100

Ah, I see. I have now added the SSL/TLS check for Ketarin. Thanks, Marco!

Thank you very much, Marco! But I still have a few questions: 1) Are unknown files automatically blacklisted? 2) Does real-time protection (and therefore the blacklist) only work for downloads via a browser? Ketarin was able to download the file undisturbed. If it had actually contained malicious code, that would have been a security risk. If I hadn't checked the reputation (which I don't normally do), I could have simply installed it from my Ketarin download folder, because the file scanner had nothing to complain about. I use Ketarin for several programs to download their updates automatically, but install them manually.

I have an installation file of a program (hardcopy) that Eset considers clean during the scan (via the context menu). Virustotal also (except for 1 detection out of 67, by VBA32). If I then check the reputation via the context menu, it immediately moves it to quarantine as a suspicious object. It can be reproduced again and again: Restore from quarantine ► scan via the context menu ► clean || check reputation ► quarantine. I always download the latest version of Hardcopy automatically via the Ketarin update tool. The file ends up in the download folder without any problems. However, if I download it using a browser, Eset immediately moves it to quarantine. I haven't even activated the additional Eset browser protection. So obviously a reputation check is always carried out when downloading with the browser. The fact that the swsetup.in_ could not be unpacked during the scan cannot be the problem, because this is also the case with older versions of this software and, after all, the file scanner did not report anything, only the reputation scanner. https://www.virustotal.com/gui/file/339e6bbc9fc221f9955769eb3b332d2eac479d41409c0a61672866f106d2adac?nocache=1 Website in English: https://gen.hardcopy.de File: h**ps://www.hardcopy.de/hc.exe

There is no explanation of EPNS in the product help. It is not even mentioned. That's why I searched and finally found this: https://help.eset.com/protect_cloud/en-US/epns.html However, it is still not clear to me what EPNS does with EIS (for example). Are these notifications for a) EIS itself, e.g. to change the update frequency, although they are set to 1 hour in the EIS task scheduler? b) Or are they notifications to the user (license expiry, marketing)? c) Or even both? However, EIS already knows the license date and can therefore generate a notification itself before it expires. And marketing would certainly not justify a warning. So only a) remains. Since you can't do anything about the failure of EPNS anyway, you can switch off the warning. You can switch it on again at a later date: https://help.eset.com/eis/17/en-US/idh_config_ui_notifications.html itman mentioned the port 8888. On the linked page it is 8883, but that is probably because they are different products.

Marcos is right! The post by arcanum marked as a "solution" is not a solution! You should unmark the solution and wait for Eset's solution.

I was too quick with the post about the 1334. Apparently it takes a while for the script scanner to take effect in Sandboxie after it has been switched on. In any case, every tab crashed again with the 1334. Now I have activated the pre-release updates and with the 1335 it actually doesn't happen anymore. I'll still wait a week before marking it as solved. Maybe the tabs will crash again after a while.

Hm, even with Firefox 120.0.1, Sandboxie classic 5.67.3 and the browser protection module 1334 (1333 was probably skipped) I no longer have any problems with the script scanner. As a precaution, I'll wait for the regular 1335 before I mark it as solved.

If browser protection is deactivated, the module does not appear in the module list at all. I have therefore temporarily activated the browser script scanner and then carried out an update. However, according to the module list, I still have version 1332 (from 17.11.2023) of the browser protection module. I realize that some updates are rolled out with a delay, but shouldn't I have at least version 1333?

I don't use Edge, which is why I have disabled everything in it that is possible, but it still doesn't show a blank/white page in Sandboxie. The November update KB5032189 cannot be installed here due to error 0x8007000D, which is why I skipped it. All known solution attempts failed. Even uninstalling EIS 16.2.15.0 did not help. I then installed EIS 17.0.15.0. The Edge browser here is still on 119.0.2151.72, but I guess that wouldn't make a difference to your problem.

Under Windows 10 x64 22h2 and Sandboxie classic 5.66.4, the Script Scanner does not cause any problems with Vivaldi or Brave, only with Firefox.

Since Eset v17.0.15.0, the Firefox browser no longer works within a Sandboxie sandbox! All tabs crash immediately on loading and if you look at the add-on page, you will notice that the icon is missing for almost all add-ons. I didn't even install the Eset "Browser Privacy & Security" add-on. The cause of the problem with Sandboxie is the Eset "Browser script scanner". As soon as you deactivate it, Firefox works again with Sandboxie.

I had rejoiced too soon. In 15.2.11 it is now unfortunately completely broken, which is why I am now back to 15.0.23. The corresponding thread for 15.2.11 is here:

Thank you very much, Marcos. I am now back to 15.0.23 and will stay with it until v16.

I rejoiced too early and marked the old thread about Windows Live Mail with 15.1.12 as solved too early, because the new plugin in 15.2.11 for Windows Live Mail is completely broken. That is: this one doesn't work at all anymore. There are apparently several bugs. 1) If only the integration for Windows Live Mail is enabled, all Eset entries in the context menu of WLM are grayed out. 2) Only if the plugin for Microsoft Outlook is also enabled, the Eset context menu entries are clickable in WLM. However, none of them works. 3) In the emails received since the update to 15.2.11, the X-Eset mail headers are missing. 4) Windows Live Mail crashes occasionally since then.

Fixed with EIS 15.2.11.

And now the original image is not visible again (again "access denied"). Did you block it on purpose now so that it is not duplicated?

Now the original image is also visible again. What was the cause? Was it suddenly classified as malware? 😉

Access to the image seems to be denied in the meantime. It was the following image:

Hm, why can't the image be displayed anymore? Is there something broken in the forum? I don't think it's the image, because it was displayed before without any problems.

It seems to be just a problem with the display of the menu items. They still work, but you have to know what you are clicking on. For those who need it before the bug is fixed.

Thanks, Marcos!

I just noticed that on Windows 7, the integration with the context menu of Windows Live Mail is broken.

"As of December 11th, the Network Attack Protection feature in ESET security products on Windows was updated to detect the vulnerability. ESET has been blocking attempted attacks from 14:24 CET the same day." https://twitter.com/cyb3rops/status/1469601401143803905

I thought so. I think wildcards don't work there, but are still accepted as input. I'm glad I could help you.

This works fine for me. Did you do it differently?