Jump to content


Most Valued Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by itman

  1. Referring to Help & Support screen shot you posted above, click on "Details for Technical Support" under the Technical Support section.
  2. Eset ehdrv.sys is Eset's Helper driver. The Event log entry is being generated due to Win driver protection which will prevent a kernel mode driver from loading from any directory other than C:\Windows\System32\Drivers directory. I assume this is just some residual code from Eset installed product that was inadvertently left in the Online Scanner version. I would just ignore the Win Event log entries related to it.
  3. First, what is a backend API app: https://www.quora.com/What-is-an-API-backend-process Next there is a high likelihood that this activity is related to some mobile app/device on the local network: https://devblogs.microsoft.com/xamarin/add-a-backend-to-your-app-in-10-minutes/ Additional ref. here: https://hackernoon.com/mobile-api-security-techniques-682a5da4fe10 Finally, if Eset URL blocking alerts are originating from wscript.exe, this is highly suspicious unless one created a script to perform like activity. Assuming one is not using wscript.exe, I would create a HIPS rule to block anything from starting C:\Windows\System32\wscript.exe and C:\Windows\SysWOW64\wscript.exe. Make sure logging is enabled on the rule and its level is set to Warning. Your Eset HIPS log entries will inform you as to what process is attempting to start wscript.exe. You can then work backwards in diagnostics from this point. Ensure you disable logging for this rule afterwards so your HIPS log doesn't fill up with related block entries.
  4. Why in the world would you want to do this?
  5. I assume you are referring to Win Event Logs? If so, there are multiple Log files. Post a screen shot with as much detail as possible from the respective Event log entry.
  6. To begin, this web site: https://www.rahvastikuregister.ee/ , only supports TLS 1.2. I assume the scenario here is the browser sent a Server Hello for TLS 1.3. The site server replied with a Client Hello downgrade request to TLS 1.2. However, TLS 1.3 is not down-gradable. I therefore assume a new handshake session is initiated by the browser requesting TLS 1.2. As such, I am confused with what is posted.
  7. When I try to connect to this web site in FireFox: https://adobeid.services.adobe.com , all that is displayed is a blank web page. This make me wonder if this also a TLS 1.3 handshake issue as noted in a thread here: https://forum.eset.com/topic/23687-https-checking-not-working/?do=findComment&comment=114591 . I also am starting to suspect this might indeed and issue with Eset scanning of TLS 1.3 protocol web sites. However, this link, https://adobeid.services.adobe.com , is using TLS 1.2. Also, the link for the Adobe user account web site is: https://account.adobe.com/ . I have no issues connecting to this web site. Note that when connected to this web site, the URL show is https://auth.services.adobe.com/en_US/ .................. I am beginning to suspect a possible phishing redirect is happening with the redirect to https://adobeid.services.adobe.com/ .
  8. Since you seem concerned about various Eset network outbound connections, here's a list of IP addresses and URL's used by various Eset products and features within: https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-eset-product-with-a-third-party-firewall
  9. You have two forum postings on the same subject. In the other post, you stated the issue is resolved: https://forum.eset.com/topic/23691-eset-internet-security-and-windows-defender/?tab=comments#comment-114588 . Therefore, stop posting in this thread.
  10. When I try to access the site in FireFox, web page displays with this error message: Request method 'GET' not supported
  11. I will also add there is a very long thread on GTAForums: https://gtaforums.com/topic/934020-gta-v-crashes-with-error-code-0xc0000005-help/ . Also ditto in the nVidia forum and other sources. All pointing to nVidia driver glitches with GTA. Another issue source was VPN usage. Why this manifests in muti-player mode with EIS installed is still a mystery but I still believe EIS is still not the "main culprit" for this issue.
  12. Upon retry, I am now getting:
  13. Eset when installed, auto disables Windows Defender. One possibility is your Group Policy setting to disable WD is interfering with Eset properly registering itself in Windows Security Center, and letting Win 10 know Eset is the active real-time protection solution.
  14. Add an Eset real-time scanning performance exclusion for F:\Rockstar Games\Grand Theft Auto V\GTA5.exe per the below screen shot and retest.
  15. If playing with EIS Gamer Mode settings does not solve the issue, it appears you have no issue when using Windows Defender. WD does not have a Web Filtering component as EIS has. Prior to starting a GTA multi-player session, temporarily disable EIS Web Access protection. If that eliminates the problem, at least we have isolated the EIS component causing the issue.
