spotter4me

Hello Gonzalo and Marcos: I resovled the issue. I uninstalled NOD32 and manually deleted all Eset files on my drive. I also maually went through the Registry and deleted all Eset keys. Interestingly, when I was trying to deleted all Eset files on my drive I could not delete some files. Windows said the files could not be deleted and were corrupted. So I ran Checkdisk and many repairs were implemented on my C drive. I then reininstalled NOD32 v349 and the taskbat icon appeared at boot up. No delays. Everything runs fine now. It looks like to me that NOD32 was trying to access corrupt files during boot and could not, thus causing the delay in the boot up of NOD32. One thing I also noted during my scan through the Registry was that I noticed that there was a NOD32 key in there soemwhere that had a "HOLD" appended to the file path to the egui.exe file. Is that key a normal part of the program or could that have been part of the issue? Many thanks to the both of you for your help. This issue can be marked as solved. Paul

Hello: Recently, I have noticed that the NOD32 system tray icon does not appear at boot up even though it is set to do so. After several minutes, it finally launches and the NOD32 program window strangely pops up on my monitor. In the past, when things were working correctly, the Icon would just appear at boot up and that was it. No program window would launch unless I clicked on the icon in the system tray. Furthermore, a Windows error reporting icon on the system tray tells me that the program is not running after boot up. Once the NOD32 icon appears on the system tray and the NOD32 program window pops up that message goes away. It appears something is now conflicting with the start-up of NOD32 for several minutes anyway. Not sure what this could be at this point. Anyone have any ideas? I do not like being unprotected for several minutes after each boot up. Thanks. Paul

Hello Marcos: I am having the same problem. EGUI.exe does not load right away at startup with Windows 7 64 Bit. Ekrn.exe is running though. It does eventually startup, but many minutes later. Well...............interestingly after just upgrading to latest version 9.0.349.0, EGUI.exe now loads properly at startup, and the NOD32 icon now immediately appears on my Windows 7 taskbar.

Hello Marcos: I am having the same problem. EGUI.exe does not load right away at startup with Windows 7 64 Bit. Ekrn.exe is running though. It does eventually startup, but many minutes later.

First of all, if one is having issues with a specific software and does not want to provide the vendor with logs because of insufficient trust, he or she cannot expect the issue to be looked and eventually fixed. Providing logs is the most essential things that ever vendor requests when tackling technical issues. The fact that you had never had issues with SSL scanning until recently can be caused either by the fact that SSL scanning had been disabled by default before v9, a software clashing with ESET's protocol filtering was installed in the mean time or a sort of bug was introduced in a recent Internet protection module. Modules are not static, they are being developed over time to provide better protection, usability or compatibility with other software so it's normal that bugs may occur from time to time no matter how intensive QA pre-release testing is. No software is bug-free, that's a matter of fact. Even vendors with thousands of developers and testers release software that is not bug-free. However, if one cooperates with the vendor it's possible to get issues resolved reasonably quickly. Marcos: I have always checked to make sure SSL was enabled in the past, so that could not have been it in my case, however, your subsequent points are Valid, and I am very aware of what you have stated there. Thank You again. Please understand, I am, and have always been a big fan of Eset and your products, and recommend them to many. My frustration was probably due to the fact that Eset has had a long history of Excellent QC, and in Quickly addressing and fixing bugs. Because of this, and in many other ways, YOU are your own Worst enemy. Expectations are high, especially among us long time users. Keep up the good work. I can tell you many of us really do appreciate your efforts. Have a nice weekend.

First of all, if one is having issues with a specific software and does not want to provide the vendor with logs because of insufficient trust, he or she cannot expect the issue to be looked and eventually fixed. Providing logs is the most essential things that ever vendor requests when tackling technical issues. The fact that you had never had issues with SSL scanning until recently can be caused either by the fact that SSL scanning had been disabled by default before v9, a software clashing with ESET's protocol filtering was installed in the mean time or a sort of bug was introduced in a recent Internet protection module. Modules are not static, they are being developed over time to provide better protection, usability or compatibility with other software so it's normal that bugs may occur from time to time no matter how intensive QA pre-release testing is. No software is bug-free, that's a matter of fact. Even vendors with thousands of developers and testers release software that is not bug-free. However, if one cooperates with the vendor it's possible to get issues resolved reasonably quickly. Marcos Please see my Update above. I understand your point about the Logs and understand it is difficult to get a fix without them. However, I just do not trust any type of Logging or Cloud Based software. Unfortunately, or fortunately, I have become aware of too many shenanigans going on over the many years from many vendors concerning Privacy, Data Mining, and the CLOUD. With your background, I think you understand what I am talking about. Unfortunately, much of this stems from the US and US based vendors operating everywhere. Thank You again.

