NCLR´s P2P-rig
- Thread starter nclr11111
- Start date
- Status
LoftedAphid86
New Member
- Feb 24, 2011
- 1,107
RE: NCLR need recommendation on improvements.
It might not be a real version of the driver, because if it was digitally signed by NVIDIA, then it should be trusted.nclr11111 said:
LaserWraith
Level 1
- Feb 24, 2011
- 497
RE: NCLR need recommendation on improvements.
Hmm...the printer question confuses me a bit. What you may want to do is this:
[attachment=9]
Then, use another computer to send something to be printed. If you get an alert, allow it and make sure to remember it. It would be helpful if you could post a screenshot of the alert too.
Now, block any other requests that don't come up when printing.
Hmm...the printer question confuses me a bit. What you may want to do is this:
[attachment=9]
Then, use another computer to send something to be printed. If you get an alert, allow it and make sure to remember it. It would be helpful if you could post a screenshot of the alert too.
Now, block any other requests that don't come up when printing.
Attachments
- Feb 25, 2011
- 277
RE: NCLR need recommendation on improvements.
That would be strange since i never dl drivers from anywhere but their hp.
Also recently did a full scan with both MSE and Malwarebytes antimalware with no infections.
Is there a way of searching manually in the database
Sorry Laserwraith. I don´t have permission to access your image
That would be strange since i never dl drivers from anywhere but their hp.
Also recently did a full scan with both MSE and Malwarebytes antimalware with no infections.
Is there a way of searching manually in the database
Sorry Laserwraith. I don´t have permission to access your image
LoftedAphid86
New Member
- Feb 24, 2011
- 1,107
RE: NCLR need recommendation on improvements.
What do you mean by 'searching manually in the database'?nclr11111 said:
LoftedAphid86
New Member
- Feb 24, 2011
- 1,107
RE: NCLR need recommendation on improvements.
You could locate the file and right click it and click properties, then look for a tab named Digital Signatures. Tell me if you see a tab like this and what the details are.
The only way that I know of is to use a tool that is not ready for release outside of Comodo's forums.nclr11111 said:In the clouds whitelist. Sorry for not making it clear. English you know
You could locate the file and right click it and click properties, then look for a tab named Digital Signatures. Tell me if you see a tab like this and what the details are.
LaserWraith
Level 1
- Feb 24, 2011
- 497
RE: NCLR need recommendation on improvements.
I shall have to complain to the chiefs.
nclr11111 said:Sorry Laserwraith. I don´t have permission to access your image
I shall have to complain to the chiefs.
LoftedAphid86
New Member
- Feb 24, 2011
- 1,107
- Feb 25, 2011
- 277
RE: NCLR need recommendation on improvements.
Digital Signature for nvvsvc:
http://data.fuskbugg.se/skalman02/digsign.JPG
http://data.fuskbugg.se/skalman02/digsign2.JPG
Thx for the bigger image Lazerwraith I´ll try out this later to make it work.
Digital Signature for nvvsvc:
http://data.fuskbugg.se/skalman02/digsign.JPG
http://data.fuskbugg.se/skalman02/digsign2.JPG
Thx for the bigger image Lazerwraith
I´ll try out this later to make it work.
LoftedAphid86
New Member
- Feb 24, 2011
- 1,107
RE: NCLR need recommendation on improvements.
It's real. The driver might have been trying to access a file that was not trusted.nclr11111 said:Digital Signature for nvvsvc:
http://data.fuskbugg.se/skalman02/digsign.JPG
http://data.fuskbugg.se/skalman02/digsign2.JPG
Thx for the bigger image Lazerwraith
LaserWraith
Level 1
- Feb 24, 2011
- 497
RE: NCLR need recommendation on improvements.
The more the merrier
elliotcroft said:@LaserWraith I already did that.
The more the merrier
LoftedAphid86
New Member
- Feb 24, 2011
- 1,107
RE: NCLR need recommendation on improvements.
We're glad to help.nclr11111 said:Ok! I´ll have a play with this later and see so that the printer works in the home network.
Many thanx for all help!
Btw. The FW is a lot better/easier than last time i used it!
Chiron
Level 1
- Feb 24, 2011
- 250
RE: NCLR need recommendation on improvements.
For future reference one of the easiest ways to check out if a file is trusted by Comodo is to first upload it to VirusTotal. This is something you would normally do anyway if you're checking out a file.
Next take the SHA1, which is provided under the scan results. Take this and then search Comodo File Intelligence, using that SHA1. It will tell you whether Comodo recognizes the file as malicious, unknown, or safe. It will also tell you whether it is digitally signed.
I hope this is useful.
For future reference one of the easiest ways to check out if a file is trusted by Comodo is to first upload it to VirusTotal. This is something you would normally do anyway if you're checking out a file.
Next take the SHA1, which is provided under the scan results. Take this and then search Comodo File Intelligence, using that SHA1. It will tell you whether Comodo recognizes the file as malicious, unknown, or safe. It will also tell you whether it is digitally signed.
I hope this is useful.
bogdan
Level 1
- Jan 7, 2011
- 1,362
RE: NCLR need recommendation on improvements.
That is a False Positive most likely. In Defense+ -> Defense+ Settings -> Execution Control Settings there is an Exclusions button. Click it. In the list that opens add (Add -> Browse) C:\Program Files\DAEMONTools Lite\DTLite.exe if it is not there already.
