Nedim 9 Posted February 6, 2014 Share Posted February 6, 2014 (edited) Hello all. I'm using ESS 7.0.302.26 on a freshly installed Windows 8.1. But there is an issue with a slow boot. It takes about 2 minutes to see my Desktop. I tried to disable HIPS and it did help, and my PC doesn't slow on startup. When I enable it again it bring back the problem. So I looked for another similar threads here and found this one and I tried to follow Marco's instructions posted here. And here are my HIPS records, Sysinspector log and info about installed modules. Any help would be greatly appreciated. Syinsp. log is here: Snip: Link to SysInspector log removed as it contains sensitive information. In the future, please send SysInspector logs via a personal message. HIPS.xml Installed Components.txt Edited February 6, 2014 by Marcos ESI log removed Link to comment Share on other sites More sharing options...
Administrators Marcos 4,694 Posted February 6, 2014 Administrators Share Posted February 6, 2014 Hello, did you start experiencing these issues right after the upgrade to v. 7.0.302.26? Do you remember what version you had installed previously? We've also noticed a discrepancy between the Windows build 9200 in your ESI log (Windows 8.0) and your statement that you have Windows 8.1 installed. What's true? Also please carry out the following tests: 1, disable Advanced memory scanner and try to reproduce the problem 2, disable Self-defense and try to reproduce the problem. Link to comment Share on other sites More sharing options...
Nedim 9 Posted February 6, 2014 Author Share Posted February 6, 2014 Hello, Marcos. Thanks for your reply. I didn't upgrade from previous versions. Only used 7.0.302.26 And yes, I'm using Windows 8.1 Pro. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,694 Posted February 6, 2014 Administrators Share Posted February 6, 2014 It's odd then that Windows reports build 9200 which is Windows 8.0. Please carry out the 2 tests I asked about in my previous message. Link to comment Share on other sites More sharing options...
Nedim 9 Posted February 6, 2014 Author Share Posted February 6, 2014 Also please carry out the following tests: 1, disable Advanced memory scanner and try to reproduce the problem 2, disable Self-defense and try to reproduce the problem. No changes, Marcos. Still slow Link to comment Share on other sites More sharing options...
Administrators Marcos 4,694 Posted February 6, 2014 Administrators Share Posted February 6, 2014 Did you upgrade from Windows 8.0 to 8.1 or it was a clean Windows 8.1 install? As I wrote, the SysInspector showed Windows 8.0 so I assume you created it before upgrade to Windows 8.1 ? Please do 2 more tests: 1, rename C:\Windows\System32\drivers\eamonm.sys (e.g. to eamonm.sy) in safe mode and try to reproduce the problem 2, if renaming eamonm.sys helps, keep it renamed, enable Self-defense, HIPS and Advanced memory scanner and try to reproduce the problem. Link to comment Share on other sites More sharing options...
Nedim 9 Posted February 6, 2014 Author Share Posted February 6, 2014 (edited) It was upgrade from Windows 8 to Windows 8.1. I did it 2 days ago. But I created SysInspector log today on Windows 8.1 ! I'm not sure what's going on about that After renaming eamonm.sys to eamonm.sy I've got a message from Eset that say" Antivirus protection disabled. A critical error ocured while starting real-time protection. The program needs to be reinstalled!" Here's the screenshot: Edited February 6, 2014 by Nedim Link to comment Share on other sites More sharing options...
Arakasi 549 Posted February 6, 2014 Share Posted February 6, 2014 (edited) If you reboot again does the critical error message go away? Marcos does that driver get recreated? Despite the error being shown, did boot speed increase? Edited February 6, 2014 by Arakasi Link to comment Share on other sites More sharing options...
Nedim 9 Posted February 6, 2014 Author Share Posted February 6, 2014 If you reboot again does the critical error message go away? Marcos does that driver get recreated? Despite the error being shown, did boot speed increase? No, I did it two more times, just to be sure. The message is still there. Boot speed is still the same. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,694 Posted February 6, 2014 Administrators Share Posted February 6, 2014 One more thing - disable Self-defense, clear the HIPS log, restart the computer and then post current HIPS records. Link to comment Share on other sites More sharing options...
Nedim 9 Posted February 6, 2014 Author Share Posted February 6, 2014 One more thing - disable Self-defense, clear the HIPS log, restart the computer and then post current HIPS records. Ok....I'll be back Link to comment Share on other sites More sharing options...
Nedim 9 Posted February 6, 2014 Author Share Posted February 6, 2014 One more thing - disable Self-defense, clear the HIPS log, restart the computer and then post current HIPS records. Here it is HIPS.xml Link to comment Share on other sites More sharing options...
