Lagging and making certain portions of PC unusable...

[prixone 8]

After Today's update where 2 modules were updated, nod 32 antivirus is making my PC hang in a lot of actions like using the taskbar or firefox.

Would there be a way to revert this last update temporally until the issue is fixed?

 

As far as I remember it was only 2 modules that were updated Today 30, Oct.

Detection Engine: 20266 (20191030)
Rapid Response module: 15157 (20191030)

After these 2 were updated my life became hell.

Edited October 30, 2019 by prixone

[deiwas9 0]

Me too , task bar not responding almost at all times , something happening with this new version . Pc usage goes to 100%. (that happens only if i use bittorent app)

Edited October 30, 2019 by deiwas9

[itman 1,630]

Switch to pre-release updates and see if that helps.

[prixone 8]

pre-release updates did not help, it mainly happens with firefox when I have anything set to open after download for example a PDF, or Image or anything else.

Will try to use the rollback feature. never mind after going pre-release I no longer have the option to rollback great now im royal screwed...

Edited October 30, 2019 by prixone

[itman 1,630]

Forget rollback. Just switch back to regular updates if you prefer.

[prixone 8]

I had a rollback before using pre-release like you told me to, after going pre-release and back to regular I no longer have the option to rollback 24 hours like I had the option, which would have solved my issue temporally at least, if rollback does what I think it does.

I just hope I won't have to move to another antivirus until I see a fix from eset like I had to last time... very frustrating.

[prixone 8]

I don't know how the rollback works but before going pre-release I had a drop down that would let me choose 12hours, 24 hours, etc and that would be enough to re-roll the update of these 2 modules if that is what the rollback would have done, thus temporally fixing my current issue, since it started happening only after I've received that update.

Regular modules:

Detection Engine: 20266 (20191030)
Rapid Response module: 15157 (20191030)

Pre-release modules:

Detection Engine: 20269P (20191030)
Rapid Response module: 15160P (20191030)

Still causing the issue in both modes, would help if I could go back 24 hours with the modules. Edited October 31, 2019 by prixone

[peteyt 388]

9 hours ago, prixone said:

I don't know how the rollback works but before going pre-release I had a drop down that would let me choose 12hours, 24 hours, etc and that would be enough to re-roll the update of these 2 modules if that is what the rollback would have done, thus temporally fixing my current issue, since it started happening only after I've received that update.

Regular modules:

Detection Engine: 20266 (20191030)
Rapid Response module: 15157 (20191030)

Pre-release modules:

 

Detection Engine: 20269P (20191030)
Rapid Response module: 15160P (20191030)

 

 

Still causing the issue in both modes, would help if I could go back 24 hours with the modules.

 

Only thing i can suggest is opening a support ticket via email 

[Marcos 4,935]

Does pausing real-time protection make a difference? What about uninstalling ESET and installing it from scratch with default settings?

[prixone 8]

2 hours ago, Marcos said:

Does pausing real-time protection make a difference?

Yes, that stops firefox from having deadlock and lets me use the taskbar as intended, while its not desired to have it turned off, its something that started happening with recent update that was not happening before.

2 hours ago, Marcos said:

What about uninstalling ESET and installing it from scratch with default settings?

No, that didn't help.

Edited October 31, 2019 by prixone

[Marcos 4,935]

Please reproduce the issue with Procmon running and advanced output enabled in the Procmon menu as per https://support.eset.com/kb6308/. When done, save the log, compress it, upload it here or to a safe location along with logs collected with ESET Log Collector and provide me with download links.

[itman 1,630]

I am using FireFox on ver. 13.0.22 with zip issues. There is a bug in the latest Firefox release that is impacting some users: https://www.bleepingcomputer.com/news/software/mozilla-provides-workaround-for-firefox-70-not-loading-sites/

[deiwas9 0]

For me today everything goes fine , no more lagging . Maybe some fix came out ?

 

[Marcos 4,935]

2 minutes ago, deiwas9 said:

For me today everything goes fine , no more lagging . Maybe some fix came out ?

None that we would be aware of.

[deiwas9 0]

Then idk what happened . Everything was like prixone mentioning , eset HIPS reacting with firefox downloads and  torrent downloading which caused pc lagging for me.

[prixone 8]

Will post an update as soon as I get home with the logs.

