itman

The URL resolved fine on Firefox:

Microsoft requires a special cert. only issued to vetted AV vendors to sign their amsi.dll. That cert. costs $$$$. Eset, always trying to save a buck, won't fork up the money to purchase the cert..

FYI:
Block installation of Tor browser. Hash for current version is shown below:

 

FYI:

It appears Eset terminated all support for Win XP yesterday:

It appears Eset terminated all support for Win XP yesterday:

It appears Eset terminated all support for Win XP yesterday:

Eset never ceases to flabbergast me on the way they do things. I am not "going to mince any words here."
What Eset is doing in regards accessing Eset eStore account data is not two factor authorization. 2FA requires two distinct authorization methods are performed prior to any account information is displayed. Entering publicly available data, displaying partial account data, and then performing a second authorization method from the partial account data screen is not an authorization method.
Refer to how major banks perform 2FA.
1. You access their public web site.
2. You enter the first authorization method on that web site. This is usually a user id and password.
3, Once the first authorization method has been verified, the second verification method is initiated. This may be the sending of a numeric code to a previous setup up phone number stored in existing user account data. Once that code is received, it is entered into the existing logon screen and account data access is granted.
Likewise, when e-mail link authorization is used which BTW is insecure, it would be initiated only after user id password authorization verification was completed.
There "must be something in the drinking water" there in Slovakia ..........................

The problem is these rootkit driver samples were submitted to VT without any related software use. Unless the loaded driver is specifically used by one or more Win OS components, the loaded driver does nothing. This is confirmed by the cloud sandboxes that originally examined the drivers; none found them malicious.
Assumed is the security solutions that originally detected these drivers at VT did so via generic signature heuristic scanning detection.
Since CloudStrike Falcon detected the first driver sample as malicious at VT, I regenerated a new scan report at the Hybrid-Analysis web site: https://www.hybrid-analysis.com/sample/eaad75470e21084ab3a38f6cb0f3aa72d4203260515619f8703e3fc80e800d7a/6327815d896b877bb501614e . Besides factoring in existing VT AV detections, the other element in the malicious rating was a MITRE factor as to ntoskrnl.exe access. Again, it appears the driver code was examined versus any driver behavior activities.

The problem is these rootkit driver samples were submitted to VT without any related software use. Unless the loaded driver is specifically used by one or more Win OS components, the loaded driver does nothing. This is confirmed by the cloud sandboxes that originally examined the drivers; none found them malicious.
Assumed is the security solutions that originally detected these drivers at VT did so via generic signature heuristic scanning detection.
Since CloudStrike Falcon detected the first driver sample as malicious at VT, I regenerated a new scan report at the Hybrid-Analysis web site: https://www.hybrid-analysis.com/sample/eaad75470e21084ab3a38f6cb0f3aa72d4203260515619f8703e3fc80e800d7a/6327815d896b877bb501614e . Besides factoring in existing VT AV detections, the other element in the malicious rating was a MITRE factor as to ntoskrnl.exe access. Again, it appears the driver code was examined versus any driver behavior activities.

Courtesy of BankofAmerica.

Here's Intel's article on its Threat Detection Technology: https://www.intel.com/content/www/us/en/architecture-and-technology/vpro/hardware-shield/threat-detection-technology.html . It's fairly obvious its only available on vPro platforms.
Since Eset's press release specifically references Intel® Threat Detection Technology, I am skeptical of any Eset enhancements not related to vPro w/9th gen.+ Core processor platforms.

https://www.intel.com/content/www/us/en/products/docs/processors/core/9th-gen-core-desktop-brief.html
Pertaining to Intel SGX:
https://www.intel.com/content/www/us/en/architecture-and-technology/software-guard-extensions.html
Obviously, a vPro setup w/Eset additions will offer superior protection.

I will also add, Kaspersky has had a UEFI based AV solution for some time: https://usa.kaspersky.com/antivirus-for-uefi . All that is required is the OEM motherboard vendor has to employ it in its firmware.

This article explains what the differences are between Intel processor's and vPro based platforms: https://www.differencebetween.com/difference-between-intel-core-i7-and-vpro/ .
"In a nutshell" Intel vPro refers to features only available on select Intel processor and motherboard combo's. As a rule, Intel motherboards are expensive resulting in them only present in high-end business class PC's.

Doesn't apply to me or many others using non-business class PC's or one's that use AMD CPU's:

Per Eset press release:
Eset did not specifically state they will not support pre-9th Gen processors. Support for older vPro compatible processors might be added at a later date.

https://www.intel.com/content/www/us/en/products/docs/processors/core/9th-gen-core-desktop-brief.html
Pertaining to Intel SGX:
https://www.intel.com/content/www/us/en/architecture-and-technology/software-guard-extensions.html
Obviously, a vPro setup w/Eset additions will offer superior protection.

I would recommend the uBlock Origin browser extension. By default, it will enable all its major TPL's plus EasyList/Privacy TPL's and offers the ability to enable other TPL's such that you might think relevant. You can also add custom block lists from sources such as GitHub.

Verify the following highlighted setting is enabled in Eset GUI:

Also verify that Eset logging verbosity level is set to Informative:

For me, this sums up the state of malware detection at Eset.
You have 32/71 VirusTotal vendors detecting it as malicious; first submission there was 8/14. There is at least one respected public cloud sandbox giving it a 100/100 malicious verdict. Yet, Eset VirusLab after hours of behavior observation can't determine if the sample is malicious.

Well, miracles do happen!
Eset finally acquired the proper signing cert. from Microsoft:

Well, miracles do happen!
Eset finally acquired the proper signing cert. from Microsoft:

This keeps coming up in the forum; over and over again.
If the file is deemed safe by LiveGuard, you will not get an Eset safe popup notification and the file will be silently unblocked.
The only time you will receive an Eset safe popup notification is if you attempted to access the file while it was in a LiveGuard blocked state.

Verify the following highlighted setting is enabled in Eset GUI:

Also verify that Eset logging verbosity level is set to Informative: