Jump to content


  • Posts

  • Joined

  • Last visited

About chrcoluk

  • Rank

Profile Information

  • Location

Recent Profile Visitors

702 profile views
  1. The setting still exists on Windows 8.1. https://winaero.com/how-to-disable-or-enable-fast-startup-in-windows-8-1/
  2. Is there a changelog? even tho I had prelease selected i wasnt expecting an automated update to v12 without consent been asked.
  3. I think it has actually activated, as I have a 30 day license, I had to click on the X to close the activation window after acknowledging the error.
  4. An internal error occurred during the activation process. Latest version downloaded directly from ESET.
  5. This seller is still around, and still selling these licenses. I am talking about eset enabling this practice to happen, really they should either be honouring the licenses so innocent people dont lose out or taking action to prevent this from occurring.
  6. I brought a 10 year license from ebay, it seems the practice is to wait for ebay feedback period to expire and also wait for paypal period to expire (6 months) and then cancel the license. Isnt eset giving too much power to resellers as its enabling some nasty fraud to take place. This here also where marcos response was not very forgiving https://forum.eset.com/topic/16019-eset-cancelled-license/
  7. the pause protection is useful for me, please re add it. I have a password enabled so to pause that password has to be entered. Perhaps make it so it still shows if a password is set?
  8. I am not talking about the process although I didnt specifically check the process usage but I think its tied to the OS buffers or something, as I remember checking task manager and no process had large amounts of usage. It was basically memory unaccounted for. Task manager reported the memory as commited but in the process list nothing had it used. The problem goes away when I disable the ransomware protection and does not exist in nod32 v8 (but of course v8 doesnt have the ransomware protection). If I ignore it then windows will eventually start closing down processes when memory runs out as after a few of weeks of uptime its several gigabytes of memory leaked.
  9. I have been running v10 for a while on both my laptop and desktop, overall I am happier with it than v8. However on my laptop there has been a niggling memory leak, its slow but steady, it seems to leak about 100-200mB a day in resource usage, the leak cannot be recovered by closing programs, I have always had to reboot to recover the memory. I started playing with the settings and found by disabling the new ransomware protection in HIPS settings has solved it. I have an idea of why its happening, my laptop runs automated tools every minute which connect to my modem to collect stats and upload to a server, several scripts are run to collect and process this information, these tools have caused a lot of security programs to have problems, so I suspect nod32 is having issues with them, I am happy to share the tools with the developers if it helps them diagnose the problem. My desktop doesnt seem to have the memory leak problem.
  10. So I have been using nod32 with outlook for a number of years, I am scanning emails using the outlook plugin. I however want to migrate to thunderbird, the first problem I noticed was that there is no plugin. I googled and nod32 decided to drop support way back in v5 for vague reasons, which seemed to be summed up as they couldnt be bothered to maintain the plugin anymore. Even when pointed out there is a long term support version of thunderbird which lasts a year with no feature changes eset seeminly refuse to support it. Yet of course they advertise on their commercial product they scan email traffic for viruses. So I enabled pop/imap protocol scanning (and ssl pops/imaps), now it is worth pointing out at this point there is 3 ways to connect to a email server. 1 - plain text, very bad idea, especially when using plan login auth method. Many providers even outright block this. 2 - legacy implicit ssl, this is now considered legacy aka deprecated, some providers no longer support this, especially on smtp. 3 - explicit ssl, aka STARTTLS, this is the modern reccomended way of connecting to mail servers for all 3 of smtp,imap and pop. Now the nod32 protocol scanning options have the ability to enable for plain connections and implicit, explicit is nowhere to be seen but its possible by design it is supposed to work when using the pop/imap vs pops/imaps settings. What I discovered was this. 1 - plain, scans as expected. 2 - legacy implicit, no scanning, this surprised me as its clearly optional in the settings, but nope no eset signature and eicar attachment no popup from nod32. 3 - explicit ssl, I was hopeful, but no scanning. Now if this was some guy on his own offering free code, I would be understanding. But this is a commercial product which I have paid for, and from where I sit as the customer its not my concern if it is hardwork for eset's developers to maintain a thunderbird plugin. It should be a "deal with it" situation. The plugin is my preffered solution but if they can make the protocol filtering work with STARTTLS then I would accept that as well. So please eset fix this or stop advertising email scanning support. Now I am still using v8, after some sleep, and maybe when the weather cools down a bit so I have more energy I will try v10 beta on a spare machine with thunderbird to see if that works. Also to add, if it is to be done via protocok filtering eset, need to make sure they keep up with modern encryption standards, gcm/chacha ciphers, pfs, dane, key pinning etc. Also wise to point out interception of encrypted traffic goes against the principles of TLS, so by far a plugin is the preffered solution.
  11. I too would like more information on this, the description from eset on AMS is extremely vague and whilst marcos has offered a bit more insight he still hasnt clarified how nod32 determines a process to be suspicious. The post above mine is proof customers of eset are looking at the competition the fact they researched what emsisoft are doing, and I too can confirm I was doing the same, yesterday I spent about 3-4 hours mulling whether to buy nod32 licenses or emsisoft licenses for my laptop and w10 testing machine. I came very close to emsisoft due to the behaviour blocker (of which their documents and staff explains what it looks for as well as been configurable) but in the end stayed loyal to eset because I have used it for so long, and I have made some developed HIPS rules for use in nod32. Maybe eset think its not wise to reveal how this stuff works as then a bad guy reading this forum knows how to work round it, but it also makes your customers not trust your product so much as they cannot be sure they are protected from certain types of malware. I run hitman pro alert alongside nod32, and disabled nod32's EB and AMS because I fear it conflicts with HMPA, and I use HMPA for exploit blocking because they have gone into detail what they do to block exploits, whilst eset's description is very vague. I used to run EMET alongside nod32 before using HMPA, and things EMET protected against such as bypassing OS level DEP, nod32 never blocked, so I am honestly very confused specifically what exploit blocker does and what behaviour AMS looks for.
  12. adding this here, as is more relevant then where I posted it I guess. https://forum.eset.com/topic/8418-wishlist/ Will install the new v10 beta on my win10 machine and a VM to test.
  13. it fails because ESET doesnt check for revoked cert's, is recommended if you value proper TLS security to not use https scanning. hxxp://users.encs.concordia.ca/~mmannan/publications/ssl-interception-ndss2016.pdf
  • Create New...