Jump to content

Protocol Filtering Problem with Web Pages


spotter4me

Recommended Posts

Hello All:

 

It appears that the Internet Protection Module in NOD32 Antivirus 2016 is once again affecting web pages using Firefox 42 (have not tried other browsers). When Protocol Filtering is checked, secure websites are not displayed. When I uncheck this, everything works correctly.

 

As I recall, this was the same thing that occurred soon after the release of the last version of NOD32 (2015 v8.0). The cause was the Internet Protection Module. It was eventually corrrected by Eset. Does anyone know when the current Internet Protection Modue issues will be corrected?

 

With this being checked, I cannot engage the Internet Protection options of Web Access Protection and Anti-Phishing Protection.

 

Thanks

Edited by spotter4me
Link to comment
Share on other sites

  • Administrators

Have you tried the following?

- restart the computer (do not run any application)

- disable SSL/TLS scanning and click OK

- enable SSL/TLS scanning and click OK

 

Does it fix the problem for you?

Link to comment
Share on other sites

Please Note: In my last sentence above, I meant to say:

 

"With this being UNchecked, I cannot engage the Internet Protection options of Web Access Protection and Anti-Phishing Protection."

 

Thanks for your reply Marcos. I will try your suggestions later today, and report back tonight or tomorrow.

Link to comment
Share on other sites

Have you tried the following?

- restart the computer (do not run any application)

- disable SSL/TLS scanning and click OK

- enable SSL/TLS scanning and click OK

 

Does it fix the problem for you?

Hello Marcos:

 

I tried your fix and it did not work. However, after playing around a bit I found I can browse sights with Protocol Filtering Checked and SSL/TLS UNCHECKED. If I check SSL/TLS I can enter some secure sites, but not others. As an example, I cannot log into my AMEX account. I get the following message:   

 

 

The connection to the server was reset while the page was loading.

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

Please contact the website owners to inform them of this problem.

 

UPDATE: OK, Under SSL/TSL, I had unchecked "Exclude Communication With Trusted Domains." When I checked this, everything now seems to be working. I can now log into my AMEX site. So it now appears, all websites, including secure ones, are functional with Protocol Filtering CHECKED (AUTOMATIC option selected), and SSL/TSL CHECKED (Exclude Communication With Trusted Domains option CHECKED). These options are all under the Advanced Setup Menu after clicking the Web and EMail Tab on the Left.

 

Any comments would be apprecated, especially concerning the "Exclude Communication With Trusted Domains" option.

 

UPDATE 12/3/15

 

Ok it appears the issue HAS NOT been resolved.  When I rebooted the computer this morning I get the following message:   "Protocol Filtering Problem............An error ocured while starting proxy server. Analysis of application protocols (HTTP, POP3, IMAP) will not function."   I cannot retrieve my E-Mail using Thunderbird, and  I get the error message "the page you are trying to view cannot be shown  because authenticity of the received data could not be verified."  Furthermore, when I click to check for Firefox Plugin Updates, that Mozilla page is not rendered properly. If I UNCHECK SSL/TLS but keep Protocol Filtering checked, web pages including secure pages can be accessed (at least the ones I tried to access). I can retrieve my mail, and the Mozilla Plugin update page is rendered properly, but I still get the Protocol Filtering error message when I reboot my computer.

 

It does appear to be an Internet Protection Module issue similar to when NOD32 2015 v8.0 was first released.

Edited by spotter4me
Link to comment
Share on other sites

  • ESET Insiders

What operating system are you using and which version of the Internet Protection module do you have (right click EAV's tray icon and select About)?

Is it only Firefox that has the problem with SSL?

Link to comment
Share on other sites

What operating system are you using and which version of the Internet Protection module do you have (right click EAV's tray icon and select About)?

Is it only Firefox that has the problem with SSL?

Windows 7 64 Bit, and the Internet Protection Modue I have is 1238 dated 11-24-2015.

 

The SSL Problem appears to occur with Firefox 42 and the latest IE 11. Slimjet browser which is a Chrome based browser does not appear to be affected. For instance, I cannot sign into this Eset forum site using Firefox and IE, but I can with Slimjet.

Edited by spotter4me
Link to comment
Share on other sites

  • ESET Insiders
Windows 7 64 Bit, and the Internet Protection Modue I have is 1238 dated 11-24-2015.

 

OK, so you're on Pre-release updates.

If you decide to revert to Regular update, you'll have Internet protection module: 1226.2 (20151127) which seems stable and works fine.

Edited by stackz
Link to comment
Share on other sites

 

Windows 7 64 Bit, and the Internet Protection Modue I have is 1238 dated 11-24-2015.

 

OK, so you're on Pre-release updates.

If you decide to revert to Regular update, you'll have Internet protection module: 1226.2 (20151127) which seems stable and works fine.

