itman

Most Valued Members
  • Content count

    913
  • Joined

  • Last visited

  • Days Won

    27

itman last won the day on February 17

itman had the most liked content!

1 Follower

About itman

  • Rank
    N/A

Profile Information

  • Gender
    Male

Recent Profile Visitors

551 profile views
  1. I get the same error in IE11. I just used the Geocerts web site to validate my bank web site and it had no problems with certificate pining. Appears there is interestingly, an issue with Eset SSL protocol scanning ignoring its own web site although it uses an EV certificate - or worse - there is a problem with certificate pinning on the Eset web site. BTW - the root cert. the Eset web site uses is issued by Thawte Primary Root CA - G3 and has nothing to do with the Eset root cert. used for SSL protocol scanning. -EDIT- Figured it out. When you connect to Eset, you connect to a country specific domain name. For me it's www.eset.com/us. So, www.eset.com is not a valid URL.
  2. For those who question who question the need for SSL scanning, here is a recently published Zscaler report on the subject: https://www.zscaler.com/blogs/research/rise-ssl-based-threats-1
  3. Recently Eset published this blog posting: http://www.welivesecurity.com/2017/02/13/next-gen-security-software-myths-marketing/ To it, I will add this absolutely hilarious Kaspersky blog posted titled 'Rocket AI And The Next Generation Of AV Software' here: https://securelist.com/blog/opinions/77454/rocket-ai-and-the-next-generation-of-av-software/ . Bottom line - software buyer beware. Investor, doubly beware!
  4. In IE11, there really are no direct settings to control font usage other than to permit font downloads which is enabled. However in Win 10, fontdrvhost.exe does run in AppContainer which might not be 100% compatible w/IE11 since again, there is no issue when using Edge.
  5. You don't. You can get a new license directly from Eset or any one of its authorized distributors.
  6. Make sure gamer mode is enabled per the below screen shot. Note the following Eset help comments on use of Gamer mode: Gamer mode Gamer mode is a feature for users that demand uninterrupted usage of their software, do not want to be disturbed by pop-up windows, and want to minimize CPU usage. Gamer mode can also be used during presentations that cannot be interrupted by antivirus activity. By enabling this feature, all pop-up windows are disabled and the activity of the scheduler will be stopped completely. System protection still runs in the background but does not demand any user interaction. You can enable or disable Gamer mode in the main program window under Setup > Computer protection by clicking MODULE_INACTIVE or MODULE_ENABLED next to Gamer mode. Enabling Gamer mode is a potential security risk, so the protection status icon in the taskbar will turn orange and display a warning. You will also see this warning in the main program window where you will see Gamer mode active in orange. Activate Enable Gamer mode when running applications in full-screen mode automatically under Advanced setup (F5) > Tools to have Gamer mode start whenever you initiate a full-screen application and stop after you exit the application. Activate Disable Gamer mode automatically after to define the amount of time after which Gamer mode will automatically be disabled. If the Personal firewall is in Interactive mode and Gamer mode is enabled, you might have trouble connecting to the Internet. This can be problematic if you start a game that connects to the Internet. Normally, you would be asked to confirm such an action (if no communication rules or exceptions have been defined), but user interaction is disabled in Gamer mode. To allow communication, define a communication rule for any application that might encounter this issue, or use a different Filtering mode in the Personal firewall. Keep in mind that if Gamer mode is enabled and you go to a webpage or application that might be a security risk, it may be blocked without any explanation or warning because user interaction is disabled.
  7. This would only be necessary if you are using the firewall in Interactive mode. If so, the firewall will alert on Thunderbird outbound traffic and you can create appropriate outbound rules at that time. Ports vary based on e-mail protocols used; IMAP/S or POP/S.
  8. Make sure the Eset cert. in TBird has cert. trust settings as shown in the below screen. @Marcos My Eset cert. in T-Bird did not have mail users enabled. Believe that has to be enabled?
  9. I used to run the Eset firewall in Interactive mode but eventually abandoned that mode after upgrading to Win 10. There is just too much internal outbound traffic from Win 10 without "borking" something necessary with an outbound firewall rule. If Win 10's telemetry is a concern, most of that can be disabled either directly or by using a third party product such as OOSU10.
  10. Oops - thought you were referring to the VB report. I believe the concept of creating an AMSI "like" interface in the browsers was correct. The use of the existing Win 10 AMSI interface was not since it was designed to monitor stand-alone script execution.
  11. Did you try to do this in Chrome as posted previous? Minimize the Eset BP&P web page and see if the bank site opens with the green bar around it. If the bank web page doesn't show, click on the browser tab for the bank and see if it opens with the green bar around the web page.
  12. Minimize the Eset BP&P web page and see if the bank site opens with the green bar around it. If the bank web page doesn't show, click on the browser tab for the bank and see if it opens with the green bar around the web page. I have something similar in IE11 on Win 10. If running in In-Private mode, the Eset BP&P web page appears full screen and remains. Minimizing it, shows my banking web site home page with green border and Eset BBP tab. Believe the issue with IE is when running as In-Private, the source IE process is running under runtimebroker.exe under svchost.exe.
  13. Ensure PUA detection is enabled in Eset. Then run an Eset scan and see if it detects anything. If it doesn't detect anything, then you can try the solution posted below. Qtipr.com is a browser hijacker that is bundled with other free software that you download off of the Internet. Once installed it will set the homepage and search engine for any installed browsers to http://qtipr.com without your permission. Malwaretips.com has a guide on how it can be removed here: https://malwaretips.com/blogs/remove-qtipr-com/
  14. Appears when you uninstalled Adguard, it was not fully uninstalled. That is why is recommended to run the vendor's supplied "clean" utility if they have one to fully remove all remnants of it. Or, use an uninstaller/cleaner such Revo Uninstaller Pro to do the same. Also as I mentioned previously, Adguard performs SSL protocol scanning. So does Eset. The more SSL is intercepted, the higher the likelihood that the processing will be "borked" in some way. You should verify that this new beta ver. of Adguard basically just internally disables its SSL scanning when it detects an AV product that does the same.