This is a known issue of the current v9 that will be addressed in the upcoming v9 service build soon. The issue should go away shortly after the operating system has been loaded and all dependent services started. This should be indicated by turning the protection status from red to green. It's just a cosmetic (gui) issue that doesn't affect any functionality. As for the problem opening secured websites, we'll need you to do the following: - temporarily enable advanced protocol filtering logging (APF) under Tools -> Diagnostics - download, install and run Wireshark - start capturing network communication in Wireshark - reproduce the issue - try to download the eicar test file from https://secure.eicar.org/eicar_com.zip - stop Wireshark and APF logging - compress the logs - collect logs using ESET Log Collector - upload the logs to a safe location - pm me the download link. Also send me a screen shot of the error you're getting (preferably from the attempt to download eicar). Hello Marcos: While I appreciate your offer to help here, I do not know if I am comfortable loading software that captures processes and other things on my computer into logs which are then sent to somewhere and to someone I do not know. Let me think about this. I have been a NOD32 user for a long time and never had a problem all these years until versions 2015 and 2016. Both were Protocol filtering issues dealing with the Internet Protection Module. While I am thinking, I do now have a useable license for the latest version of Kaspersky which is also highly rated. I think I will just uninstall NOD32 2016 (after obtaining your requested logs - if I decide to do that), and move over to Kaspersky 2016 for now. Again, nothing personal, I am just tired and a bit frustrated with this whole situation. This is 2 years in a row with the same issue. Thanks Again - if I decide to generate the logs before I unstall NOD32, I will send them to you in a day or two this weekend. UPDATE 12-4-15 4:48PM: Marcos: Looks like all the secure websites I have just tried to access since my comments above ARE NOW accesible. The issue has resolved itself?.....except for the KNOWN Protocol FIltering Error Message everytime I boot into Windows 7 64. So it appears the current Internet Protection Module 1226.2 20151127 has fixed my issues. I can now simply wait for the next v9 build for this minor issue to be corrected. I will report back if this somehow changes over the next week or so. As a long time user of Eset's NOD32 Antivirus, I am happy I will be able to stay. However, I will not close this case until I am sure the Protocol Filtering SSL/TLS issues do not come back. Thanks again Marcos and Stackz, for your concerns with my case.

Well, I just tried to sign into Ebay and the secure page could not be displayed. The Protocol Filtering issue is still present even after switching to regular updates and Internet Protection Module 1226.2 20151127. I guess that is why I was still getting the Protocol Filtering warning message at boot up. Eset needs to look into this. This still appears to be an Internet Protection Module issue?

OK, so you're on Pre-release updates. If you decide to revert to Regular update, you'll have Internet protection module: 1226.2 (20151127) which seems stable and works fine. Ok, I will switch to Regular updates and report back with my results. Thanks OK, I just switched over to Regular updates, everything seems to work as far as accessing web sites and secure websites. The only thing left of concern is that the notification message still appears when I boot up each time. It states that "Protocol Filtering Problem............An error ocured while starting proxy server. Analysis of application protocols (HTTP, POP3, IMAP) will not function." I am running without web access protection and Anti-Phishing protection due to Privacy concerns. Does this boot up message relate to not using those options? Thanks

OK, so you're on Pre-release updates. If you decide to revert to Regular update, you'll have Internet protection module: 1226.2 (20151127) which seems stable and works fine. Ok, I will switch to Regular updates and report back with my results. Thanks

Windows 7 64 Bit, and the Internet Protection Modue I have is 1238 dated 11-24-2015. The SSL Problem appears to occur with Firefox 42 and the latest IE 11. Slimjet browser which is a Chrome based browser does not appear to be affected. For instance, I cannot sign into this Eset forum site using Firefox and IE, but I can with Slimjet.

Hello Marcos: I tried your fix and it did not work. However, after playing around a bit I found I can browse sights with Protocol Filtering Checked and SSL/TLS UNCHECKED. If I check SSL/TLS I can enter some secure sites, but not others. As an example, I cannot log into my AMEX account. I get the following message: The connection to the server was reset while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. UPDATE: OK, Under SSL/TSL, I had unchecked "Exclude Communication With Trusted Domains." When I checked this, everything now seems to be working. I can now log into my AMEX site. So it now appears, all websites, including secure ones, are functional with Protocol Filtering CHECKED (AUTOMATIC option selected), and SSL/TSL CHECKED (Exclude Communication With Trusted Domains option CHECKED). These options are all under the Advanced Setup Menu after clicking the Web and EMail Tab on the Left. Any comments would be apprecated, especially concerning the "Exclude Communication With Trusted Domains" option. UPDATE 12/3/15 Ok it appears the issue HAS NOT been resolved. When I rebooted the computer this morning I get the following message: "Protocol Filtering Problem............An error ocured while starting proxy server. Analysis of application protocols (HTTP, POP3, IMAP) will not function." I cannot retrieve my E-Mail using Thunderbird, and I get the error message "the page you are trying to view cannot be shown because authenticity of the received data could not be verified." Furthermore, when I click to check for Firefox Plugin Updates, that Mozilla page is not rendered properly. If I UNCHECK SSL/TLS but keep Protocol Filtering checked, web pages including secure pages can be accessed (at least the ones I tried to access). I can retrieve my mail, and the Mozilla Plugin update page is rendered properly, but I still get the Protocol Filtering error message when I reboot my computer. It does appear to be an Internet Protection Module issue similar to when NOD32 2015 v8.0 was first released.

