100
Members-
Posts
95 -
Joined
-
Last visited
Everything posted by 100
-
zip bombs with zip64 not detected
100 replied to 100's topic in ESET Internet Security & ESET Smart Security Premium
Yes, I can confirm the detection. I also use Firefox, but inside Sandboxie and the SSL/TLS filter no longer works if Firefox is inside Sandboxie. https://community.sophos.com/products/sandboxie/f/sandboxie-forum/113772/ssl-filtering-with-eset-doesn-t-work-with-firefox-67-0-x-in-sandboxie But the file was detected and deleted during the download. :-) -
zip bombs with zip64 not detected
100 replied to 100's topic in ESET Internet Security & ESET Smart Security Premium
Yes, the Eset lab could do it. ;-) -
Because of this article I have downloaded the three Zip archives: https://www.bamsoftware.com/hacks/zipbomb/ Only zblg.zip was detected as a zip bomb by Eset after the download and therefore deleted. zbsm.zip was probably too small, but zbxl.zip was probably not recognized because of zip64. 7-zip can do zip64, but of course I won't open it and don't have the courage to do a context scan with Eset.
-
I was just playing with it. It's no problem to trust the internal list. I think it will be updated automatically if one of the pages suddenly contains malicious code. For trusted domains with payment functionality it is better not to break the encryption. This is probably the intention of the internal trused list.
-
No, to "scan". Example: Amazon.com is on the internal list of trusted domains and therfore it is not scanned by the SSL/TLS MITM. The displayed certificate is from Verisign. If I add this certificate to the list of known certificates and set it to "scan" (the same with "auto"), the displayed certificate should be Eset, but it is still Verisign (even after restarting the browser).
-
I noticed, that the SSL/TLS-MITM doesn't work for many sites (like Eset, Google, Paypal, Ebay, Amazon, Youtube). The certificates are not shown as "Eset, spol. sr. o.". On Facebook and Twitter the filter is working. I have tested it with Firefox 67.0.4 and Internet Explorer 11 on Windows 7 x64 and also with the filter settings automatic and scan.
-
I have set Internet Explorer as my default browser and Sandboxie is set to always force it into a sandbox. The mail program should open links in Internet Explorer, which then starts automatically in a sandbox. All browsers have their own sandbox, which will always be emptied, when the browser will be closed. That's why I can't use Esets secure banking. It would be very helpful when the browser for secure banking could be set in the settings of Eset. Maybe then it would be possible to copy iexplore.exe to iexplore_2.exe and use it for Esets banking protection, as it would not automatically be forced into Sandboxies sandbox.
-
On 01. August 2018 I had an empty Eset popup in the right corner above the taskbar. It had a blue bar in the upper third and a blue button on the left and a white button on the right. But in the entire popup was absolutely no text, not even on the buttons. So I don't know, what was the reason. I did not click on any button and the popup was closed after a while. There is also an empty log entry in the Eset event log (for modul "system kernel", but the event field is empty) and it is between the hourly update cycle.Therefore an update can not be the reason. It is the absolutley first time, that I had this with Eset.
-
The both exclusions does also exclude the subfolders "automaticdestinations", which contains the "automaticDestinations-ms" files. These files contains the jump list entries. The problem has also exists after deleting all files and links in "recent" and the subfolders and a Windows restart. Without the exclusions I couldn't pin folders to the jump list. After the latest modul update the problem doesn't exists anymore.
-
After an right click to the windows explorer icon in the task bar, the jump list is shown as empty and then the explorer.exe process consumes 13 % CPU usage and up to 100 MB RAM for 1-2 minutes. But after that, the jump list is still shown as empty. It seems to be, that this issue is caused by an module update. Workaround: Add the following paths to the scan exclusions. C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent C:\Users\[username]\AppData\Roaming\Microsoft\Windows\Recent
-
Yes, thank you! But I have tried so many things without any success (also add the SSL certificate of the used domain and set its filtering to ignore, or add 40 IPs to the exclusion list). So I think now that it will be the best to disable Eset completely and if this doesn't make any difference I can sure, that Eset isn't the reason. :-)
-
I use an realtime application which have an builtin community chat and very often the new message notification doesn't disapperars when the new messages are read. It persists also after the application is restartet because the message state is saved in an file. It doesn't help to read the message again and again. It seems to be, that the correct state is sometimes not received from the server. I can solve it temporarily when I delete the file which stores the state. The application support cannot reproduce this problem which I have since some month. The application uses internal some parts of the Internet Explorer (like winamp or Windows Live Mail), but I have cookies allowed for the domain which is used by the application. I have also done antivirus exclusions for "\AppData\Roaming\application A\*" and "C:\Program Files (x86)\application A\*" but it doesn't help. I'm not sure that Eset is the reason and therefore I will now disable antivirus and firewall for some days. It should not be a security problem because I'm behind a router and I use always sandboxie for all browers and winamp. Each browser and winamp has its own sandbox, always cleared when the browser/winamp is closed.
-
Is it possible to use wildcards in "web and e-mail" > "protocol filtering" > "excluded applications"? Example: C:\Program Files (x86)\Application A*\application*.exe for: C:\Program Files (x86)\Application A\application.exe C:\Program Files (x86)\Application A 2\application.exe C:\Program Files (x86)\Application A 2\application_2.exe C:\Program Files (x86)\Application A 3\application.exe C:\Program Files (x86)\Application A 3\application_3.exe