows Live Mail, reason: Cannot connect to server. But after this and several times restarting the system, it finally works. Do I trust it? Mmmh, not exactly. Let’s see what happens next time I start my system. :doubt:
     
    Last edited: Jun 28, 2012
  7. rcdailey

    rcdailey Registered Member

    Joined:
    Dec 25, 2009
    Posts:
    233
    I have that module 1041) in NOD32 6.0.11.0 beta. I just checked "about" and it is there and it is dated 20120627. I guess I can try removing the exclusion of Windows Update and see whether it works.

    OK. I removed the certificate for Windows Update from the excluded list. I now have no excluded certificates and no trusted certificates listed in the SSL, Certificates setup. Windows Update works without any issues. This module update seems to have fixed the issue for me.
     
    Last edited: Jun 27, 2012
  8. Janus

    Janus Registered Member

    Joined:
    Jan 2, 2012
    Posts:
    588
    Location:
    Europe - Denmark .
    Hello
    Just confirming, that internet protection module 1041 (20120627) solves the issue regarding Windows update and https protocol filtering. ( update received through pre-release servers as explained in post 27)
    Thanks :)
     

    Attached Files:

  9. alfa100

    alfa100 Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    5

    It seems to me that all my issues are resolved with these new Internet Protection Module 1041:thumb:
     
    Last edited: Jun 28, 2012
  10. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    This is a requirement for users to enable pre-release. If they are not, a positive outcome would be achieved in what fashion ? I am asking since this will be asked.
    Regards,

     
  11. pakratt

    pakratt Registered Member

    Joined:
    Aug 15, 2007
    Posts:
    30
    How to you get this module from the pre-release servers? I am using Nod32 Anti-Virus 5.2.
     
  12. alfa100

    alfa100 Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    5
    Last edited: Jun 27, 2012
  13. pakratt

    pakratt Registered Member

    Joined:
    Aug 15, 2007
    Posts:
    30
    Thanks for the info. My advanced setup for the Anti-Virus program did not look like the screens provided in the link. It has 2 buttons (one for Regular Updates) and (one for Pre-release updates). I changed the button from Regular updates to the Pre-release button and checked OK. I then checked for updates and after that ran I looked under the "About Nod32" and it showed the update for 20120627 was downloaded. With both HTTP protocol filtering and SSL scanner set to "Always scan SSL" activated I ran Windows Update and it worked. Problem solved. Should I now reset Updates back to Regular Updates instead of Pre-Release updates?
     
  14. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Well my windows update recently got broken and I have no ESET or Any real time scanners.I went replaced a image and updated all recommended and important updates but none of the optional updates.Everything is back to normal again.
     
  15. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,441
    Switching back to regular updates will downgrade the Internet protection module to an older version. However, this should be ok if you don't want to use pre-release modules permanently (e.g. on production computers) as the module will be released for all users shortly, before the next Windows update.
     
  16. alfa100

    alfa100 Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    5
    Internet protection module 1041.

    Windows Live Mail Error ID: 0x800CCC0F with windows live mail / gmail probably due to the fact that I am already logged in on (IE9) iGoogle.
    When I log out with IGoogle the problem is solved.

    Server: 'imap.gmail.com'
    Windows Live Mail-error-id: 0x800CCC0F
    Protocol: IMAP
    Port: 993
    Secure (SSL): Yes
     
  17. rcdailey

    rcdailey Registered Member

    Joined:
    Dec 25, 2009
    Posts:
    233
    I never had a certificate problem with gmail. I use Thunderbird with imap and gmail, which seems to work. However, Eset does not support full integration with Thunderbird (ver 13.0.1), so maybe that is why it works, and maybe that is a good thing. ;)

    I don't have Windows Live, so can't comment on that. I am not running Eset on any Windows 7 systems, so don't have anything to say about that in general. I have XP SP3 and did have the issue with Windows Update until I excluded the certificate. However, when I saw I had received the update to the internet protection module (1041), I removed all certificates in SSL and found that I had no problem with Windows Update. So, I wonder why the internet protection module update did not help you? My SSL settings are identical to yours apart from now having no excluded certificates. One other thing is that I am running NOD32 ver 6.0.11.0 beta, which may or may not make a difference. One thing for sure is that if you have a trusted site and the certificate isn't working in the trusted list, you can add it to the excluded list and that will make things work.
     