  16. With 16 GB of real memory, virtual memory really should not be an issue. Refer to the below screen shot on how to view/change virtual memory settings. With the amount of memory you have, I would just leave it at default setting which is Windows OS manages its size dynamically.
  17. Another thing you can try is to manually enable "Gamer Mode" in EIS prior to starting a GTA multi-player session as shown in the below screen shot if EIS does not do so automatically. Then manually set it back to the pause setting after the multi-player session is finished. Additionally if Gamer Mode currently auto enables at the start of a GTA multi-player session, set it not to do so prior to session start up per the below screen. Now test if GTA runs w/o issue.
  18. This site doesn't render in FireFox. Appears to connect to the site OK but the web page is blank. Might be a problem with the web site.
  19. With 16 GB of memory, this issue is related to having sufficient memory resources. Your posted screen shows that Windows Defender real-time protection is running in addition to EIS. WD should have been disabled when EIS was installed. Having two AV real-time solutions running at the same time might be related to this issue. Does the time for this log entry correspond to when EIS was uninstalled? Again, I see nothing directly related to Eset as the source of this issue. If Eset was the source, the issue would have manifested in single game player mode. At this point, I would recommend you create a Process Monitor log for @Marcos to review. Refer to this on how to do this: https://support.eset.com/en/kb6308-using-process-monitor-to-create-log-files . Only perform the activities listed in the "Gather Process Log" section. Start logging just prior to starting a GTA multi-player session; i.e. prior to GTA5.exe starting. Stop logging after the 0xc0000005 memory access violation error occurs. Post the log as an attachment to your posting or to a file sharing web site if the compressed log file exceeds 50 MB. Then instead, post the link to the file sharing web site download.
  20. According to log entries from the log posted on the file sharing site: A memory violation error is occurring on attempted program startup of GTA5.exe. Specifically, it is a memory access violation error which you can read about here: https://stackoverflow.com/questions/5303524/what-exactly-is-the-scope-of-access-violation-0xc0000005 . Based on what is shown, it is "a stretch" to assume Eset is the cause of this but rather the GTA5.exe process itself is trying to access perhaps kernel memory locations or the like, it does not have the required privileges to do so. Since you only receive this in game multi-player mode, this also could be a indication of malicious remote access activities. This error can also occur for page file access violations. Make sure you have enough physical memory to support multi-game mode. Or allocate additional Win virtual memory if you are managing its size versus the OS. Note that when EIS was uninstalled, enough memory might have been freed to run in multi-player mode w/o issue. Assuming you are running Win 10, open Event Viewer -> Applications and Services Logs -> Microsoft -> Windows. Open both the CodeIntegrity and Security-Mitigations logs and look for entries related to GTA5.exe and this 0xc0000005 memory access violation error.
  21. There appears to be a problem with GTA and EIS: https://forum.eset.com/topic/19306-eset-internet-security-problem/ . However, I could not find anyone having a current issue with GTA that was using NOD32. Your posting references but NOD32 and EIS interchangeably. They are separate products and it appears you are using EIS? Since it appears the prior above linked issue between EIS and GTA was never resolved in the forum, I suggest you do the same as recommended there. That is, open a support ticket with your local in-country Eset technical support concern.
  22. I guess I should also mention that Eset sales policies vary by country when you purchase an Eset license via the web. For example when you purchase an Eset license in Germany, you are redirected to the Eset - Germany LLC web site. This concern might very well enroll you in My Eset as a courtesy. I believe this is doubtful but something you need to verify with Eset - Germany: https://www.eset.com/de/
  23. Yes. As each seat of 3 device license is activated, this is recorded internally on the Eset licensing servers. Once 3 seats have been activated, the license is exhausted and cannot be used for further activation's unless one of the seats is uninstalled from a device. Note: Eset licensing time period starts with the activation of the first seat.
  24. FYI - this is not the same as an Eset pre-release version. It is a beta version of Eset that can contain bugs. Most Eset beta testers are running it in a VM. It should not be used as a production version.
  25. You don't have to create a "My Eset" account if that is what you are referring to activate and use Eset. Creating a My Eset account is an optional feature that allows one to manage their license/s online.
  • Create New...