Ok, I will switch to Regular updates and report back with my results. Thanks

Link to comment
Share on other sites

 

 

Windows 7 64 Bit, and the Internet Protection Modue I have is 1238 dated 11-24-2015.

 

OK, so you're on Pre-release updates.

If you decide to revert to Regular update, you'll have Internet protection module: 1226.2 (20151127) which seems stable and works fine.

Ok, I will switch to Regular updates and report back with my results. Thanks

 

OK, I just switched over to Regular updates, everything seems to work as far as accessing web sites and secure websites. The only thing left of concern is that the notification message still appears when I boot up each time. It states that "Protocol Filtering Problem............An error ocured while starting proxy server. Analysis of application protocols (HTTP, POP3, IMAP) will not function."   I am running without web access protection and Anti-Phishing protection due to Privacy concerns. Does this boot up message relate to not using those options?

 

Thanks

Link to comment
Share on other sites

Well, I just tried to sign into Ebay and the secure page could not be displayed. The Protocol Filtering issue is still present even after switching to regular updates and Internet Protection Module 1226.2 20151127. I guess that is why I was still getting the Protocol Filtering warning message at boot up.

 

Eset needs to look into this. This still appears to be an Internet Protection Module issue?

Edited by spotter4me
Link to comment
Share on other sites

  • Administrators

When I rebooted the computer this morning I get the following message:   "Protocol Filtering Problem............An error ocured while starting proxy server. Analysis of application protocols (HTTP, POP3, IMAP) will not function."

This is a known issue of the current v9 that will be addressed in the upcoming v9 service build soon. The issue should go away shortly after the operating system has been loaded and all dependent services started. This should be indicated by turning the protection status from red to green. It's just a cosmetic (gui) issue that doesn't affect any functionality.

As for the problem opening secured websites, we'll need you to do the following:

- temporarily enable advanced protocol filtering logging (APF) under Tools -> Diagnostics

- download, install and run Wireshark

- start capturing network communication in Wireshark

- reproduce the issue

- try to download the eicar test file from https://secure.eicar.org/eicar_com.zip

- stop Wireshark and APF logging

- compress the logs

- collect logs using ESET Log Collector

- upload the logs to a safe location

- pm me the download link.

Also send me a screen shot of the error you're getting (preferably from the attempt to download eicar).

Link to comment
Share on other sites

 

When I rebooted the computer this morning I get the following message:   "Protocol Filtering Problem............An error ocured while starting proxy server. Analysis of application protocols (HTTP, POP3, IMAP) will not function."

This is a known issue of the current v9 that will be addressed in the upcoming v9 service build soon. The issue should go away shortly after the operating system has been loaded and all dependent services started. This should be indicated by turning the protection status from red to green. It's just a cosmetic (gui) issue that doesn't affect any functionality.

As for the problem opening secured websites, we'll need you to do the following:

- temporarily enable advanced protocol filtering logging (APF) under Tools -> Diagnostics

- download, install and run Wireshark

- start capturing network communication in Wireshark

- reproduce the issue

- try to download the eicar test file from https://secure.eicar.org/eicar_com.zip

- stop Wireshark and APF logging

- compress the logs

- collect logs using ESET Log Collector

- upload the logs to a safe location

- pm me the download link.

Also send me a screen shot of the error you're getting (preferably from the attempt to download eicar).

 

Hello Marcos:

 

While I appreciate your offer to help here, I do not know if I am comfortable loading software that captures processes and other things on my computer into logs which are then sent to somewhere and to someone I do not know. Let me think about this. I have been a NOD32 user for a long time and never had a problem all these years until versions 2015 and 2016. Both were Protocol filtering issues dealing with the Internet Protection Module.

 

While I am thinking, I do now have a useable license for the latest version of Kaspersky which is also highly rated. I think I will just uninstall NOD32 2016 (after obtaining your requested logs - if I decide to do that), and move over to Kaspersky 2016 for now.

 

Again, nothing personal, I am just tired and a bit frustrated with this whole situation. This is 2 years in a row with the same issue.

 

Thanks Again - if I decide to generate the logs before I unstall NOD32, I will send them to you in a day or two this weekend.

 

 

UPDATE 12-4-15 4:48PM:

 

Marcos:

 

Looks like all the secure websites I have just tried to access since my comments above ARE NOW accesible. The issue has resolved itself?.....except for the KNOWN Protocol FIltering Error Message everytime I boot into Windows 7 64. So it appears the current Internet Protection Module 1226.2 20151127 has fixed my issues. I can now simply wait for the next v9 build for this minor issue to be corrected. I will report back if this somehow changes over the next week or so. As a long time user of Eset's NOD32 Antivirus, I am happy I will be able to stay.

 

However, I will not close this case until I am sure the Protocol Filtering SSL/TLS issues do not come back.

