dcs18 Posted October 27, 2014 Author Share Posted October 27, 2014 Well, it is time to get laid - here is an inspiring download for everyone (including those who are laughing):-- http://www.mediafire.com/download/y8bxv9aihmdsozg/Dare_To_Be_Different.rar Link to comment Share on other sites More sharing options...
mara- Posted October 27, 2014 Share Posted October 27, 2014 You were wrong most of the time - this is the first time you are right, congratulations - seriously!!! The only 3 folks who were genuinely interested were skunk1966, idmresettrial and HNB.While the activation lasted, you could have have harvested the whole situation for your own fix - if you were not so determined to disprove the firewall method (upon which you base your new fix.)ps:--My observation is that ESET activates the copy online but stores the activation, on the Users' HDD - you may choose to believe or disbelieve me.BTW, about the IP that you were so desperately wanting to find out the method I used - all my IP are published using only industry-grade professional network sniffers based on the Surgeon's approach (not the Butcher method that some employ.) I do allow or block my IPs based on mere suspicion.I wasn't desperate at all. I was just waiting to see results, and at the beginning I rushed with the new fix, but then I stopped when I realized that there is only 10% chance this will work. I was genuinely interested, and I was right in everything I said, but no, you didn't listen because you think that only you're right. Activation is stored in registry, but not expiration. Expiration is not stored since Eset v4. And once again we go back to that I was right. Updates servers do check for user name and password, but since we blocked expiration server, there is probably some delay in communication between update server and expiration server, and that's why we could use that user name and password for a little longer. And harvesting for my fix? :lol: :lol: :lol: Do you really think it's important to me which fix is working for Eset? Absolutely not! Only important thing is that there IS some fix for it.Cheers ;) Link to comment Share on other sites More sharing options...
dcs18 Posted October 27, 2014 Author Share Posted October 27, 2014 You weren't desperate - you mean people called you filthy names, just for the heck of it?Do you want me to post links and images to prove your desperation? Link to comment Share on other sites More sharing options...
mara- Posted October 27, 2014 Share Posted October 27, 2014 That just proves how low is their level of culture, and you are even worse for keeping those images. And to put it simply, I was right all the time. :showoff: Deal with it!BTW, I don't care about your posts.Cheers ;) Link to comment Share on other sites More sharing options...
jamesDDI Posted October 27, 2014 Share Posted October 27, 2014 @mara- so there will be not any new fix for eset right? So when the v4 update servers will be closed the only choise will be to reset the trial license every months? Link to comment Share on other sites More sharing options...
dcs18 Posted October 27, 2014 Author Share Posted October 27, 2014 BTW, I don't care about your posts.Cheers ;)So, then - what brings you here (if you don't care about my posts?) Link to comment Share on other sites More sharing options...
mara- Posted October 27, 2014 Share Posted October 27, 2014 @mara- so there will be not any new fix for eset right? So when the v4 update servers will be closed the only choise will be to reset the trial license every months?I will update the fix so it works before installation of Eset v8, and will use v4 servers as always. And when v4 servers stops working, currently I only see that solution - to reset every month. That could be also automated, but it would require keeping self-defence disabled.BTW, I don't care about your posts.Cheers ;)So, then - what brings you here (if you don't care about my posts?)I just came to say that I was right. And just because you created the topic does not mean that I can't communicate with other members here, but I'm done with you, that's for sure.Cheers ;) Link to comment Share on other sites More sharing options...
dcs18 Posted October 27, 2014 Author Share Posted October 27, 2014 I just came to say that I was right. And just because you created the topic does not mean that I can't communicate with other members here, but I'm done with you, that's for sure.Cheers ;)I was done with you, long ago - feel welcome to communicate with anyone (hopefully, on a new start - on a constructive note rather than the usual critical note.) ;) Link to comment Share on other sites More sharing options...
idmresettrial Posted October 27, 2014 Share Posted October 27, 2014 I will update the fix so it works before installation of Eset v8, and will use v4 servers as always. And when v4 servers stops working, currently I only see that solution - to reset every month. That could be also automated, but it would require keeping self-defence disabled.Can a kernel driver bypass eset self-protecting?I don't have enough knowledge to write a driver. Can you write one to do that test? Link to comment Share on other sites More sharing options...
mara- Posted October 27, 2014 Share Posted October 27, 2014 What would be the point of self-defence if kernel driver can bypass it? Then virus could do the same thing. And I'm pretty sure that kernel drivers needs to be signed in order for Windows to accept it.Cheers ;) Link to comment Share on other sites More sharing options...
idmresettrial Posted October 28, 2014 Share Posted October 28, 2014 What would be the point of self-defence if kernel driver can bypass it? Then virus could do the same thing. And I'm pretty sure that kernel drivers needs to be signed in order for Windows to accept it.Cheers ;)Have you had a look at microsoft kmdf?I think it doesn't need to sign the driver. Link to comment Share on other sites More sharing options...
rudrax Posted October 28, 2014 Share Posted October 28, 2014 The above is a screenshot of WFC. You can see there 3 entries for the same file. The file is one of the executables from BlueSoleil package. The block rule for the file is defined by me. But, even the block rule for the specified file is there, BlueSoleil adds two allow rules for the same file and WFC doesn't know anything about it as it do not provide me any notification regarding those allow entries. Here WFC's capabilities comes under doubt. Link to comment Share on other sites More sharing options...
dcs18 Posted October 28, 2014 Author Share Posted October 28, 2014 This happens neither with my own copy of WFC nor with any of the hundreds of others that I administer. Link to comment Share on other sites More sharing options...
