Jump to content

Process for browser st 50% and cannot be killed


Recommended Posts

After a removal and re-install of 64 bit ESET10 (we thought it was 9) we find the process works, the GUI stays put (off and on a couple of times on boot) and we thought we were okay.

We still have issues with some kind of hook ESET seems to open in whatever browser we first open.

Primary browser is FireFox, and that is why we initially thought it might be a FireFox issue. Task Manager shows a process for FireFox at 50% CPU, even with all FireFox windows closed, once you open FireFox the first time, and no application showing.

This prevents CCleaner from functioning, as FireFox needs to be closed to run. Requires reboot to allow, which is a real pain at night on shutdown.

Last night I had a brilliant thought (yeah, right.....) and after reboot I opened IE instead of FireFox.

There is was. Process on IE of 50% and cannot have process or process tree killed.

Open FireFox, no process open at 50% once the "hook" is set on IE browser.

It also kills IE from fully opening once we do an initial opening of the IE browser and set the hook.

The questions, therefore, are:

What is ESET doing, even with banking mode disabled?

How do I kill this process?

I had zero issues last install of NOD32....and now I am thinking I need to go back to NOD32 to eliminate this stuff.

Guess is this is some kind of ESET secure browser..which was thrown at us in Avast last time, and why we came to ESET in the first place.

I have enough stuff for protection, don't need another layer that messes things up.

 

Thoughts?

 

Link to comment
Share on other sites

Eset sets two hooks into IE:

eOPPMonitor.dll - used for Online Banking to open the secure browser window

eplgIE.dll - also used for Online Banking

Neither have any performance impact on IE11 running on my Win 10 x64 build.

Eset will set another hook, eplghooks.dll into the browser and a number of other processes if the Eset kernel detects suspicious activity. It is normally rare to see this hook set. If it is being set regularly, there is a good possibility that something not normal is occurring on your PC. Again, I have never had any performance issues with this hook set.

Best you post a Process Explorer screen shot showing loaded .dlls of what you are referring to.

 

Link to comment
Share on other sites

dagnabit.

I finally got upstairs, screenshotted task Manager and Process Explorer, saved them into Word, now when I send them down to this computer, the attachments won't allow a .doc

 

I gotta do is again and I can't right now.

 

Edited by ScaleCraft
Link to comment
Share on other sites

12 hours ago, ScaleCraft said:

dagnabit.

I finally got upstairs, screenshotted task Manager and Process Explorer, saved them into Word, now when I send them down to this computer, the attachments won't allow a .doc

 

I gotta do is again and I can't right now.

 

Use MS Paint and save screenshot as a .png file. The Eset forum allows .png and .jpg attachments.

Or, upload screen shot to a file sharing service and post the link to same in your reply. 

Link to comment
Share on other sites

I can do it..just didn't know the format and was unable to do it yesterday afternoon. Now done.

I give ip. Now there is a problem and "contact us".

Let me try the Task Manager shot.

 

Link to comment
Share on other sites

Test. I just uploaded the below .png screen shot from my Win 10 desktop w/o issue using IE11.

 

Eset_Win_Updates.png

Edited by itman
Link to comment
Share on other sites

I have no admin answer as of yet. I have a .jpg at 1.3mb, well below the 2mb limit, proper format, I am guessing since I have few postings so far there is a block to curtail SPAM, but that's just a guess.

Link to comment
Share on other sites

No go. I even tried dragging files, still won't allow it.

"Accepted file types txt, log, zip, rar, png, jpg · Max total size 10MB · Max file size 2MB " and the files are 1.3MB and are .jpg, so who knows.

Link to comment
Share on other sites

  • Administrators

In the advanced Web access protection setup, there's an option "Enable advanced scanning of browser scripts". Disable it for a test to prevent eplgfirefox.dll from being injected into the browser. Also permanently disable (ie. don't  pause) Banking and payment protection. If the problem persist after restarting the browser, most likely the issue will not be caused by ESET. What you can do is temporarily uninstalling ESET and see if the problem goes away. Your license entitles you to use also EAV which doesn't include Banking and payment protection. However, disabling it permanently in ESS should be equal to downgrading to EAV in terms of integration to browsers.

Link to comment
Share on other sites

We did un-install ESET and the problem did, in fact, completely disappear.

When we re-loaded ESET, we stopped banking, so it is NOT "paused", rather stopped fully.

So we have done all but the process you ask..and I will do that.

Will require a re-boot as that is the only way to kill the process, but I am more than willing to try.

Answer one more on this please:

Do you really want screen shots of Process Explorer and/or Task Manager?

I still cannot post them, it says there was a problem and to contact ESET...and I did. Two folks...via PM on this very forum, and so far, no response.

If you do not want them, I will just delete them.

 

Thanks.

Link to comment
Share on other sites

I was able today to do what you asked. Oddly, when I tried it the first time, the ESET icon in the tray disappeared, no way to open it from any function.

Reboot, found that particular function, stopped it, opened FireFox, and it works with ONE process open, NOT locked at 50%.

I will leave my question up for a bit to see if you really want the screen shots before I delete them.

Thanks....and that must explain why NOD32 worked and SS did not in this particular application.

Link to comment
Share on other sites

2 hours ago, ScaleCraft said:

Reboot, found that particular function, stopped it, opened FireFox, and it works with ONE process open, NOT locked at 50%.

You might also want to "play" with Firefox's plug-ins such as NoScript if your using it and the like. Suspect that one of those plug-ins is conflicting with Eset's advanced browser script scanning feature.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...