itman

It might have something to do with the status of the specific user account. For example, the "All Users" account is considered an operating system directory and is not shown by default in Windows Explorer. I suspect that "\\" use as far as the Eset HIPS goes might only work for directories that are not hidden by default. It also might not work based on user account status. For example if the user logs in as standard user, versus a local admin.

Since this is a new license, you might try this: https://www.eset.com/us/activate/ Appears this will create a new Eset account specific to this license. Also appears that a cd-key can be enter here since the web site refers to "retail code" that I assume is the cd-key.

Correct. Hopefully, this new decrypter will allow for previously encrypted files that were saved to now be decrypted. Unfortunately, concerns still don't backup their files in spite of the ransomware threat.

https://www.europol.europa.eu/newsroom/news/just-released-fourth-decryption-tool-neutralises-latest-version-of-gandcrab-ransomware

To back up a bit, one should never see an Eset alert about external IP address sourced port scanning if they are using a router that includes a firewall. If such an Eset alert presents, it is an indication that there is a problem with the router or its current setup configuration.

You're on your own with this device. Appears to be something directly shipped from China. Might be used primarily by U.K telecoms and the like.

Here's the user manual for the ZTE device: https://www.consumercellular.com/Assets/documents/Manuals/ZTE Mobile Hotspot User Guide.pdf . As I suspected, the default password is "Admin." Also make sure WPS has been set up properly which also requires a password.

This indicates that the ZTE Hotspot is properly configured to block any unsolicited incoming open port activity. One possibility is the ZTE device has been hacked and is allowing incoming port activity to your PC from a remote attacker. Note that GRC test would not detect this type of activity. Check if a password has been established for ZTE device. On many such devices, a default password of "admin" or the like is used. Create or change the existing password to a strong one. Then you will have to reset the ZTE Hotspot to reestablish its default values.

Getting back to the OP's network setup, appears the ZTE reference is to ZTE Mobile Hotspot noted here: https://www.consumercellular.com/blog/affordable-portable-wi-fi-wherever-you-go-with-the-zte-mobile-hotspot/ . He then appears to connect to the TP-Link device. The question is what is the TP-Link device? I suspect that it's a USB adapter connected to his PC to capture the ZTE wireless communication. In other words, there is no router per se involved here.

This test is only valid if the router does not have a firewall. It it does, all that it determines is open and stealth port status of the router's firewall.

Appears to me either something is wrong with your router settings, or possibly your ISP's connection to it. The majority of blocked inbound traffic is due to DHCP. The first thing your PC does when it boots is to use DHCP protocol to assign an external connection address issued by your ISP servers. It does this by using the built in DHCP server in the router. When this connection can't be established, Windows will assign an internal APIPA IPv4 address in the 169.254.0.1 through 169.254.255.254 range as shown by your screen shots: https://www.webopedia.com/TERM/A/APIPA.html . Windows will keep trying to establish a valid DHCP address in periodic intervals. Hence the high block count shown. Normally, this situation will resolve itself which appears not to be happening in your case. The problem with the Eset firewall is it doesn't treat APIPA addresses as valid IP addresses for inbound traffic. Without further explanation on the other blocked activity shown in your screen shots, do a hard reset on your router. The easiest way to do so is unplug it from the power source, wait a minute, then plug it back in and wait for it to complete reinitialization. If this doesn't solve the DHCP connection issue, there is either a problem with your router or your ISP. I would start by contacting your ISP about the issue.

Here's a ref. to netio.sys bluescreen issues: https://www.thewindowsclub.com/fix-netio-sys-bsod-error . Normally caused by network adapter driver issues. Eset sometime ago stopped using a network adapter mini-port filter to monitor web traffic. Verify that Windows Defender in 1903 has been disabled and NOD32 shows as the only realtime AV solution active.

It's normal for apps to create files in that directory. It's also quite frequently happens that files remain in that directory after the app has been uninstalled. Since you seem overly concerned about residual files created by Eset's Online Scanner app, then remove the files. Just make sure you are removing files related to it and not some other currently installed app. -EDIT- https://support.eset.com/kb405/?locale=en_US&viewlocale=en_US

See this thread for reference: https://forum.eset.com/topic/19751-eset-online-scanner-wont-remove/

This might have something to do with the Eset detection: https://support.wix.com/en/article/staticwixstaticcommedia-appears-in-url-of-wix-images

Refer to this article as a guide to things you can try: https://neosmart.net/wiki/system-recovery-options/ . Since you haven't been able to boot into Win 7 since the Eset uninstall, I would start with the the "Last Known Good Configuration" option.