    Last edited: Jun 28, 2012
  18. rcdailey

    rcdailey Registered Member

    Joined:
    Dec 25, 2009
    Posts:
    233
    Interesting, and this is a bit off-topic, but the screen in beta 6.0.11.0 is slightly different. You get the option (in advanced update settings) to have the program check regularly check for the latest product version, which is unchecked by default. The choice between regular and pre-release updates is in the previous screen. So, since I'm running the beta version, some of the things I may say about how NOD32 works may not apply to the 5.x series. If I mention some setting that you don't see, that could be why. ;)

    I really like the beta and have not had any new issues with it, so I am not going back, but that's my choice, not a recommendation.
     
  19. dwood

    dwood Registered Member

    Joined:
    Jan 11, 2005
    Posts:
    92
    I'm trying to enable Pre-Release updates on 1 of our ERAS servers, but I get the attached error when trying to get the updates

    Any ideas?
     

    Attached Files:

    • ERAS.JPG
      ERAS.JPG
      File size:
      10.5 KB
      Views:
      567
  20. rcdailey

    rcdailey Registered Member

    Joined:
    Dec 25, 2009
    Posts:
    233

    Just checked updates and got program module updates (am on pre-release and using beta 6.0.11.0)

    Virus signature database: 7254 (20120628 )
    Update module: 1040 (20120313)
    Antivirus and antispyware scanner module: 1361 (20120628 )
    Advanced heuristics module: 1124 (20120523)
    Archive support module: 1147 (20120620)
    Cleaner module: 1056 (20120601)
    Anti-Stealth support module: 1031 (20120613)
    ESET SysInspector module: 1224 (20120223)
    Real-time file system protection module: 1007 (20111129)
    Translation support module: 1044 (20120223)
    HIPS support module: 1052 (20120613)
    Internet protection module: 1041 (20120627)
    Database module: 1021 (20120612)

    There they are for what it is worth.
     
    Last edited: Jun 28, 2012
  21. alfa100

    alfa100 Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    5
    Just to clear some things up. I posted this before the update to Internet protection module 1041. I mentioned this in post #34 where I also stated that the problems I had were solved. So currently no excluded SSL certificates. The only problem left now is with Windows Live Mail not being able to send/receive emails with my Gmail account when I'm already logged in to iGoogle. (IE9) post #41.

    Edit:I made no changes to my settings, and yet everything seems to work perfectly now. No problems anymore with Windows Live Mail, IMAP / Gmail. I just hope now that this is not something that occurs randomly.
     
    Last edited: Jun 29, 2012
  22. rcdailey

    rcdailey Registered Member

    Joined:
    Dec 25, 2009
    Posts:
    233
    While it is true that Microsoft generally has a Windows update on the second Tuesday of each month (often called "Patch Tuesday"), there are those occasional emergency updates in between, so one would hope that Internet Protection Module 1041 will be released for all users very soon.
     
  23. bwb1

    bwb1 Registered Member

    Joined:
    Mar 20, 2010
    Posts:
    113
    Location:
    UK
    Will this module reset the HTTPS protocol scanning back on if we have unticked the box??
     
  24. rcdailey

    rcdailey Registered Member

    Joined:
    Dec 25, 2009
    Posts:
    233
    NO, that is a user-controlled option, so just updating the module does not change that setting. You have to go into the setup and change it yourself.
     
  25. Baresi

    Baresi Registered Member

    Joined:
    Jul 3, 2012
    Posts:
    5
    Hi Marcos.

    I have that module 1041, but i still get error number [0x8024404] :'(
    when i try to run windows updates.

    I use 5.2.9.1 ESS on xp workstation.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.