Microsoft Edge Chromium

[itman 1,062]

1 minute ago, BeanSlappers said:

Works correctly with parental controls (except for image search) and nothing is in the exclusion as well.

I have Parental Controls disabled since I don't use the feature. So this might be a factor in the non-detection. Temporarily disable it and retest to see if Eset now pops up an alert and blocks it.

[Sammo 8]

43 minutes ago, BeanSlappers said:

Yes and its set to auto for filtering mode.  Works correctly with parental controls (except for image search) and nothing is in the exclusion as well.

Change it from Auto to Scan and it will work fine.

[itman 1,062]

12 hours ago, BeanSlappers said:

Then if that affects it, then eset should fix it, because all these are supposed to work together.

Did you verify if Parental Controls is disabled, Eset shows an alert for AMTSO phishing test using FireFox 67.x?

[itman 1,062]

18 minutes ago, BeanSlappers said:

Yes and still the same thing.

Something must be wrong with your FireFox installation. Again, it works fine for me on FF 67.4.

Edited June 30, 2019 by itman

[itman 1,062]

57 minutes ago, BeanSlappers said:

That is the the link I have been testing lol, and there have been others that has been saying the same thing too lol.  Not to mention that this is a clean install of firefox.

Again, the only thing I can think of is something is wrong with your Eset SSL/TLS protocol scanning settings. On the AMTSO phishing test web page, verify that Eset's root certificate is being used:

[itman 1,062]

16 hours ago, BeanSlappers said:

Nope from GoDaddy.com.

This indicates Eset SSL/TLS protocol scanning is not functioning properly.

Check if you have first somehow excluded the AMTSO domain from scanning. Next, check if the Eset root CA certificate has been installed in Firefox's corresponding root CA certificate store.

Edited July 1, 2019 by itman

[Sammo 8]

17 hours ago, BeanSlappers said:

Nope from GoDaddy.com.

 

I have ABP Decentralize and duckduckgo essenturals on my brouwser too.

Did you change the Eset SSL/TLS protocol scanning from Auto to Scan?

[itman 1,062]

1 hour ago, Sammo said:

Did you change the Eset SSL/TLS protocol scanning from Auto to Scan?

That really isn't necessary for any of the major browsers; Firefox, Chrome, IE11, and Edge. I have use the default Eset setting of "Auto" for years w/o issue.

[Sammo 8]

37 minutes ago, itman said:

That really isn't necessary for any of the major browsers; Firefox, Chrome, IE11, and Edge. I have use the default Eset setting of "Auto" for years w/o issue.

It has been absolutely necessary for me with several of my browsers. Eset has just not been working correctly for me with out this setting and it may also be the case for some other users as well. Perhaps Eset should look into the issue. And my browsers have had access to the Eset Certificates.

Edited July 1, 2019 by Sammo

[Marcos 3,833]

6 hours ago, BeanSlappers said:

Where do I go for that?  Please remember that I am still new to this.

Is eicar detected upon download from https://secure.eicar.org/eicar_com.zip ?

[Marcos 3,833]

20 minutes ago, BeanSlappers said:

No it downloaded

Please provide logs collected with ESET Log Collector so that I can check your configuration.

[Marcos 3,833]

Logs collected with ESET Log Collector. See my signature or FAQ at the right-hand side of this forum for a link to instructions.

[itman 1,062]

13 hours ago, BeanSlappers said:

Where do I go for that?  Please remember that I am still new to this.

At this point, I would assume the Eset root certificate is not installed in FireFox. You can verify this by opening FireFox's Options and selecting the following:

Privacy & Security -> Certificates -> View Certificates.

At this point, FireFox's Certificate Manager should be displayed. The Authorities tab should have opened by default; if not, select that tab. Scroll down to where certificate names beginning with "E" are located and search for certificate beginning with "Eset."  

[Marcos 3,833]

You can also set Firefox to use the system trusted root CA certificate store by setting security.enterprise_roots.enabled to true in about:config.

[itman 1,062]

22 minutes ago, Marcos said:

You can also set Firefox to use the system trusted root CA certificate store by setting security.enterprise_roots.enabled to true in about:config.

On this regard, Mozilla will be doing so automatically starting with FireFox 68 as noted in this article: https://www.zdnet.com/article/firefox-finally-fixes-the-problems-with-antivirus-apps-crashing-https-websites/ .

Of note to Eset is the following article excerpt:

Quote

"Beginning with Firefox 68, whenever a MITM error is detected, Firefox will automatically turn on the 'enterprise roots' preference and retry the connection," Thayer said.

