GrammatonClerick
-
Posts
35 -
Joined
-
Last visited
Posts posted by GrammatonClerick
-
-
Oh and I have uninstalled and re-installed ESET just to make sure it wasn't a corruption during initial install. I uninstalled via Revo Uinstaller PRO (latest version).
-
The keyscrambler Spyshelter test worked perfectly fine in non Premium version and in windows 10.
Once I upgraded to Windows 11 and Upgraded to Premium the keyscrambler no longer works. I can see the keys entered into the browser even though it is supposedly protected by the AV.
-
14 minutes ago, JerryG said:
I excluded everything one by one and it didnt help. I agree with you about running the system without protection, I wont be doing that.
It's kind of dumb i.e. I can trust sandboxie to reset my settings each time and prevent drive by malware or I can trust what chrome 68 and sandboxie and eset has done before do to the same....I mean I love the fact that each time I close my browser the whole settings are cleared without my intervention regardless what I do.
So now the time has came to either trust sandboxie in protection on eset hips.....i honestly dont' know I love the whole reset on reboot of sandboxie.
-
-
I have uninstalled hitman pro alert and rebooted...same issue. Hitman Pro was still installed but the HItman Pro Alert was not. Firefox works fine.
-
Sorry was away from my system.
When should I run the log? Should I run it when my ESET is fully on and Chrome is crashing (i.e. HIPS in ESET IS ON) or should I run it when I disable the HIPS and the Chrome works?
Just a note that even if ESET HIPS is disabled after I boot and once I touch enable HIPS...I get a prompt to reboot but if I don't reboot the CHROME will still crash...so as long as ESET is hooked the chrome crashes.
-
Hate to post it in open forum...is there a place I am email it or PM you with the archive?
-
NO other custom rules until I started to have the issues and it's only then that I created a custom rule. Otherwise my custom rules are empty.
Memory violation you say? Hmm it might be Hitman Pro Alert....not working nice with Chrome 69 and ESET IS HIPS....strange...I disabled hitman pro alert all aspects of it (besides uninstalling) and it still gives me the error but who knows. Let me see.
Faulting application name: chrome.exe, version: 69.0.3497.100, time stamp: 0x5b9cbd4f
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00530020
Faulting process id: 0x27e4
Faulting application start time: 0x01d45591d808ded8
Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Faulting module path: unknown
Report Id: dcbcf618-c5f5-4168-9848-3dc46742ecc0
Faulting package full name:
Faulting package-relative application ID: -
True it could be however this is the only consistent event across 4 of my systems...everyone of my systems that have ESET IS and Chrome 69 can't open Chrome. 1 that has Bitdefender works fine and 1 that has KAV works fine. So the only common thing across them is ESET and I have uninstalled and re-installed Chrome 69 few times now....the only solution that helps is disabling ESET HIPS.
-
Chrome 68 worked fine but now once chrome updated to 69 I started to get 0x000005 execution error. I have gone through everything in my system in terms of security disabling and enabling and the only thing that works i.e. allows Chrome to execute is Disabling Eset HIPS.
The HIPS has to be fully disabled. I have tried partial disable of Script Blocking (reboot), Self Defense (reboot) etc etc I have even created a custom rule allowing the chrome EXE full access to Applications, Registry etc and nothing works.
I hate running without HIPS and especially the self defense module of ESET. Running without those is disabling about 50% of ESET defenses especially against crypto and script based attacks.
-
On 7/20/2018 at 2:25 PM, itman said:
I had to reinstall Win 10. As such, decided to give Edge browser a trial. Installed the Adguard add-on and appears to be working just fine. Installed the tracking protection lists I want including Github's CoinMiner one for Adguard. Went to a test coin miner web site and Adguard detected it immediately.
What I forgot about though is Adguard is a Russian based company. Depending on how you feel about Russia's recent cyber activities, it would be another reason why one would not allow Adguard to do SSL protocol scanning in the stand-alone version of it.
Yeah It's sad that Geopolitical issues prevent us from having great protection. I mean the same can be said about Any former Eastern European nation (looking at you ESET) :). But yeah that's exactly what I asked on MalwareTips.com and was promptly banned by their Mods...no explanation just banned....when I asked them they told me I was banned for "spam" but it's weird that everything was fine until I asked the same question you asked above...i.e. casting doubts about the Russian FSB connection (their new law at the time) to share all the net data with FSB and their Adguard protection of HTTPS i.e. if they would cooperate with FSB if it came to it? Once that question was asked...ban hammer was issued and all my posts deleted. :) So there goes the stance of the malwaretips mods....(that was few years ago).
