Megachip 5 Posted April 7, 2015 Share Posted April 7, 2015 (edited) Looks like I have a problem with EES (latest V6) blockades almost all of my web traffic. Except google, Facebook and microsoft works. Ping and instant messaging works without problems. (Except in VirtualBox on that OS X, there all http traffic is blocked) Enable/Disable web filtering and/or filewall doesn't matter. uninstall works. Any clues? EDIT: Also it destroys a lot of CSS in some websites (like netapp etc), some didn't load at all (blank page). Same as above, enable or disable web filtering doesn't matter. Edited April 8, 2015 by Megachip Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted April 7, 2015 Administrators Share Posted April 7, 2015 By disabling web filtering you mean disabling web protection or protocol filtering? If the latter, could you post the information about installed modules from the About window? Has the issue started to occur just recently? Does switching to pre-release updates following by running manual update make a difference? Link to comment Share on other sites More sharing options...
Most Valued Members planet 232 Posted April 8, 2015 Most Valued Members Share Posted April 8, 2015 (edited) Having no issues here with the regular updates (netapp is loading with the CSS). Along with what Marcos said... Do you have any other application that monitors or modifies your network connection (eg. Little Snitch)? How about 'Web Control' (Allowing or blocking URLs or Categories), is that disabled? Does the issue occur on a secondary browser? Are there any entries in the 'Web Control' and 'Filtered Websites' logs (Open EES, go to Tools > Log files > Log: and check the two) that list the websites that are not working? Lastly, are there any messages in the 'Events' log mentioning "Child process proxy" or anything severe (highlighted orange or red) that looks out of the ordinary? Edited April 8, 2015 by planet Link to comment Share on other sites More sharing options...
Megachip 5 Posted April 8, 2015 Author Share Posted April 8, 2015 (edited) Hi Marcos & planet, thx for the fast reply. As described "uninstall works", I can't check your questions and suggestions anymore. But the problem with accessing webpages started at (as far as I remember) on 2nd of april. Sometimes after lunchtime (GTM+2). At this point web-control and firewall was disabled already. The CSS problem exists since I've installed EES. Does the issue occur on a secondary browser?Didn't test, but afair it worked in virtualBox. Are there any entries in the 'Web Control' and 'Filtered Websites' logs (Open EES, go to Tools > Log files > Log: and check the two) that list the websites that are not working?Are these logs accessible after uninstalling? Lastly, are there any messages in the 'Events' log mentioning "Child process proxy" or anything severe (highlighted orange or red) that looks out of the ordinary? 02.04.15 12:25:07,879 esets[265]: error[01330000]: Protoscan Proxy-Agent: Text (0x151000e3:#{Reason}=336592977) kann nicht lokalisiert werden: Fehler beim Scanner-Aufruf 02.04.15 20:25:13,584 esets[288]: error[033b0000]: Protoscan Proxy-Agent: Text (0x1510002d:${Addr}=:80|#{Reason}=336592983) kann nicht lokalisiert werden: Fehler beim Scanner-Aufruf02.04.15 20:25:13,584 esets[288]: error[033b0000]: Protoscan Proxy-Agent: [0x7eb5f000] CONNECT - c_fd=22 s_fd=-1 c_addr=::1:50729 s_addr=2a00:1450:4008:800::100d:80 pid=407 ppid=1 uid=501 ruuid=501 gid=20 app_name=com.apple.WebKi app_path=/Applications/Safari.app/Contents/MacOS/Safari The following errors seems occurring frequently (but not in the timespan where the problem occurred. Can't remember if I had these problems on the other location (which the 22:XX logs matching) too. 02.04.15 22:54:59,902 ReportCrash[1758]: Saved crash report for esets_proxy[1355] version ??? to /Library/Logs/DiagnosticReports/esets_proxy_2015-04-02-225459_Megs-MacBook-Pro.crash 02.04.15 22:54:59,947 esets[288]: error[011f0000]: ESET Daemon: Untergeordneter Vorgang proxy[1355] hat Signal 11 nicht verarbeitet, Neustart in 0 Sekunden 02.04.15 22:57:28,981 ReportCrash[1764]: Saved crash report for esets_proxy[1759] version ??? to /Library/Logs/DiagnosticReports/esets_proxy_2015-04-02-225728_Megs-MacBook-Pro.crash 02.04.15 22:57:29,034 esets[288]: error[011f0000]: ESET Daemon: Untergeordneter Vorgang proxy[1759] hat Signal 11 nicht verarbeitet, Neustart in 0 Sekunden 02.04.15 22:58:47,062 ReportCrash[1776]: Saved crash report for esets_proxy[1765] version ??? to /Library/Logs/DiagnosticReports/esets_proxy_2015-04-02-225847_Megs-MacBook-Pro.crash 02.04.15 22:58:47,109 esets[288]: error[011f0000]: ESET Daemon: Untergeordneter Vorgang proxy[1765] hat Signal 11 nicht verarbeitet, Neustart in 0 Sekunden Edited April 8, 2015 by Megachip Link to comment Share on other sites More sharing options...
