Jump to content

Archived

This topic is now archived and is closed to further replies.

ronnie

Is Eset Smart Security Corrupt

Recommended Posts

I am logging off for the night.

You should repeat the QUALS test in FireFox and see if it can now run successfully.

Share this post


Link to post
Share on other sites

Checking the "Other User Agents" stats on the QUALS SSL Client test, I see no references for FireFox or Chrome for Win 10. The omission of same leads me to believe that the test is not supported for those browsers running under Win 10. I wasn't aware of that till now. Sorry for the inconvenience caused.

The use of Chrome and Eset's SSL protocol scanning has been problematic in the past. Also issues seem to "crop up" with every new Chrome release. So I will pass on comments related to Chrome issues.

Why IE11 is having a problem with SSL protocol scanning on your PC is a mystery. If there is any browser that is compatible with all Eset features, it is IE.

Check this:

1. In Eset, go to Setup.

2. Select Internet Protection.

3. Click on the gear wheel symbol for Web Access Protection.

4. On the left hand side of the page, click on Web and Email.

5. Click on SSL/TLS

6. For List of SSL/TLS filtered applications, click on Edit.

All your browsers should be listed there with their Scan Action set to Automatic as shown in the below screen shot. If IE and/or Chrome are not listed, you will have to add them manually. Then set Scan Action to Automatic for each.

Have you checked Edge to see if SSL protocol scanning works with it? 

Eset_SSL-TLS_Apps.png

Share this post


Link to post
Share on other sites

They are all on there and set to auto. I don't have Chrome so that is not on it.

Edge does not work either.

I did notice on your screenshot that explorer.exe was on your screenshot. Would it be ok to add that.

I also noticed that Firefox has only the one listing for the (x86) version on it.

 

Share this post


Link to post
Share on other sites
12 minutes ago, ronnie said:

I did notice on your screenshot that explorer.exe was on your screenshot. Would it be ok to add that.

No need to. I just added it for a bit extra protection.

13 minutes ago, ronnie said:

I also noticed that Firefox has only the one listing for the (x86) version on it.

If you run the x64 ver. of FireFox, this would explain why you can connect to all HTTPS web sites w/o issue. SSL protocol scanning is not in effect.

Share this post


Link to post
Share on other sites

One other thing to check.

Verify the Windows firewall service is running and is set to Automatic as shown by the below screen shot. If it is not running, start the service. If it is not set to Automatic, set to same.

If you don't know how to do this, follow these steps:

1. Enter "admin" in the "Search Windows" box in the bottom toolbar of the desktop. Click on Administrative Tools.

2. Double click on Services. Click on "Yes" when the UAC prompt is displayed.

 

Eset_Win_FW.png

Share this post


Link to post
Share on other sites

Try the following:

1, Disable SSL/TLS filtering.
2, Restart the computer.
3, Launch Firefox.
4, Check Firefox' Trusted root CA certificate store and make sure there is no ESET root certificate installed.
ff_trca_certstore.png

5, Close Firefox (make sure it's not among running processes).
6, Re-enable SSL/TLS filtering.

If you go to https://www.youtube.com for instance, does it open fine or you get SSL_ERROR_BAD_MAC_ALERT error?

Share this post


Link to post
Share on other sites

Windows Firewall is set to automatic and running.

Running sfc /scannow at the moment and will try the root certificate after that finishes.

No sign of eset on root certificate. You tube will not open properly and get the SSL-Error_BAD_MAC__ALERT back again.

I hope you have a cunning plan.

 

Share this post


Link to post
Share on other sites

First, recheck Eset root certificate not in FireFox Authorities certificate store.

If not there, looks like you're going to have to manually import it. You do that by:

Go to ESET Settings -> Internet Protection -> Web Access Protection -> Web and Email -> SSL/TLS -> Root Certificate -> View certificate -> click on Details (tab) -> click on Copy to File... -> select DER encoded binary X.509 (.CER) -> Save the file somewhere on the computer; preferably the desktop.

Next open FireFox and repeat Marcos's step 3. and 4. instructions. Ensure that the "Authorities" tab was selected. Somewhere on that screen should be an "Import" button. Click on that and follow the instructions to import the Eset root certificate that was previously saved to the desktop.

After Import is completed, close FireFox. Then re-open it and verify Eset certificate is present.

Finally, check utube web site to see if it can be accessed.

Share this post


Link to post
Share on other sites
2 hours ago, ronnie said:

No sign of eset on root certificate. You tube will not open properly and get the SSL-Error_BAD_MAC__ALERT back again.

Ok, so I take it that there's no ESET root certificate on the Authorities tab with SSL/TLS filtering disabled but when you re-enable it the root certificate is added automatically. Is that correct?