-
1 minute ago, itman said:
I will also make this general comment.
I would never use multiple products concurrently that perform SSL protocol scanning. The potential for a decryption/re-encryption "bork" in the browser goes up exponentially with such activity. Let alone the impact on browser speed. Such concurrent activity could make your browser more insecure than if SSL protocol scanning was never employed.
Ok so what would you recommend? Disable AdGuard SSL scanning or ESET SSL scanning? I am also running Sophos XG17 UTM but that has disabled SSL scanner and only scans HTTP.
-
1 hour ago, Marcos said:
I see also MBAM v3 installed. In particular, mbamchameleon.sys is loaded. As I have already mentioned, there are also drivers zam64.sys and zamguard64.sys. Then there is Adguard's driver adgnetworkwfpdrv.sys too. Another AV's driver is SophosED.sys.
So I suggest:
1, Uninstalling MBAM
2, Uninstalling Adguard
3, Uninstalling Sophos
4, Keeping Zemana but temporarily renaming c:\windows\system32\drivers\zam64.sys and zamguard64.sys.Yeap my full protection chain until this issue has been:
1) ESET IS
2) HITMAN PRO ALERT (SOPHOS)
3) ADGUARD (WFP now disabled but it was enabled before)
4) Zemmana (On Demand...kind of upset that it loads a driver even though it's on demand...that's really naughty of them)
5) MBAM (kept at version 2 and used rarely i.e. once every few months scan whenever I feel like it...it's a remnant of a past when MBAM was still worth a damn).
-
9 minutes ago, itman said:
Given this most recent comment, I would say the issue is Adguard:
Yeah I agree I've disabled the WFP and no BSOD yet.
I am glad since I would hate to loose ESET protection. ESET and ADGUARD is like a MOM and DAD fight during a divorce proceedings in the end whichever you choose you loose.
-
Ok as per ITMAN suggestion I've disabled the WFP driver and see if that can help.
edit:
Before uninstalling things I will try disabling things that have previously were known to cause issues...if that doesn't work then I will try the uninstall route.
-
59 minutes ago, Marcos said:
In the dump I got last time there was a Zemana driver. Please uninstall any other security sw that you have installed and let us know if BSOD still occurs. Also please drop me a private message with ESET Log Collector logs so that I can check what software you have installed.
I have won Zemanna on a 3 year giveaway unless you guys give me 3 years of free lic then I will not uninstall that software since the giveaway is over and the code I used has been used so find another way.
I mean honestly the first thing that AV companies blame are competitors why not work together?! Zemmana like AdGuard like HitmanPro like Malwarebytes is supposed to be an addon so solve the things yourself and don't blame the users for using them.
-
OK 55 minutes after updating just the ESET I just got a BSOD with NETIO.SYS
edit:
Enabled Complete Memory dump option and rebooted. Will zip and upload the dump file once it BSOD's.
-
9 hours ago, Marcos said:
I've found Zemana's driver zamguard64.sys loaded. Please at least temporarily uninstall any other 3rd party security software while troubleshooting the issue.
10 hours ago, Marcos said:Unfortunately, minidumps contain too little information to determine the cause. Please configure Windows to generate complete or at least kernel memory dumps:
I've sent you a kernel dump in the PM on Friday the 13th. I've sent you a link to my google drive where I deposited a rared version of the kernel dump it was 43mb rarered, unrared I think it was 16 gig.
-
On 7/13/2018 at 1:00 PM, Marcos said:
Do you have at least a kernel memory dump if not a complete dump from the crash? Does the machine crash again after a reboot?
Marcos any update to the issue? Seeing that the release of the new version is only few days away.
Updating ESET to the latest pre-release components (leaving AdGuard as is...not updated).
Adguard is at: 6.3.1399.4073
Let's see what happens.