Below are links to free AV lab recent endpoint comparative test reports where Eset endpoint was included: https://www.mrg-effitas.com/wp-content/uploads/2019/06/201704-MRG-Ransomware-Test.pdf https://www.mrg-effitas.com/wp-content/uploads/2019/05/MRG_Effitas_2019Q1_360.pdf https://selabs.uk/en/reports/small_business https://www.av-comparatives.org/tests/business-security-test-march-april-2019-factsheet/ A few comments about NSS Labs. They don't charge AV vendors for testing. They earn their revenue from selling their test reports. Just because an AV vendor product is shown as being tested does not imply that the vendor previously consented to being tested. Eset in the past has publicly objected to NSS Labs test methods pertaining to their endpoint product. Despite repeated attempts by Eset to resolve their issues with NSS Labs, it has refused to even respond to Eset's communication to them on these issues. Ref.: https://www.eset.com/us/about/newsroom/corporate-blog/esets-response-to-nss-labs-advanced-endpoint-protection-test-results/

That's a question you will have to ask NSS Labs about. Their response will probably be that you have to purchase the full report to find out why.

To begin with, you should have downloaded EIS ver. 12.1.34 which is the most current version. Open a command prompt window. Copy the following into it and press enter: "C:\Program Files\ESET\ESET Security\ecmd.exe" /startprotectedbrowser Did Eset Banking and Payment protection start your Windows specified default browser?

You didn't get any Eset alerts when they were all disabled as you posted previously. Personally, I would just use another browser. I for one am no big fan of anything Google produces. -EDIT- Also believe its time you open an Eset support ticket on this issue.

1. Open "Services" and for "NVIDIA Telemetry Container" stop service and set startup type "Disabled" 2. Run AutoRuns and in "Task Scheduler" section disable: + NVIDIA telemetry monitor + NVIDIA crash and telemetry reporter (2 instances) 3. You may also want to remove Telemetry logs: C:\ProgramData\NVIDIA\NvTelemetryContainer.log C:\ProgramData\NVIDIA Corporation\NvTelemetry\events.dat C:\ProgramData\NVIDIA Corporation\NvTelemetry\nvtelemetry.log C:\Users\user\AppData\Local\NVIDIA Corporation\NvTmMon\NvTmMon.log C:\Users\user\AppData\Local\NVIDIA Corporation\NvTmRep\NvTmRep.log Who needs an additional spy in your own PC?.. Awesome my friend, I forgot about those other bits We need to send a clear message to Nvidia that we will NOT tolerate their spying on us via telemetry, and we will every workaround we can think of in order to defeat it. It's bad enough that windows 10 is virtually one massive spyware collecting agency Rather than do all of the above, you can simply install nVidia drivers as normal. Once installed open an elevated command prompt and run the following: rundll32 "%PROGRAMFILES%\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage NvTelemetryContainer This will remove all telemetry, logs, services and tasks. I use it all the time now and it's a very clean way of removing nVidia telemetry. https://forums.geforce.com/default/topic/1056140/geforce-drivers/defeating-nvidias-telemetry/post/5830317/#5830317 Personally, I just disable the Nvidia Telemetry service and leave it at that. I haven't seen any outbound Nvidia traffic after that. I also can't vouche the the above rundll32 method since I never used it. As far as blocking GeForce Experience outbound activity, the best way to stop it is never install it or uninstall it. Also according to this article, nothing Nvidia Telemetry or Geforce Experience does is supposedly nefarious: https://www.howtogeek.com/280101/relax-nvidias-telemetry-didnt-just-start-spying-on-you/

Since it appears you want to still use GeForce and not uninstall it, you can download the latest non-vulnerable update here: https://www.geforce.com/geforce-experience/download . That should eliminate the update alert you have been receiving. As far as your other nVidia drivers, you have a problem. For any drivers less that release 390.65, you're vulnerable to the Spectre and Meldown vulnerablities noted here: https://nvidia.custhelp.com/app/answers/detail/a_id/4611/~/security-bulletin%3A-nvidia-driver-security-updates-for-cpu-speculative-side . I would serious considering updating your graphics card.

Or, block uTube within Chrome: https://www.technorms.com/65050/best-ways-to-block-websites-on-chrome -EDIT- You can also try to block uTube using a host file entry: https://www.wikihow.com/Block-YouTube . Note this comment: http://techgenix.com/tips-and-tricks-using-windows-hosts-file/

To begin with, there is a serious security vulnerability in regards to Nvidia GeForce versions prior to 3.18. You can read about that here: https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-geforce-experience-vulnerability The article also refers to Nvidia driver vulnerabilities that have been recently discovered. So you have to verify if your Nvidia drivers have been have recently updated. As far as your screen shot goes, your Nvidia software is indicating that a GeForce software update is available. In light of the above posted, you probably want to perform the update. BTW - you don't need the GeForce software for your Nvidia drivers to function properly. It's primary purpose is to inform you that NVidia driver updates are available. It can be uninstalled via Control Panel -> Programs option.

First, did you reboot after installing Eset? Sometimes Eset Bank and Payment Protection is not functional until this is done. Otherwise, do the following. Suggest you uninstall the current version of Eset using Eset's Uninstaller utility in Windows Safe mode. Note: if you have made any Eset customized settings, make sure you export those prior to uninstalling. You can then import those into Eset after it have been reinstalled. Then download your Eset version from here: https://support.eset.com/kb2885/?locale=en_US&viewlocale=en_US . You should be redirected to the appropriate Eset New Zealand download web site. Run the installer and see if that resolves the issue.