jamesDDI Posted October 28, 2014 Share Posted October 28, 2014 What would be the point of self-defence if kernel driver can bypass it? Then virus could do the same thing. And I'm pretty sure that kernel drivers needs to be signed in order for Windows to accept it.Cheers ;)Have you had a look at microsoft kmdf?I think it doesn't need to sign the driver.Hope in this new way .. Link to comment Share on other sites More sharing options...
rudrax Posted October 29, 2014 Share Posted October 29, 2014 This happens neither with my own copy of WFC nor with any of the hundreds of others that I administer. When did you start using BlueSoleil? :o Link to comment Share on other sites More sharing options...
dcs18 Posted October 29, 2014 Author Share Posted October 29, 2014 This happens neither with my own copy of WFC nor with any of the hundreds of others that I administer. When did you start using BlueSoleil? :oNo need for BlueSoleil - have already heard that complaint. ;) Link to comment Share on other sites More sharing options...
rudrax Posted October 29, 2014 Share Posted October 29, 2014 This happens neither with my own copy of WFC nor with any of the hundreds of others that I administer. When did you start using BlueSoleil? :oNo need for BlueSoleil - have already heard that complaint. ;)Nope, in case of BlueSoleil, it's different. At that time ESET created the allow rule itself, I didn't have "Secure rule" checked. Now I have. But don't know how BlueSoleil is being able to create the rule without my permission and even after I've created block rule for the same file. These chinese things are shocking sometimes. Can you test drive the latest version of BlueSoleil and see if you face this issue. If you do (unless PL is restricting it), this will be a bug, which I think, you will be able to report the developers. Link to comment Share on other sites More sharing options...
dcs18 Posted October 29, 2014 Author Share Posted October 29, 2014 This happens neither with my own copy of WFC nor with any of the hundreds of others that I administer. When did you start using BlueSoleil? :oNo need for BlueSoleil - have already heard that complaint. ;)Nope, in case of BlueSoleil, it's different. At that time ESET created the allow rule itself, I didn't have "Secure rule" checked. Now I have. But don't know how BlueSoleil is being able to create the rule without my permission and even after I've created block rule for the same file. These chinese things are shocking sometimes. Can you test drive the latest version of BlueSoleil and see if you face this issue. If you do (unless PL is restricting it), this will be a bug, which I think, you will be able to report the developers.Can't replicate your issue - since you are the only one reporting this issue, it is better you concentrate on streamlining your own configurations (WFC + PLP + others) instead of me wasting time with some unwanted and avoidable Chinese creation. Link to comment Share on other sites More sharing options...
rudrax Posted October 29, 2014 Share Posted October 29, 2014 If there were any problem, then why don't other programs be able to bypass WFC notification, not even ESET. So the problem is with BlueSoleil itself. There may be some chinese code that WFC is not understanding. I can't find any better solution than BlueSoleil. Do you have any alternative to suggest? Link to comment Share on other sites More sharing options...
dcs18 Posted October 29, 2014 Author Share Posted October 29, 2014 As a matter of policy - Bluetooth is not allowed to run on any of the systems, administered by me. Link to comment Share on other sites More sharing options...
dcs18 Posted October 30, 2014 Author Share Posted October 30, 2014 It screws up with UAC. ;)have u experienced the same in ur sys ?bcoz i have been using it(secure boot) and there is no problem with UAC...Here is the bug where Secure Boot is being shown to have failed, at boot - on one of those very rare moments:-- Link to comment Share on other sites More sharing options...
rudrax Posted October 31, 2014 Share Posted October 31, 2014 It screws up with UAC. ;)have u experienced the same in ur sys ?bcoz i have been using it(secure boot) and there is no problem with UAC...Here is the bug where Secure Boot is being shown to have failed, at boot - on one of those very rare moments:--When one's computer is not connected to the internet during boot, in that case, does "secure boot" feature of WFC has any role to play? Link to comment Share on other sites More sharing options...
kantry123 Posted October 31, 2014 Share Posted October 31, 2014 It screws up with UAC. ;) have u experienced the same in ur sys ?bcoz i have been using it(secure boot) and there is no problem with UAC...Here is the bug where Secure Boot is being shown to have failed, at boot - on one of those very rare moments:-- When one's computer is not connected to the internet during boot, in that case, does "secure boot" feature of WFC has any role to play?Parsonally I feel it's useless As it always screws up my internetRegards Link to comment Share on other sites More sharing options...
dcs18 Posted October 31, 2014 Author Share Posted October 31, 2014 It screws up with UAC. ;) have u experienced the same in ur sys ?bcoz i have been using it(secure boot) and there is no problem with UAC...Here is the bug where Secure Boot is being shown to have failed, at boot - on one of those very rare moments:--When one's computer is not connected to the internet during boot, in that case, does "secure boot" feature of WFC has any role to play?It locks your firewall rules - this prevents other applications and programs from making changes to your firewall rules, during boot.However, it is not completely bug-free, ATM. Link to comment Share on other sites More sharing options...
dcs18 Posted November 1, 2014 Author Share Posted November 1, 2014 As for my configuration there is no chance of misconfiguration as i always keep clean images...A clean image is undeniably at its most mis-configured state because it is not as per personal preference - but, as per Microsoft dictats.I have a Customer coming in with his system to rectify this particular issue of Regular Maintenance hogging prime resources. I shall be having a hands-on opportunity to check out what I have configured differently on my system for my Regular Maintenance to remain disabled without having its task to be deleted.Let me know if you are interested - if yes, I would take the effort to publish the same here. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.