Jump to content


Most Valued Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by itman

  1. Open Eset GUI. Select Setup -> Computer protection -> Click on the gear symbol for HIPS. Scroll down to the "Rules" setting and mouse click on "Edit." Create a new HIPS rule as follows: 1. Click on the Add tab. 2. On the first screen display, enter the following; Rule name - User rule: block wscript.exe startup Action - Block Operations affecting: Applications - enable the setting Logging severity - Warning Click on the Next tab 3. On the Source Applications screen, select "All Applications" from the drop down box. Click on the Next tab. 4. On the Application operation screen, enable the "Start new application"setting. Click on the Next tab. 5. On the Applications screen, click on the Add tab. Enter each of the following clicking on the OK tab after each entry; C:\Windows\System32\wscript.exe C:\Windows\SysWOW64\wscript.exe Note: the above assumes you installed Windows on the C drive. 6. Click on the Finish tab to create the HIPS rule. 7. Click on any subsequently displayed OK tab to save your settings. From this point on, monitor your Eset HIPS log for entries related to the above rule. What is needed is to determine what Application is attempting to start wscript.exe.
  2. The problem for Cloudflare is determine who is the real "culprit:"
  3. No. But maybe Eset finally contacted Cloudflare about the issue and they shut down the source on their servers. The problem is you still have this JavaScript malware on your device. Run a full Eset scan as Administrator per the below screen shot:
  4. @Marcos , Eset needs to contact Cloudfare and tell them this IP needs to be shutdown; The attack is being launched from their backend servers.
  5. Open Eset GUI. Mouse click on Tools -> More Tools -> Log Files.
  6. Right mouse click on Eset desktop toolbar icon and select "Log files." Then select Filtered website log.
  7. Then the JavaScript is running from somewhere else. Check your Eset Filtered website log for entries related to this activity; there should be many entries there. Open a few of them and under the Application column, post what process is shown. Also open this folder and see if a like entry exists; C:\Users\xxxxxx\AppData\Roaming\update-win.js
  8. Then the JavaScript is running from somewhere else. Check your Eset Filtered website log for entries related to this activity; there should be many entries there. Open a few of them and under the Application column, post what process is shown.
  9. Open Window Explorer. Then mouse click on the View tab and check mark the settings shown in the below screen shot: Next in Windows Explore, navigate to this folder; C:\Users\xxxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Note that "xxxxxx" above corresponds to the Win account you are currently using. By default that would be the default local admin account. Next open the folder and take a screen shot of what files are shown. Post that screen shot in your forum reply.
  10. Another possible suspect is Eset's firewall rules regarding use of IGMP protocol; i.e. multicasting. GTA V uses UDP ports. This leads me to believe IGMP use although I could not find any GTA V source specifically stating this. However, IGMP use in the regard is well know: https://www.careerride.com/Networking-use-of-IGMP-protocol.aspx By default, the Eset firewall enables the IGMP service and corresponding rules: However, Eset only allows inbound IGMP traffic from the Trusted Zone; i.e. local subnet only with Home or Office protection type also enabled for the network adapter.
  11. If I interpret what you are stating, you are having a problem with accessing files within a directory using Win Explorer. If this assumption is correct, it would indicate that explorer.exe in your Windows directory has become corrupted in some way. Since this appears to have occurred after the Avast installation, I would say that was the source. Try running from an admin level command prompt window; sfc /scannow This will hopefully replace the corrupted explorer.exe and any other Win system files that may be corrupted. If this doesn't fix your issue, contact Avast via tech support or its forum for assiatance since their software appears to be the source of your issue.
  12. It also appears the "confusion" with MicroCenter is they pre-load a 90 day trial version of Eset on their PowerSpec computers: https://community.microcenter.com/discussion/2997/how-to-activate-and-install-eset-antivirus-trial-on-your-powerspec-computer . It appears this is what you are trying to use for activation and is non-applicable in your case since you purchased a full 3 year Eset license. To further add to the MicroCenter "confusion," it appears some outlets are also in some cases, offering a free one year Eset license option: https://store.eset.com/us/offers/mc/ . Suspect that perhaps this is what you purchased with an additional two years added to the license? Let's wait until @Marcos verifies your license key.