Most Valued Members planet 232 Posted April 12, 2015 Most Valued Members Share Posted April 12, 2015 (edited) Noticing the same issues as Megachip, but with different websites and also includes JS files as well as CSS files. Might also be the reason for the freezes or webpages not loading (trying to get something before loading but failing). I've noticed that JS files are also not loading on some pages - which is the same issue. I found two websites that always has the CSS not working with EES installed, which is DeviantArt and Photobucket.If you uninstall EES, they load correctly instantly. If you install EES, the issue occurs straight away. No indication of anything blocked in the logs or in statistics of EES, so I have no idea why this is happening.Safari does give me this message about trying to load the JS and/or CSS file: Failed to load resource: The network connection was lost. This JS/CSS issue happens as soon as a fresh install is complete, so there is nothing manually configured in EES yet.Turning off all protection from the 'Setup' tab on the GUI doesn't fix it. Turning on pre-release updates also doesn't fix it for now.Only workaround is to uninstall EES, which then loads correctly straight after. Could you post the information about installed modules from the About window? Has the issue started to occur just recently? Does switching to pre-release updates following by running manual update make a difference? The issue occurs straight after installation of 6.0.24.0, which has a prerelease virus signature database version in February 2015 built in. Meaning this issue was occurring with modules and VSD in February, and continues to happen with the latest modules and VSD to this day. Switching to pre-release updates does not make a difference. Update module 1056 (20150113) Antivirus and antispyware scanner module 1452 (20150331) Virus signature database 11463P (20150412) Archive support module 1224 (20150401) Advanced heuristics module 1154 (20150129) Cleaner module 1107 (20150401) Translation support module 1329 (20150326) Internet protection module 1173B.4 (20150331) Web content filter module 1037 (20141103) Database module 1064 (20150303) Mac setting module 1001 (20131204) Configuration module 1007 (20141208) Edited April 12, 2015 by planet Link to comment Share on other sites More sharing options...
Most Valued Members planet 232 Posted April 14, 2015 Most Valued Members Share Posted April 14, 2015 (edited) I'm noticing that a module being used for Endpoint Security for OS X (and Cyber Security now) is causing the issue (guessing it is the 'Internet protection module'). When you install Endpoint Security for OS X, here are the modules/VSD that comes with it out of the box. The issue occurs as soon as the program is installed. Update module 1056 (20150113) Antivirus and antispyware scanner module 1450 (20150126) Virus signature database 11158P (20150211) Archive support module 1218 (20150119) Advanced heuristics module 1154 (20150129) Cleaner module 1105 (20150120) Translation support module 1295B (20141212) Internet protection module 1171B (20150129) Web content filter module 1037 (20141103) Database module 1061 (20141124) Mac setting module 1001 (20131204) Configuration module 1007 (20141208) Currently, pre-release updates for Cyber Security (and Pro) are updating the 'Internet protection module' to '1173B.4 (20150331)', matching with Endpoint Security for OS X. Because of this module update, the issue on this topic is happening with Cyber Security (and Pro) as well now. However, the issue is gone with the current 'regular' module of '1164.1 (20150320)' on Cyber Security (and Pro). But, Endpoint Security for OS X comes with '1171B (20150129)' or if you update on the regular release, you receive '1173B.3 (20150324)', which also has the issue... so there is no available module for Endpoint Security that doesn't have this problem, unlike Cyber Security (and Pro). To put it all together, there is something between Cyber Security's '1164.1 (20150320)' and the current module that made this issue begin to occur (on all of ESET's Mac products). If it is not the 'Internet protection module', it would be a different module causing the issue but with the same reason (recent module update is causing it). Edited April 14, 2015 by planet Link to comment Share on other sites More sharing options...