"If it fixes the problem, then the "enterprise roots" preference will remain enabled (unless the user manually sets the 'security.enterprise_roots.enabled' preference to false)."

"We are also recommending as a best practice that antivirus vendors enable this preference (by modifying prefs.js) instead of adding their root CA to the Firefox root store. We believe that these actions combined will greatly reduce the issues encountered by Firefox users," Thayer added.

 

Edited July 2, 2019 by itman

[itman 1,062]

40 minutes ago, BeanSlappers said:

How can i put it in there?

Follow the procedures listed in this Eset knowledgebase article: https://support.eset.com/kb3126/ .

If that doesn't work, you have three other options:

1. Do what @Marcos suggested previously. Using the FireFox about:config option, set the following parameter, security.enterprise_roots.enabled, to true. This can be done by simply toggling on the parameter. This will force FireFox to use the Windows root CA certificate store for Firefox root certificate verification.

2. Use Windows certmgr.msc tool to export the Eset root certificate from the Windows root CA certificate store. You can then import the created .cer file into FireFox's Authorities certificate store.

3. Uninstall and reinstall Eset.

Edited July 2, 2019 by itman

[itman 1,062]

1 hour ago, BeanSlappers said:

Done all and nothing still the same, including reinstalling firefox.  I do have firefox 67.0.4, including above suggestions.

When did you reinstall FireFox? If you did so after all the solutions I posted previously, it would have negated all those changes.

Another thing you can try is to uninstall your existing version of FireFox. Your Firefox existing profile will be retained. Then download Firefox's full offline installer from here: https://www.mozilla.org/en-US/firefox/all/ and run it. Note: you can language to English - British prior to downloading if you prefer that.

I did this recently and Eset's root certificate was imported into the new Firefox install w/o issue.

Edited July 2, 2019 by itman

[Marcos 3,833]

For some reason you don't have msedge.exe in the list of SSL-filtered applications. It should have been added as soon as SSL communication of the process was detected:

Try adding it manually in the list:

[itman 1,062]

2 hours ago, Marcos said:

For some reason you don't have msedge.exe in the list of SSL-filtered applications. I

@BeanSlappers SSL/TLS protocol scanning issues are with FireFox; not with Edge.

Did you mean that FireFox is not in the list of SSL-filtered applications?

[itman 1,062]

On 7/6/2019 at 8:44 PM, BeanSlappers said:

Yeah I am pretty sure that I said that I was using firefox a lot of times.  I hate edge so I wont ever use it.

 

Did you verify that firefox.exe is in the list of SSL filtered applications?

[Sammo 8]

6 minutes ago, BeanSlappers said:

It is indeed.

Try changing it's scanning option from Auto to Scan.

[itman 1,062]

On 7/8/2019 at 4:39 PM, BeanSlappers said:

It is indeed.

FireFox just released ver. 68. This is the ver. that will use the Win root CA store if Eset's certificate is not added to FireFox's Authorities certificate store for some reason. If FireFox hasn't auto updated to ver. 68, do so manually.

Now perform the AMTSO tests and see if Eset if still not detecting those.

[itman 1,062]

35 minutes ago, BeanSlappers said:

Makes no difference even with the update.

Did you try @Sammo suggestion of setting firefox.exe in Eset's SSL/TLS filtered applications to "Scan" versus the default setting of "Auto?" While in that section, make sure that there are not multiple firefox.exe applications listed. You should have only one entry for Firefox and its path specification is C:\Program Files\Mozilla Firefox\firefox.exe assuming your using Win 10 x(64).

Next in the Web Access protection section, open the Web Protocols section and verify that only port 443 is shown in the HTTPS Scanner Setup section.

Edited July 10, 2019 by itman

[Marcos 3,833]

Have you already tried this?

- uninstall ESET
- reboot the machine
- install the latest version from scratch with default settings
- reboot the machine
- launch Firefox and try to reproduce the issue.

If it doesn't make any difference, also try switching to pre-release updates to get the very latest modules.

[Marcos 3,833]

10 minutes ago, BeanSlappers said:

Also pre-releases are the beta's aint they?

They aren't. There are fully tested modules that are typically released to all users after a few days or weeks without any change. Of course, we don't recommend enabling the pre-release update channel on production machines, however, on non-production systems it'd be good if at least technically savvy users enabled it. Should a problem occur, it's possible to switch back to the release update channel which won't help if a module has been already released for the general public. Before putting modules on pre-release servers we use them to update a lot of production machines in HQ so we are pretty confident about the quality.