[prixone 8]

8 hours ago, Marcos said:

Please reproduce the issue with Procmon running and advanced output enabled in the Procmon menu as per https://support.eset.com/kb6308/. When done, save the log, compress it, upload it here or to a safe location along with logs collected with ESET Log Collector and provide me with download links.

After the modules update Today, it now only hangs with torrent files every other file now work as expected.

Detection Engine: 20274P (20191031)
Rapid Response module: 15165P (20191031)

Will update with logs in a few...

[prixone 8]

I've sent the procmon logs privately to you Marcos, for anyone else trying to test what is going on, here is a way to reproduce my current issue:

By going to the game website www.priston.com.br then hover over "BAIXAR AGORA!" and then you should get a torrent option to download the game "client completo via torrent"

Once I click it it will deadlock and hang firefox, until the download popup asking if I want to save or open the file with an application shows up.

I don't even need to open torrent or download the file, to get this issue. Simple clicking the torrent link is enough to make it all hang.

And that is a legitimate game torrent file for a game that is widely played in Brazil.

Edited October 31, 2019 by prixone

[Marcos 4,935]

uTorrent is known to cause problems with v13. Since it's detected as a potentially unwanted application, we cannot exclude it internally from deep scanning. Try replacing uTorrent with another torrent client. Or exclude utorrent.exe from scanning, ie. add C:\Users\%USER%\AppData\Roaming\uTorrent\uTorrent.exe in the performance exclusions.

[Nightowl 198]

21 hours ago, prixone said:

I've sent the procmon logs privately to you Marcos, for anyone else trying to test what is going on, here is a way to reproduce my current issue:

By going to the game website www.priston.com.br then hover over "BAIXAR AGORA!" and then you should get a torrent option to download the game "client completo via torrent"

Once I click it it will deadlock and hang firefox, until the download popup asking if I want to save or open the file with an application shows up.

I don't even need to open torrent or download the file, to get this issue. Simple clicking the torrent link is enough to make it all hang.

And that is a legitimate game torrent file for a game that is widely played in Brazil.

Switch to Deluge/Qbittorrent , they don't include ads or toolbars, both are open-source.

[deiwas9 0]

9 hours ago, Rami said:

Switch to Deluge/Qbittorrent , they don't include ads or toolbars, both are open-source.

Man you're magician , deluge downloads torrent with speed i never seen before on my pc ;D Also ESET doesn't interfere with it.

Edited November 2, 2019 by deiwas9

[prixone 8]

On 11/1/2019 at 4:41 AM, Marcos said:

uTorrent is known to cause problems with v13. Since it's detected as a potentially unwanted application, we cannot exclude it internally from deep scanning. Try replacing uTorrent with another torrent client. Or exclude utorrent.exe from scanning, ie. add C:\Users\%USER%\AppData\Roaming\uTorrent\uTorrent.exe in the performance exclusions.

I like nod32 a lot but you guys every once in awhile sh1t it so hard, that is frustrating and then just say "we can't do anything", when its literally on your side the issue.

You literally had something that was working, broke it, and are like "oh we don't care about it, just use something else". I just hope I won't have to take the same action I had to do before and move away from nod32 again, hopefully there will be a fix for this issue in the couple next days, if not oh well time to look for a new AV again...

Thanks anyway.

Edited November 3, 2019 by prixone

[Marcos 4,935]

We didn't brake anything. Advanced Machine Learning was added in v13 which also contributes to the said performance problem. You could theoretically disable AML but you don't need to do that since it's much safer to exclude the particular file than the whole protection feature. The issue is specific to utorrent, the way it is packed and unpacked on execution. We are not aware of such issues with any other applications.

[Nightowl 198]

23 hours ago, deiwas9 said:

Man you're magician , deluge downloads torrent with speed i never seen before on my pc ;D Also ESET doesn't interfere with it.

You are welcome , I do use Deluge also , it's far better than uTorrent and doesn't have all of the adware that uTorrent tries to add.

[peteyt 388]

10 hours ago, prixone said:

I like nod32 a lot but you guys every once in awhile sh1t it so hard, that is frustrating and then just say "we can't do anything", when its literally on your side the issue.

You literally had something that was working, broke it, and are like "oh we don't care about it, just use something else". I just hope I won't have to take the same action I had to do before and move away from nod32 again, hopefully there will be a fix for this issue in the couple next days, if not oh well time to look for a new AV again...

Thanks anyway.

As said just exclude utorrent and it should be fine