100

Have you also tested it as follows: Start a software (e.g. browser) in a sandbox. Install or update a software outside Sandboxie. Exit the program in the sandbox and try to clear it. This is how the problem always occurred with me.

Yes, I can confirm the detection. I also use Firefox, but inside Sandboxie and the SSL/TLS filter no longer works if Firefox is inside Sandboxie. https://community.sophos.com/products/sandboxie/f/sandboxie-forum/113772/ssl-filtering-with-eset-doesn-t-work-with-firefox-67-0-x-in-sandboxie But the file was detected and deleted during the download. :-)

Yes, the Eset lab could do it. ;-)

Because of this article I have downloaded the three Zip archives: https://www.bamsoftware.com/hacks/zipbomb/ Only zblg.zip was detected as a zip bomb by Eset after the download and therefore deleted. zbsm.zip was probably too small, but zbxl.zip was probably not recognized because of zip64. 7-zip can do zip64, but of course I won't open it and don't have the courage to do a context scan with Eset.

I was just playing with it. It's no problem to trust the internal list. I think it will be updated automatically if one of the pages suddenly contains malicious code. For trusted domains with payment functionality it is better not to break the encryption. This is probably the intention of the internal trused list.

No, to "scan". Example: Amazon.com is on the internal list of trusted domains and therfore it is not scanned by the SSL/TLS MITM. The displayed certificate is from Verisign. If I add this certificate to the list of known certificates and set it to "scan" (the same with "auto"), the displayed certificate should be Eset, but it is still Verisign (even after restarting the browser).

Hm, a domain on the internal list of trusted domains cannot be filtered by an entry in the list of known certificates? I have tested it and it seams to be that the internal list of trusted domains have always priority.

Thank you very much, Marcos. Sorry, I overlooked this setting.

I noticed, that the SSL/TLS-MITM doesn't work for many sites (like Eset, Google, Paypal, Ebay, Amazon, Youtube). The certificates are not shown as "Eset, spol. sr. o.". On Facebook and Twitter the filter is working. I have tested it with Firefox 67.0.4 and Internet Explorer 11 on Windows 7 x64 and also with the filter settings automatic and scan.