Jump to content

Memory Usage

Purpleroses
 Share

Recommended Posts

itman

itman 1,659

Posted
Posted
11 minutes ago, Posolsvetla said:

No, you haven't. As stated in the Event log, "an attempt to exploit" has been made, but that does not mean it was successful. We perform the check for this vulnerability only after we call the Windows API function which causes the log to be created. That's the reason the log is present.

You are still missing what the issue is here.

Eset SSL/TLS protocol scanning initiated exploit processing for a vulnerability that never existed in Firefox. Again, Eset SSL/TLS scanning stays disabled on any browser that I use.

Link to comment
Share on other sites
Wrogg

Wrogg 5

Posted
Posted

I'm still getting the same ram usage on 1439 on Edge and Chrome. spike to to 270 or so and stay there until I play a game or use something ram intensive.

Not sure if that's a problem? 

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted
1 hour ago, Wrogg said:

I'm still getting the same ram usage on 1439 on Edge and Chrome. spike to to 270 or so and stay there until I play a game or use something ram intensive.

Not sure if that's a problem? 

This sounds correct to me.

The registry fix to correct this ekrn.exe memory spiking issue was to favor OCSP over CRL cert. revocation checking processing. Chrome and Edge which is Chromium based both do not support OCSP.

Link to comment
Share on other sites
Wrogg

Wrogg 5

Posted
Posted
20 minutes ago, itman said:

This sounds correct to me.

The registry fix to correct this ekrn.exe memory spiking issue was to favor OCSP over CRL cert. revocation checking processing. Chrome and Edge which is Chromium based both do not support OCSP.

Makes sense. thanks

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted

To disable SSL/TLS protocol scanning only for a browser app, refer to the below screen shot. It shows Firefox being disabled. If using a different browser, you will have to select the .exe  associated it and set Scan action setting to Ignore.

Eset_SSL_Browser.thumb.png.823d0d029c73d360f71863f36d9120d4.png

As far as if it is safe to do so, it depends on what other actions you have taken to harden the browser against malware attacks. The minimum action would be to include a strong ad blocker add-on such as uBlock Origin and enabling all available lists offered; tracking, ad blocking, and malware. I would also manually add the AdBlock coin miner list available from Github: https://github.com/hoshsadiq/adblock-nocoin-list/ .

Link to comment
Share on other sites
Purpleroses

Purpleroses 21

Posted
  • Author
Posted

I installed google chrome last night and I had to manually add chrome.exe to the list of ssl/tls filtered applications.  I thought that it did it automatically because I have set to automatic mode but it did not add it automatically.  Thank you for the information Itman and Viatcheclav Bukasi

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted
3 minutes ago, Purpleroses said:

I had to manually add chrome.exe to the list of ssl/tls filtered applications.  I thought that it did it automatically because I have set to automatic mode but it did not add it automatically. 

Eset should have added it the first time you ran chrome.exe. Eset will not add an app when it is installed only.

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted
55 minutes ago, Purpleroses said:

I don't know what is going on but I tried installing brave browser.  Ran the brave.exe and Eset never added it

Make sure the following setting is enabled:

Eset_Protocol_Scanning.thumb.png.d96824470a95df48624f889fda2ed6f7.png

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted (edited)

Also review this thread: https://forum.eset.com/topic/28545-brave-browser-compatibility/  . Brave's .exe Scan action setting needs to be manually set from Auto to Scan for SSL/TLS protocol scanning to work. Also note that Brave does not work in Banking and Payment protection since its not a supported browser.

Edited by itman
Link to comment
Share on other sites
  • ESET Staff
Posolsvetla

Posolsvetla 15

Posted
  • ESET Staff
Posted
On 3/19/2022 at 10:21 PM, itman said:

Eset should have added it the first time you ran chrome.exe.

Since Internet protection module 1436 applications are no longer automatically added to the list. If an application is not present in the list, Scan action Auto is assumed.

On 3/20/2022 at 12:10 AM, itman said:

Brave's .exe Scan action setting needs to be manually set from Auto to Scan for SSL/TLS protocol scanning to work.

Since Internet protection module 1436 TLS scanning is enabled for Brave browser also when set to Auto Scan action.

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted
4 hours ago, Posolsvetla said:

Since Internet protection module 1436 applications are no longer automatically added to the list. If an application is not present in the list, Scan action Auto is assumed.

It would be beneficial that Eset published a change log when modules are updated. If for no other reason than incorrect information is not conveyed in the forum ...............

Link to comment
Share on other sites
  • 2 weeks later...
itman

itman 1,659

Posted
Posted
9 hours ago, Wrogg said:

This seems to have stopped for me since 15.1.12.0

Can't get Chrome or Edge over 50 meg anymore.

The Internet Protection module updated to ver. 1439 on my device a couple of days ago. It was previously posted in this thread by an Eset staff member that this module update would contain the ekrn.exe memory fix. Appears it does thankfully.

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted
20 hours ago, itman said:

The Internet Protection module updated to ver. 1439 on my device a couple of days ago. It was previously posted in this thread by an Eset staff member that this module update would contain the ekrn.exe memory fix. Appears it does thankfully.

Looks like the memory spiking issue is not resolved with Internet Protection module ver. 1439. I went to badssl.com and ran its Dashboard test. Ekrn.exe memory immediately spiked to over 200 MB. Also, the prior reg. modification recommended previously by @MMx does not prevent ekrn.exe memory spiking from this web site.

What is going on here is most web sites have updated their Lets Encrypted certs.. As such, the memory spiking issue will be encountered less frequently.

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted
1 hour ago, Wrogg said:

1439 made no difference to me at all. I just havnt seen it spike since 15.1.12.0

The badssl.com test posted above was made on ver. 15.1.12.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...