Marcos

It doesn't matter. It's useful if you had some allowing Windows firewall rules created before installing ESS/EIS. Enabling this option would cause ESS/EIS to honor those rules.

Please run the msi installer with the parameter "/lvx* install.log" to generate an install log. When done, post the log here (attach the file, do not paste its content).

For the time being avoid using learning mode which is known to cause issues for some reason. If you encounter issues with learning mode, such as not being able to execute files or when network communication is blocked, we'll need to get a complete memory dump from a manually initiated crash when the issue occurs.

Is anybody having these issues even with default firewall settings, in particular with automatic firewall mode and no custom rules created?

V10 doesn't use the epfwlwf driver any more.

You should get a blank browser window with a message like Secure Connection Failed An error occurred during a connection to www.stammtisch-rot-schwarz.at. Peer received a valid certificate, but access was denied. Error code: SSL_ERROR_ACCESS_DENIED_ALERT

If you went to anz.com for the first time after installing ESET, were you asked if you want to open it in a secured browser? If you open a secured browser by clicking the appropriate icon on your desktop, does it open? If so, what happens if you attempt to open the bank's website in it? I haven't had any issues opening it as you can see below:

As far as I know, it's not possible to copy a file to quarantine without actually taking any action.

That's weird, clicking the link in my post actually opens the ESET UK website:

Do you mean that those VMs are completely frozen after upgrading to EPv6.5 and restarting them doesn't make any difference? The best would be if we could get a complete memory dump generated during a manually initiated crash (https://msdn.microsoft.com/en-us/library/windows/hardware/ff545499(v=vs.85).aspx).

See https://forum.eset.com/topic/11526-encrypted-network-traffic-untrusted-certificate/.

I have no clue what bank cards are accepted in particular countries, however, I'd suggest raising a ticket or calling your local customer care to find out: https://www.eset.com/uk/enquiry/support/

Could you try running the Uninstall tool in safe mode and installing EIS from scratch?

Please report possible language issues through your local distributor ESET ME (https://www.eset.com/me/).

You can set a password to protect settings and to prevent uninstallation. To set a password, open the advanced setup (F5) and navigate to User interface -> Access setup. ESET's processes ekrn.exe and egui.exe are protected by self-defense so there's no easy way to disable them.

I forgot to mention that you should check the certificate expiry date and do not post a screen shot if the certificate is obviously expired. There are 2 screenshots where it's obvious that the certificate expired last year and because of that it's untrusted. If you open such website in a browser without SSL filtering enabled or ESET installed, the browser would reject to display such untrusted website too. As for the mega-tags.com certificate, it seems to be an issue with plug-ins that utilize a root certificate (ie. not verified by a trusted CA). Decryption occurs in the browser itself, ie. after ESET has checked the certificate and could not verify it. I assume that temporarily switching to interactive SSL filtering mode in the advanced setup -> Web and email -> SSL/TLS and excluding the root certificate could work.

So you are using a VPN plug-in in a browser?

It is not an issue of ESET that untrusted certificates are used in https communication. Since you haven't posted a screen shot of such certificate details, please do so so that we can find out what's wrong with the certificate(s).

We're in touch with people from Dropbox but currently there's no solution yet.

Have you tried deleting the content of "C:\ProgramData\Application Data\ESET\ESET Remote Administrator\Server\updfiles" and c:\mirror ? Do you use the latest version of ERA (5.3.39)?

Let's remove the largest file(s) from the archive to reduce its size.

Please click certificate details in an ESET notification about untrusted certificate and post a screen shot of it here.

Please provide me with ESET Log Collector logs from that machine. For instructions how to collect them, see the appropriate link in my signature.

I would also add that ICMP communication is enabled in the Trusted zone by default (you'll see that rule after enabling the display of built-in rules). That said, configuring the Trusted zone properly should allow ICMP without creating new or adjusting existing firewall rules.

To start off, please post the scan log. It's normal that many files cannot be accessed and scanned even if you run a scan as administrator due to being exclusively used by the operating system.