Most Valued Members planet 232 Posted May 20, 2015 Most Valued Members Share Posted May 20, 2015 (edited) An update, both regular and pre-release updates for the Internet protection module has resolved this issue but I needed to restart the Mac for changes to take effect and for websites to load correctly again. Edited May 27, 2015 by planet Link to comment Share on other sites More sharing options...
sheane 1 Posted July 7, 2015 Share Posted July 7, 2015 Using EES 6.0.24.1 and 6.0.24.0 in combination with ERA 6.x we are experiencing the same thing. Killing the esets_proxy daemon has resolved the issue temporarily, but the problem returned. Link to comment Share on other sites More sharing options...
Most Valued Members planet 232 Posted July 7, 2015 Most Valued Members Share Posted July 7, 2015 Using EES 6.0.24.1 and 6.0.24.0 in combination with ERA 6.x we are experiencing the same thing. Killing the esets_proxy daemon has resolved the issue temporarily, but the problem returned. Is the issue still occurring after having the 'Internet protection module' updated to 1173.9 (20150617) and then restarting OS X? If so, are there any websites you can provide for examples to see if I can reproduce the issue? Link to comment Share on other sites More sharing options...
The-Dane 0 Posted August 1, 2015 Share Posted August 1, 2015 Hi is there any update on this? - I and a couple of users in my my firm, are experience this problem Link to comment Share on other sites More sharing options...
The-Dane 0 Posted August 1, 2015 Share Posted August 1, 2015 In my Company we have recently upgraded to ERA 6.x on an brand new Server. In the beginning everything was fine, but the trouble started with 2 Mac users whom suddenly was unable to browse with any browser Safari, Chrome, Firefox. User nr.1 We had originally installed Endpoint Security OS X 6.x but I thought is was the firewall causing problems, so we changed it to Endpoint Antivirus 6.x 1. time switch - no change - able to ping - but not browse. 2. after an clean install of Yosemite 10.10 we where able to get Endpoint Antivirus up and running - for a couple of days 3. yesterday though - the problem reoccured, but after a restart, the problem had wanted (for now) User nr.2 Is also on Yosemite We have been forced to downgrade to Nod32 4.x and this morning, the same thing happened to me, so I have myself downgraded to Nod32 4.x - now all is good, but it is not an solution. Please help to get this fixed Link to comment Share on other sites More sharing options...
sheane 1 Posted August 13, 2015 Share Posted August 13, 2015 (edited) Using EES 6.0.24.1 and 6.0.24.0 in combination with ERA 6.x we are experiencing the same thing. Killing the esets_proxy daemon has resolved the issue temporarily, but the problem returned. Is the issue still occurring after having the 'Internet protection module' updated to 1173.9 (20150617) and then restarting OS X? If so, are there any websites you can provide for examples to see if I can reproduce the issue? We have recently 'solved' this issue by redirecting the Web Access protection to an unused port - note this effectively disabled the monitoring, but the issues ceased. As Completely disabling web access protection gave those annoying errors in the ERA console. I would like to see this issue get some more attention, as the logs and communication I have had with ESET representatives have led to nothing. I have send logs and other information, but have yet to receive more than 'thank you we received and will get back to you'. Edit: @Planet: Yes issues persisted with 'early updates' and even re-rolls to earlier versions. Edited August 13, 2015 by sheane Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted August 13, 2015 Administrators Share Posted August 13, 2015 We have ESET Endpoint products 6.1.7.0 available for public testing. What it contains is a new Device Control feature (disabled by default) as well as fixes in esets_proxy and updated modules. You can apply for the beta at hxxp://eset.centercode.com. It should become final within a couple of weeks. Link to comment Share on other sites More sharing options...
LocknetSSmith 6 Posted October 12, 2015 Share Posted October 12, 2015 (edited) I see this topic is a bit old, but I was having issues like this with an MSP customer (ESET Endpoint Antivirus for Mac OSX version 6.1.12.0 running on Mac OS X "Lion" 10.7.5) - specifically the following websites were given to me as examples: - aol.com (page never loads) - pandora.com (site loads, but cannot stream music) Working with Eset support, we did end up disabling the ERA_Proxy to resolve. Things have been working great since, but I haven't received word on whether it's OK to reinstall the proxy or if it's still an issue? I'm wondering what protection they've lost not having that proxy running? Edited October 12, 2015 by LocknetSSmith Link to comment Share on other sites More sharing options...
Recommended Posts