Administrators Marcos 4,694 Posted February 6, 2014 Administrators Share Posted February 6, 2014 There are still "Self-Defense: Protect ekrn and egui processes" entries in the HIPS log. These shouldn't be there as long as Self-defense is disabled. Link to comment Share on other sites More sharing options...
Nedim 9 Posted February 6, 2014 Author Share Posted February 6, 2014 Marcos, I checked twice. It's still disabled. After another restart (new HIPS log): HIPS.xml Link to comment Share on other sites More sharing options...
Most Valued Members shocked 60 Posted February 6, 2014 Most Valued Members Share Posted February 6, 2014 (edited) sorry to hijack the thread but I think ess incorrectly reports the os version.the winver.exe shows 6.3 (9600), while ess reports 6.2.9200 win 8.1 is installed after a format Edited February 6, 2014 by pavilion_alex Link to comment Share on other sites More sharing options...
ESET Insiders puff-m-d 120 Posted February 6, 2014 ESET Insiders Share Posted February 6, 2014 Hello, I can verify ESS is reporting the windows version incorrectly. I have same results as pavilion_alex. Link to comment Share on other sites More sharing options...
superssjdan 18 Posted February 6, 2014 Share Posted February 6, 2014 Hello.I can also verify the same as puff-m-d and pavilion_alex. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,694 Posted February 7, 2014 Administrators Share Posted February 7, 2014 Please make a test to check if Self-defense is disabled. Open the Task manager, click More details so that background processes are displayed, select ESET Service (32-bit) and click End task. If no error message pops up and the service restarts automatically, Self-defense is disabled. If you get an error message, Self-defense is enabled and protecting ESET's components. Let us know about your findings. Link to comment Share on other sites More sharing options...
Nedim 9 Posted February 7, 2014 Author Share Posted February 7, 2014 Please make a test to check if Self-defense is disabled. Open the Task manager, click More details so that background processes are displayed, select ESET Service (32-bit) and click End task. If no error message pops up and the service restarts automatically, Self-defense is disabled. If you get an error message, Self-defense is enabled and protecting ESET's components. Let us know about your findings. Sorry Marcos, can't do it at the moment. Since last night, my system is in total havoc. Couldn't restart it, couldn't shut down my PC. Simply, laptop doesn't turn off by itself when I shut it down. Not sure what caused that behaviour. The only way to do it was to disconnect my laptop from power source. I had to re image my system and currently I'm not using any of security solutions. I'm not sure I'll use ESET SS anymore. I'll try NOD32 AV just to see it how it works. Anyway, I want to thank you for your help and support. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,694 Posted February 7, 2014 Administrators Share Posted February 7, 2014 If you thought it was caused by ESET, you could have booted to safe mode and rename the 2 drivers eamonm.sys and ehdrv.sys. Had the problem persisted, it couldn't have been caused by ESET (at least the chances would have been very slim). Also the fact that Self-defense seemed to stay active even after disabling it in gui may indicate an issue with the operating system itself. We've tried to reproduce it here on two systems with Windows 8.1 to no avail. Self-defense was properly deactivated after being disabled in gui and restarting the computer. Thank you for your cooperation Nedim. Link to comment Share on other sites More sharing options...
Nedim 9 Posted February 7, 2014 Author Share Posted February 7, 2014 As I said I'm not sure that ESET was culprit. Currently I'm installing updates for Win 8. After that I'll try EAV and see if it works ok. Will post back.. Thanks again Marcos. Link to comment Share on other sites More sharing options...
comez6 1 Posted June 7, 2014 Share Posted June 7, 2014 I don't know if you are still experincing this issue. Today I found a fix (workarround) For me the slow startup only happens when I sign in with a Microsoft Account. I converted my Windows account to a Local account and now the issue is resolved. I hope it also works for you. For help converting your online account to a local account see: hxxp://www.cnet.com/how-to/how-to-switch-your-windows-8-1-log-in-to-a-local-account/ Kind regards, Richard Link to comment Share on other sites More sharing options...
Nedim 9 Posted June 7, 2014 Author Share Posted June 7, 2014 I don't know if you are still experincing this issue. Today I found a fix (workarround) For me the slow startup only happens when I sign in with a Microsoft Account. I converted my Windows account to a Local account and now the issue is resolved. I hope it also works for you. For help converting your online account to a local account see: hxxp://www.cnet.com/how-to/how-to-switch-your-windows-8-1-log-in-to-a-local-account/ Kind regards, Richard Hello Richard. Thank you for your suggestion. No problems here with ESET AV. I have no plans to use Eset Smart Security in the near future. Actually I would like to try it again but currently I'm a little busy at the moment so don't have much time to investigate this issue. Also I'm not sure that ESET was the culprit. Link to comment Share on other sites More sharing options...
Recommended Posts