Please Note: In my last sentence above, I meant to say: "With this being UNchecked, I cannot engage the Internet Protection options of Web Access Protection and Anti-Phishing Protection." Thanks for your reply Marcos. I will try your suggestions later today, and report back tonight or tomorrow.

Hello All: It appears that the Internet Protection Module in NOD32 Antivirus 2016 is once again affecting web pages using Firefox 42 (have not tried other browsers). When Protocol Filtering is checked, secure websites are not displayed. When I uncheck this, everything works correctly. As I recall, this was the same thing that occurred soon after the release of the last version of NOD32 (2015 v8.0). The cause was the Internet Protection Module. It was eventually corrrected by Eset. Does anyone know when the current Internet Protection Modue issues will be corrected? With this being checked, I cannot engage the Internet Protection options of Web Access Protection and Anti-Phishing Protection. Thanks

Hello Gerix: I too had some update nags (for New Signatures) and confirmation messages after virus signatures were updated. Click to Open NOD32 9 and then click the SETUP tab on the Left. In lower left of NOD32 window click on ADVANCED SETUP. Now click on the UPDATE tab on the Left. Click "+" Button for BASIC and uncheck "Disable Display Notification After Sucessful Update." Under BASIC you will see UPDATE MODE. Click "+" sign to open this and UNCHECK "Ask Before Downloading Update." Signatures are now Automatically updated in the background with no overt messages. I assume program updates will too. You can try seeing if a checked "Ask Before Downloading Update" only applies to program version updates (and not virus signature updates too) by keeping this box checked. Again, I have this UNCHECKED and see no OVERT messages.

Hello NOD32 Support Representative: I just started getting this warning today 13 DAYS out from expiration. The taskbar icon is now a triangular orange with an exclamation point in it, and there is a BIG "Eset NOD32 Requires Your Attention" in LARGE lettering at the top of the Home window. I NOW have to endure this NAGGING for 13 days. This kind of NAGGING is NOT NECESSARY given that one sees the License expiration under the Basic Overview heading in the HOME window when one opens NOD32. PLEASE remove this renewel nag and stop treating people like IDIOTS that need to be herded like sheep. PLEASE......... Spotter

Hello Peter: I am not sure what Eset did here recently, but the issue has finally been resolved with the latest version of NOD32 released on May20 (v7.0.317.4) and/or the latest Internet Protection Module v1130 dated 6/5/2014. Firefox and other browsers now work with Internet Protocol Filtering checked! And I do not even have to exclude the browsers. Works just like NOD32 6 did! Guess I can now try to see if scanning SSL Protocol will work, although I never had that checked in previous versions. I also noticed that moving around the GIU is quicker with less latency, expecially when accessing the Advanced Menu grom the little down arrow in the upper right of the NOD32 window. What did you guys do to finally resolve this? I am curouos, because for so long, since NOD32 7 was released, web pages would not display on most secure websites and some non secure websites with Protocol filtering checked. What was the fix?!

Hello Again Peter: Automatic updates finally installed Pre-Release Internet Protection Module 1097 today. Unfortunately the problems with browsing web pages persists in all 3 browsers as described above. 1097 did not fix the issue so it's back to the drawing board. Any other suggestions would be appreciated. S.

Hello Peter: Thanks for your reply. For some strange reason I still only have Internet Protection Module 1094 installed. I do have Pre Release Updates checked but 1094 was never updated automatically. Is there a way to manually install this? Do you have a link? I will get back to you to see if 1097 solves the web browsing issue once I can install and test 1097.

Since installing the latest version of NOD32 Version 7, I am unable to enter most secure web sites. On the rare occasion I do get in, subsequent pages on the secure site do not display properly. This also generally occurs with most unsecure web pages. Web pages do not display properly, or do not display at all. This occurs in all 3 browsers that I use (Firefox 26, Chrome 31, and IE 10). When I uncheck Protocol Filtering and reboot, everything then works normally in all 3 browsers. And YES........I have "Do not Scan SSL Protocol" checked. Additionally, HIPS option is checked. The issue is directly the result of enabling Protocol Filtering. Furthermore, if I uninstall NOD32 v7 and go back to the latest version of NOD32 V6 everything works like normal WITH Protocol Filtering checked. This is an issue with NOD32 V7 only!! And YES AGAIN, I have Prelease Updates Checked! The latest virus signature updates installed are 9222P dated today. Is Eset working on this issue? Others have reported this too. Is their a fix for this? I would really like to run NOD32 V7 with Protocol Filtering checked instead of Unchecked. I have been using this software for many years and this is the first time I have had issues, unlike other security software that I have used and subsequently abandoned in the past. Very disappointing to say the least. I do also use Malwarebytes Antimalware and SuperAntispyware only running one of these in Real Time Scanning mode. There were NO problems running these with NOD32 v6.