Help config certificates, protocol filtering, random error communicating with kernel

Yeah, thought that might be case.

Certificates seem to work fine for me in FF, which *is* installed properly, so all looks good from here. No ideal about FF betas etc.


jim

 

This no longer works though:

https://time.systemsadvisers.com/wsg/etlogon.asp

It's an IE-only site and now comes up with "Error". Disabling SSL filtering allows it to work again.



Jim

 

Not much steps to reproduce this problem, I just go to ncix.com, click the login link in the top right corner and then I get a warning dialog pop up about ssl.google-analytics.com so I click the Security tab, fill the checkbox there and press the reject button. Then if you look in the address bar there's a question mark icon. I click that to show the certificate details. See all the attached photos.

 

then what programs ARE supposed to be set to active mode? I have 60 that show up in my list and I have no clue what should or shouldn't be ticked?

 

Have you tried what I suggested here to see if it makes a difference?

You don't have to tick any. If you would like to test how active mode behaves, select only the browsers you use.

 

well active mode is supposed to isolate files until fully scanned and then released to the app waiting for access. If I remove the tick then apps get access to parts of the file before it is completely scanned. I prefer the more secure option hence I chose active mode but since there's so many programs tied to each app I don't actually know which ones should be ticked. I mean Windows Live Messenger is composed of at least 4 programs, one for contact list, one is the main program, one for communicating with WLM servers, another for IDK what. Some browsers consist of more than one app also, programs interact with svchost.exe or other programs so how am I to know which tick and which ticking will hinder the programs.

I have tried that suggestion in the past and this is the result I have now. According to that eicar zip file my SSL scanning is working sometimes, it's the Certificate Authorization that's not working, it seems the certificate issue could be compounding SSL scan functionality not sure. I want to use Active Mode as it's a more secure method of real-time scanning yet I have definately seen that ticking off some programs causes system hinderence and program instability so I don't know which apps should be in active mode and which should not.

My understanding of Active Mode is that it isolates files from requesting apps until NOD32 has completely scanned the file, then the file is released to the app or OS. Without active mode parts of the file is accessible before NOD32 has completed scanning. If you were downloading an infected file the malicious code can be read BEFORE NOD32 has had a chance to scan & isolate it.

I have not had a chance to shut down my browsers yet so I will try removing and readding the certificates & SSL scanning again when I get the chance but I have done this approach in the past and I still have this result now.

How do I make ESET not freeze during startup and prompt me about "Error Communicating with Kernel"? When that really long load up occurs the whole system is unresponsive and NOD32 fails to load. Then I have to wait for everything else to finish loading and then manually launch NOD32 from the ESET program group in the start menu.

 

seems closing all the browsers & disabling SSL & unchecking the root certificate and then re-enabling them both fixed the warning dialogue popup in Opera. No change in Safari as you all mentioned would be the case. Chrome doesn't show any issues with Certificates either. Havn't tested Firefox 3.6 or IE8 yet.

Now all that's left is the "Error Communicating with Kernel" issue I get randomly at reboot or cold boot. Active Mode hindering system/program performance & stability. Could use recommendations on the best way to configure Real-Time scanning options too.

 

here's another problem I've been having since April. Why does ESET NOD32 cause such high IO Write Bytes? It seems to be further inflating other processes too and always causing very small sized writes. This concerns me as I'm using an SSD and frequent tiny writes reduces overall performance. Lets just say as long as my system is not in standy the SSD activity light blinks once per second up to several times per second non-stop and I'm the type of user that runs my laptop several weeks to a couple months between reboots/shutdowns.

Can you help me figure out if ESET NOD32 is the cause?

 

If you count the number of read bytes for other processes, I assume it will be very close to what is shown for ekrn.
As for writes, you can try disabling archives/sfx archives and runtime packers for all modules (including startup scans) to see how much the number of writes will be reduced. After doing so, ekrn should virtually write only when logging or performing updates. Of course, doing so is not recommended and would expose your computer to threats.

 

I've never edited the default scheduled task settings in NOD32. I noticed from a previous install if I try to look through it the settings change and can't be reverted to default. I didn't know what options should be used, blank with no settings as it came or "scan all files before user logon", "scan all files after user log on", "scan system files only" etc. None of this is mentioned in the ESET help file.

 

none of that helped see the new screenshot

 

well any suggestions or comments on all this?

 

if I don't select svchost.exe in the excluded applications list then microsoft update is unable to retrieve updates.

 

I'm still getting this error communicating with kernel. I already upgraded NOD32 to v4.2.67.10, rebooted, removed the ESET root certificate & disabled SSL scanning and then re-enabled both. I have Checkmarked both Safari 5.0.3 for windows & Chrome 8 in the "excluded applications" list. I still get this error when I reboot and have to launch NOD32 manually by going into the start menu and navigating to the ESET program group and clicking the egui.exe shortcut.

BTW 90% of the time I use the Ethernet port & cable with my WiFi radio turned off and this error still occurs.

 

so is there any remedies for the "error communicating with kernel" problem?

 

If ekrn doesn't start on time sometimes, it's most likely caused by another service that takes too long to start so the attempt of egui to communicate with ekrn times out. Try using Startup delayer to delay the start of egui by 2 or more minutes.

 

how can I find out which service is causing that delay? I'm using a Core 2 Solo laptop with an Intel X25-M SSD drive. I don't believe there should be a delay. BTW I know I can manually set "delayed startup" on the service properties using vista's service control panel. Would that be safe to do? I always thought ESET should start asap to prevent any malicious software from starting up right?