Strange indeed since the real file (C:\Windows\System32\nvvsvc.exe) is digitally signed by nVidia. Check your CIS Logs (Events), find the file and do as others suggested. But make sure you upload the file that triggered the pop-up. If it is a file in another folder it might be malicious.
Windows has some services that scan computers on a network (to see if a new shared device is available, for example). So you'll see other computers connecting to you commonly on ports 138, 139, 445 (NetBIOS Name Service), 2869 (I think this is SSDP Discover Service). This means that Windows leaves those ports opened. Unfortunately worms exploit those open ports too.
It depends on how you connect to the internet. You have a router and all in-house computers are connected to it? Or all your computers use the same ISP.
Anyway you should know the IP-s of computers in your home and those IP-s need to be static to properly configure a firewall.
Sharing apps lice DC++ and uTorrent can cause firewall pop-ups when others are trying to connect to you and get the files you share/seed. You need to configure the sharing clients to use a specific port to properly configure a firewall.
This won't conflict with VPN but you might notice a slowdown depending on your location. IMO currently Comodo DNS doesn't add much to protection. I personally don't have it installed. Important: The firewall might interfere with your VPN. You had Win7 firewall disabled to be able to use the VPN?
Sorry. Changed your permissions so you can view attachments.
That is a False Positive most likely. In Defense+ -> Defense+ Settings -> Execution Control Settings there is an Exclusions button. Click it. In the list that opens add (Add -> Browse) C:\Program Files\DAEMONTools Lite\DTLite.exe if it is not there already.
Strange indeed since the real file (C:\Windows\System32\nvvsvc.exe) is digitally signed by nVidia. Check your CIS Logs (Events), find the file and do as others suggested. But make sure you upload the file that triggered the pop-up. If it is a file in another folder it might be malicious.
Windows has some services that scan computers on a network (to see if a new shared device is available, for example). So you'll see other computers connecting to you commonly on ports 138, 139, 445 (NetBIOS Name Service), 2869 (I think this is SSDP Discover Service). This means that Windows leaves those ports opened. Unfortunately worms exploit those open ports too.
It depends on how you connect to the internet. You have a router and all in-house computers are connected to it? Or all your computers use the same ISP.
Anyway you should know the IP-s of computers in your home and those IP-s need to be static to properly configure a firewall.
Sharing apps lice DC++ and uTorrent can cause firewall pop-ups when others are trying to connect to you and get the files you share/seed. You need to configure the sharing clients to use a specific port to properly configure a firewall.
This won't conflict with VPN but you might notice a slowdown depending on your location. IMO currently Comodo DNS doesn't add much to protection. I personally don't have it installed. Important: The firewall might interfere with your VPN. You had Win7 firewall disabled to be able to use the VPN?
Sorry Laserwraith. I don´t have permission to access your image
Sorry. Changed your permissions so you can view attachments.
- Feb 25, 2011
- 277
RE: NCLR need recommendation on improvements.
Thx Bogdan.
Just installed Comodo on all 3 pc´s at home. Every time i finished an install i get a warning that a connection is trying to be made from another computer. The IP varies on the last 2 numbers. My IP ends with 64 the others with 65 and 68. So i figure it´s the other comps in my network trying to connect i´m being warned about!?
The printer works fine from all 3 comp´s after configuring my home network.
Never disabled my Windows FW in order to use my VPN. Tried it last night and it seems to function as it´s supposed. I don´t use the DNS-service on any comp.
I´ll send the driver to be checked out later. (now it´s trusted! Don´t know why it wasn´t at the beginning)
...and thx for letting me access the pictures in the forum ;-)
Thx Bogdan.
Just installed Comodo on all 3 pc´s at home. Every time i finished an install i get a warning that a connection is trying to be made from another computer. The IP varies on the last 2 numbers. My IP ends with 64 the others with 65 and 68. So i figure it´s the other comps in my network trying to connect i´m being warned about!?
The printer works fine from all 3 comp´s after configuring my home network.
Never disabled my Windows FW in order to use my VPN. Tried it last night and it seems to function as it´s supposed. I don´t use the DNS-service on any comp.
I´ll send the driver to be checked out later. (now it´s trusted! Don´t know why it wasn´t at the beginning)
...and thx for letting me access the pictures in the forum ;-)
LaserWraith
Level 1
- Feb 24, 2011
- 497
RE: NCLR need recommendation on improvements.
It is my policy to not allow any incoming connections, unless something goes wrong. I'm weak in the networking part of computers.
It is my policy to not allow any incoming connections, unless something goes wrong. I'm weak in the networking part of computers.
bogdan
Level 1
- Jan 7, 2011
- 1,362
RE: NCLR need recommendation on improvements.
Probably those are your in-house computers. You can open a command-prompt on each of them and run ipconfig /all to see their ip-s (IPv4 Address). If those are the only computers on the network connections from them are safe, since you have CIS installed on them too.
Probably those are your in-house computers. You can open a command-prompt on each of them and run ipconfig /all to see their ip-s (IPv4 Address). If those are the only computers on the network connections from them are safe, since you have CIS installed on them too.
- Feb 25, 2011
- 277
RE: NCLR need recommendation on improvements.
Didi a checkup on "what´s my ip" on them before and came up with "this is a private IP-adress and connot be traced". When reading info about this it states that multiple computers in the same network gets thoose ip´s. But i´ll check in config aswell.
Didi a checkup on "what´s my ip" on them before and came up with "this is a private IP-adress and connot be traced". When reading info about this it states that multiple computers in the same network gets thoose ip´s. But i´ll check in config aswell.
- Status
Similar threads