Share this post


Link to post
Share on other sites

Sorry for the delay. Yes Eset is back on the root certificate on Firefox but I have had to post this with SSL switched off as I keep getting  SSL_ERROR_BAD_MAC_ALERT.

Share this post


Link to post
Share on other sites
4 minutes ago, ronnie said:

Sorry for the delay. Yes Eset is back on the root certificate on Firefox but I have had to post this with SSL switched off as I keep getting  SSL_ERROR_BAD_MAC_ALERT.

Re-verify that the version of Firefox you are using is listed is Eset's SSL/TLS filtered applications and the file name path for the.exe specified is correct. Also, that "Automatic" is selected.

Share this post


Link to post
Share on other sites

Ok think I found the problem.

In Firefox 50.1.0 Advanced found that When a Server requests my personal certificate ask me every time was dotted.  Changed that to Select one automatically and Firefox is working again with SSL switched on.

it says on root certificate. Eset, spol. s r. o.

Eset SSL Filter CA

Youtube works. So looks like Firefox is back to its working condition.

Tried youtube on Internet Explorer and Edge. They partly open with blue coloured columns down the left hand side. Still not usable though. 

Share this post


Link to post
Share on other sites

As far as IE goes, it uses the Windows root CA certificate store. Verify that Eset certificate is stored there as follows:

1. Enter cert in the Search Windows box.

2. Click on Manage User Certificates. Click on Yes to the UAC prompt.

3. Click on Trusted Root Certificate Authority Certificates. Then click on Certificates.

4. Scroll down to verify the Eset root certificate is installed as shown in the below screen shot.

 

 

Eset_Win_Cert.png

Share this post


Link to post
Share on other sites

Do the following after opening IE:

Select Tools -> Internet Options -> Click on Content tab -> Certificates -> Trusted Root Certificate Authorities.

Verify that Eset certificate is present.

If Eset certificate is present, return back to the Content screen in Internet Options and click on Clear SSL Cache. When that completes, close IE. Reopen IE and now try to access the utube web site.

Share this post


Link to post
Share on other sites

Sorry about the delay but when i reboot on this it stays on a black screen so took me a while to get out of it.

Apart from that Eset was where you said it would be. Then removed the SSL cache. Then ran youtube.but only part of it opens. just the odd columns on the left with blue printing.

 

Share this post


Link to post
Share on other sites
14 minutes ago, ronnie said:

Sorry about the delay but when i reboot on this it stays on a black screen so took me a while to get out of it.

Apart from that Eset was where you said it would be. Then removed the SSL cache. Then ran youtube.but only part of it opens. just the odd columns on the left with blue printing.

Just realized the utube link Marcos posted is not a good test for SSL protocol scanning since Eset has whitelisted the cert. it uses.

Try this site: https://www.malwarebytes.com/ . I verified that it is using Eset's cert. indicating that SSL protocol scanning is in effect.

Share this post


Link to post
Share on other sites
2 hours ago, ronnie said:

No it still does not work.

This page can’t be displayed

At this point, all I can conclude is something is wrong with the Eset root CA cert. in the Windows root CA store. Do you still have the Eset root CA cert. you previously created on your desktop?

Share this post


Link to post
Share on other sites

Probably not itman I usually get rid of things not needed. All I have on my computer is  Eset_logs file or download.

Can you remind me what i am looking for.

Share this post


Link to post
Share on other sites

In a prior posting, I described how to export the Eset root cert., save it, and import it into FireFox. I am referring to that saved certificate.

 

Share this post


Link to post
Share on other sites

Did as you said and everything went well. malwarebytes opened ok. I presume that I have to turn SSL on again.

The problem is that I was not having problems with Firefox just I/E and Edge.

Is there a way to do that with I/E.

Share this post


Link to post
Share on other sites
1 hour ago, ronnie said:

Did as you said and everything went well. malwarebytes opened ok. I presume that I have to turn SSL on again.

The problem is that I was not having problems with Firefox just I/E and Edge.

Is there a way to do that with I/E.

Hum ........ Looks like you misunderstood me. I only wanted you to check if you had saved the Eset cert. somewhere; not do the whole FireFox cert. import thing again?

Before we continue, turn on SSL protocol scanning and see if you can connect to Malwarebytes site in FireFox.

Share this post


Link to post
Share on other sites

Yes sorry itman woke up at 4am this morning and thought. If it works on Firefox Browser and I do not need to enable SSL again everything should work.

So opened I/E and just typed Malwarebytes into address bar and everything worked..

So in theory would everything be Ok if SSL is left disabled as it is still in Firefox Browser.

Or should SSL be enabled again in Eset.

 

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...