  13. Well, that at least explains one thing. Eset is not installed. This is why you're not observing on your device what I suggested doing for activation. The following is up to you. If you still can't connect with MicroCenter, this is what I would suggest. This suggestion is based on the fact that you have indeed purchased an unrestricted use Eset license key. Send @Marcos a private message with your license key. He can then verify that the license key is valid and has no licensing restrictions. He will then reply in this thread what the status is. Assuming the license has no restrictions, we will then instruct you how you can download Eset Internet Security from the Eset web site. Then you can install and activate Eset using your license key.
  14. ESET North America ESET, LLC. 610 West Ash Street, Suite 1700 San Diego, CA 92101 U.S.A. Toll-Free: +1 (866) 343-ESET (3738) Tel: +1 (619) 876-5400 Fax: +1 (619) 876-5845 Web: www.eset.com/us
  15. Again .............. Refer to my above posting on how you can perform an Eset license activation within the Eset GUI itself. You do not have to use the MicroCenter activation web page if you possess an existing Eset license key.
  16. Another possible suspect is the Eset Firewall setting shown in the below screen shot. Assuming the Eset firewall is set to "Automatic," it will defer to the Win Firewall inbound rules to allow unsolicited inbound traffic; unless that traffic was previously blocked by an existing Eset firewall rule. I assume that when GTA V was installed, it created the necessary Win firewall inbound rules it required. This should however be verified. If this Eset firewall setting, "Also evaluate rules from Windows Firewall," is disabled, Eset will not permit any inbound traffic that would be allowed under existing Win firewall inbound rules.
  17. I will also add that since you actually purchased a 3 year Eset license from MicroCenter, you should have been provided with an Eset license key from them in some format; e.g. e-mail, on your PC purchase receipt, etc. Eset license key format is USAX-XXXX-XXXX-XXXX-XXXX where "X" is some character or number. If you have this Eset license key, you can activate Eset within the product itself as shown in the below screen shot;
  18. Worked for me using bogus registration info; see below screen shot. So the issue might be your browser settings or the like. However when I clicked the "Submit" button, a spinning wheel appeared. Then a blank Eset web page appeared with only a "Go Back" tab appearing. Clicking on that just displayed blank web page. In other words, no registration confirmation or as I expected, at least an error message that serial number or activation key was invalid. I would contact MicroCenter tech support and see if they can assist you with the Eset registration process.
  19. The Eset Singapore web site definitely shows a EFS 6.5 download, so I really don't know why it states it is incompatible with Win Server 2003 R2 SP2. Perhaps the ver. 6.5 available for download is not compatible however.
  20. Did you have Eset Internet Security installed on the new PC prior to changing to Eset Endpoint Security? If so, did you uninstall Eset Internet Security, reboot the PC, then install Eset Endpoint Security? Or, did you install Eset Endpoint Security "on top off" the existing Eset Internet Security installation?
  21. I guess I should add that if rootkit is suspected, the best way of "rooting" them out is to perform a scan with one of the AV's boot-able media scanners such as Eset SysRescue scanner. This is because most use a Linux release which allow scanning of directories and files locked from scanning by the Win OS.
  22. According to this: https://help.eset.com/efsw/6.5/en-US/index.html?system_requirements.htm , version 6.5 supports Win Server 2003 although it doesn't state this on the download site: https://www.eset.com/us/business/server-antivirus/file-security-windows/download/ Since you are located in Singapore, use this link: https://www.eset.com/sg/business/file-security-windows/download/ . Then mouse click on "Chose other product version" where you can select version 6; i.e. 6.5 version, to download.
  23. I will also add that Eset BP&P uses a separate FF profile; not the one you use for normal FF browsing. A lot of Eset users don't realize this. If you have made changes to the default settings in your normal FF profile and want those duplicated in the profile Eset BP&P uses, you must manually duplicate those settings in FF while it is running under Eset BP&P mode.
  24. Really don't know what is your problem with showing a .pdf using FireFox and Eset BP&P. Below is a screen shot of a .pdf open in a BP&P session using FF. I was not asked by FF whether to open the .pdf. It opened automatically. By default, FF uses it's own PDF reader to open .pdf files. It appears somehow you have overridden this setting and perhaps instructed FF to use Adobe Reader for example as your .pdf source app in FF.
  • Create New...