Current ESET build on this system:
Detection Engine: 17724P (20180716) Rapid Response module: 12488P (20180716) Update module: 1015 (20180511) Antivirus and antispyware scanner module: 1541 (20180710) Advanced heuristics module: 1188 (20180422) Archive support module: 1276 (20180710) Cleaner module: 1159 (20180612) Anti-Stealth support module: 1138 (20180625) Firewall module: 1378 (20180509) ESET SysInspector module: 1273 (20180523) Translation support module: 1678 (20180410) HIPS support module: 1322 (20180613) Internet protection module: 1334 (20180522) Web content filter module: 1059 (20180221) Advanced antispam module: 7648P (20180716) Database module: 1098 (20180530) Configuration module (33): 1685.8 (20180621) LiveGrid communication module: 1045 (20180410) Specialized cleaner module: 1012 (20160405) Banking & payment protection module: 1135 (20180625) Rootkit detection and cleaning module: 1019 (20170825) Network protection module: 1676P (20180710) Router vulnerability scanner module: 1050 (20180613) Script scanner module: 1041 (20180627) Connected Home Network module: 1020 (20180503) Cryptographic protocol support module: 1028 (20180626)
-
49 minutes ago, Azure Phoenix said:
Were you able to resolve the issue? There was a report of BSOD at the Adguard forum.
The poster stated to also use ESET.
Yeah that was me. I forgot my Tempnexus account on this forum so I used google login for this one.
I have posted both here and there.
-
used to run hosts file blocking but not everything nowdays uses the host file, some programs bypass it, besides it causes slowdown. I find the Adguard solution to be more elegant, especially when there is a large collection of block files and it auto updates the lists.
I've also use PiHole, Adguard is something on top of Pihole where I can specify specific nations and unlike Pihole adguard is able to block Youtube Ads and Facebook ads (since it runs on https and scans the site code as opposed to generic URL block).
-
Yeap I will perform a ESET and Adguard BSOD test once I get the answer from MARCOS regarding what's wrong (I've send him my dump file). Until then I will wait. Once it comes back then I will just do a daily backup and do the permutation of installing ESET update and leaving Adguard Alone...waiting for BSOD...then installing Adguard update...waiting for BSOD....if BSOD occurs then revert back and install Adugard update first...wait for BSOD and then install ESET update and wait for BSOD. This will take hours, days (since I will give it a day per update for BSOD...since normally BSOD occurs randomly every few hours) of my time...which I will do for free (as many beta testers do) but honestly any update should have been vetted (talking to both ESET and AdGuard).
edit:
Ok 4 hours on active system with both former ESET and former ADGUARD and no BSOD....so either or was causing it...the question is which...I don't know....awaiting Marcos kernel dump download and further advise on how to proceed.
-
10 minutes ago, itman said:
I have seen web references that Adguard when used in conjunction with third party AV's can cause netio.sys BSOD. I suspect that the upgrade to 11.1.54 might have triggered some conflict in Adguard.
One thing that could be tried is to uninstall Adguard. Then upgrade Eset to 11.1.54. If system remains stable, then Adguard is the culprit. I would then reinstall Adguard and see if the system remains stable.
Honestly that is a tough call between ADGUARD (which I have a lifetime lic for and which I love for blocking ads) and ESET which I have an annual lic....I would probably drop ESET before I drop Adugard....just saying.
Edit: Since there are MANY antivirus companies but honestly only one or two offer a whole system anti Ad/tracking/spying companies AdMuncher (defunct) and AdGuard.
Yes there is ADblock+, Orgin etc and others but those are browser and not system based...I like to have a system based protection since it protects against all ads and not only those who come through browsers (especially now with the Windows App Store etc). I.e. It blocks windows 10 spying since it's network stack based protection as opposed to Browser App only protection.
-
Yes I do have AdGuard Installed.
Is Adguard the one that is causing the issues? Since recently they have been having a flury of updates...I have not updated to the latest one on this re-image but I did update to the latest one on the last re-image (when I was having the BSOD issues).
I don't want to let ESET off the hook but damn, you might be right. So far neither ESET or ADGUARD has been updated to the latest version...and so far stable.
EDIT: ONCE ESET takes a look at my dump file and once I am told what's wrong (or inconclusive) then I will install ESET update first....have it a go for a day....then I will install the AdGuard update....and have it a go....whichever BSOD's first will be my metric. (So far I've been having BSOD every hour or less....before the reimage....so a day sounds like a good metric).
Keyscrambler in the banking portion of the ESET no longer scrambles keys with the latest version and windows 11
in ESET Internet Security & ESET Smart Security Premium
Posted
That might be the case. I thought I've downloaded the latest one from their Polish website, I guess I was wrong.
I will restest again tonight.