 

Thanks again Marcos and Stackz, for your concerns with my case.

Edited by spotter4me
Link to comment
Share on other sites

  • Administrators

While I appreciate your offer to help here, I do not know if I am comfortable loading software that captures processes and other things on my computer into logs which are then sent to somewhere and to someone I do not know. Let me think about this. I have been a NOD32 user for a long time and never had a problem all these years until versions 2015 and 2016. Both were Protocol filtering issues dealing with the Internet Protection Module.

First of all, if one is having issues with a specific software and does not want to provide the vendor with logs because of insufficient trust, he or she cannot expect the issue to be looked and eventually fixed.

Providing logs is the most essential things that ever vendor requests when tackling technical issues.

The fact that you had never had issues with SSL scanning until recently can be caused either by the fact that SSL scanning had been disabled by default before v9, a software clashing with ESET's protocol filtering was installed in the mean time or a sort of bug was introduced in a recent Internet protection module. Modules are not static, they are being developed over time to provide better protection, usability or compatibility with other software so it's normal that bugs may occur from time to time no matter how intensive QA pre-release testing is. No software is bug-free, that's a matter of fact. Even vendors with thousands of developers and testers release software that is not bug-free. However, if one cooperates with the vendor it's possible to get issues resolved reasonably quickly.

Link to comment
Share on other sites

 

While I appreciate your offer to help here, I do not know if I am comfortable loading software that captures processes and other things on my computer into logs which are then sent to somewhere and to someone I do not know. Let me think about this. I have been a NOD32 user for a long time and never had a problem all these years until versions 2015 and 2016. Both were Protocol filtering issues dealing with the Internet Protection Module.

First of all, if one is having issues with a specific software and does not want to provide the vendor with logs because of insufficient trust, he or she cannot expect the issue to be looked and eventually fixed.

Providing logs is the most essential things that ever vendor requests when tackling technical issues.

The fact that you had never had issues with SSL scanning until recently can be caused either by the fact that SSL scanning had been disabled by default before v9, a software clashing with ESET's protocol filtering was installed in the mean time or a sort of bug was introduced in a recent Internet protection module. Modules are not static, they are being developed over time to provide better protection, usability or compatibility with other software so it's normal that bugs may occur from time to time no matter how intensive QA pre-release testing is. No software is bug-free, that's a matter of fact. Even vendors with thousands of developers and testers release software that is not bug-free. However, if one cooperates with the vendor it's possible to get issues resolved reasonably quickly.

 

Marcos

 

Please see my Update above. I understand your point about the Logs and understand it is difficult to get a fix without them. However, I just do not trust any type of Logging or Cloud Based software. Unfortunately, or fortunately, I have become aware of too many shenanigans going on over the many years from many vendors concerning Privacy, Data Mining, and the CLOUD. With your background, I think you understand what I am talking about.

 

Unfortunately, much of this stems from the US and US based vendors operating everywhere.

 

Thank You again.

Edited by spotter4me
Link to comment
Share on other sites

 

While I appreciate your offer to help here, I do not know if I am comfortable loading software that captures processes and other things on my computer into logs which are then sent to somewhere and to someone I do not know. Let me think about this. I have been a NOD32 user for a long time and never had a problem all these years until versions 2015 and 2016. Both were Protocol filtering issues dealing with the Internet Protection Module.

First of all, if one is having issues with a specific software and does not want to provide the vendor with logs because of insufficient trust, he or she cannot expect the issue to be looked and eventually fixed.

Providing logs is the most essential things that ever vendor requests when tackling technical issues.

The fact that you had never had issues with SSL scanning until recently can be caused either by the fact that SSL scanning had been disabled by default before v9, a software clashing with ESET's protocol filtering was installed in the mean time or a sort of bug was introduced in a recent Internet protection module. Modules are not static, they are being developed over time to provide better protection, usability or compatibility with other software so it's normal that bugs may occur from time to time no matter how intensive QA pre-release testing is. No software is bug-free, that's a matter of fact. Even vendors with thousands of developers and testers release software that is not bug-free. However, if one cooperates with the vendor it's possible to get issues resolved reasonably quickly.

 

Marcos:

 

I have always checked to make sure SSL was enabled in the past, so that could not have been it in my case, however, your subsequent points are Valid, and I am very aware of what you have stated there. Thank You again.

 

Please understand, I am, and have always been a big fan of Eset and your products, and recommend them to many. My frustration was probably due to the fact that Eset has had a long history of Excellent QC, and in Quickly addressing and  fixing bugs. Because of this, and in many other ways, YOU are your own Worst enemy. Expectations are high, especially among us long time users.

 

Keep up the good work. I can tell you many of us really do appreciate your efforts.

 

Have a nice weekend.

Edited by spotter4me
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...