Jump to content

mtdog

Members
  • Posts

    10
  • Joined

  • Last visited

About mtdog

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    USA
  1. Would that self protection options be called Tamper Protection? I enabled that. As for the accounts on that particular system I now recall that the system was imaged by the builder, US Micro. I don't know why they would build a Windows 10 system with those left over accounts. I'm tempted to re-image the disk to make it match the other two Window 10 systems but I have a difficulty with the Microsoft account. It tries to insert itself into my install and then starts making decisions for me without my consent. I miss the days when a distribution and a license key were all that one needed to build an OS.
  2. The directories are a good place to look but, they they are just directories. For example there is an entity called SYSTEM. But, it doesn't have a directory. And there maybe a /USER directory that is suspicious but how do I find the account linked to it. MS hides the important details of the OS. For example, on one system I have /User directories called ALL USERS, DEFAULT, DEFAULT USER, PUBLIC, and USER. That's in addition to DUCK AND POWELL. Where are the details on these accounts in Windows 10? As I said I only see DUCK and POWELL in the user management section. Regarding the MSERT.exe scan, it found the same problem on all three nodes. I have attached the logs. Start 'remove' for regkeyvalue://hklm\software\microsoft\windows defender\\DisableAntiSpyware Operation succeeded ! msert.log msert.log msert.log
  3. Now that I have disabled remote access I notice that that warning about other users on the system is no longer coming up when I try to shutdown. Just like Microsoft to leave a big gaping hole like remote access and while implying that it is disabled or not available for the Home version. All my systems have two accounts, POWELL and DUCK. The user management interface is so dumbed down that it is not possible to find how other processes might be created that would be interpreted as other users. Typically any OS will have two or more user accounts that run the system but MS hides those from the users so I can say that if there was an extra account created by a hacker I would not know where to find it. But, what would keep a hacker from harvesting passwords and using my own accounts? Also, it may not be possible for the suspected hacker to start a new process since I reprogrammed the router. Problem is the router is from a telephone company, Centurylink, and they probably have a back door on it.
  4. that fixed the email error. Thank you. I don't use any other email client but one never knows when MS might to "do something for me" by automatically activating some other client.
  5. One other security issue that is probably a Windows 10 "user friendly feature" is this message below which comes up on all the systems when I try to shut them down. Of course, there is no user(s) that I know of on the system when I request a shutdown. So is this just a stupid attempt by MS to protect people who might shutdown a Windows 10 system while someone else is using it? Or is there really a process that is remote that could represent another user? It really irritates me because every time I see this message I think of some unauthorized process on my system.
  6. I could not find any ESET items before I installed again. Seems like there should have been some ESET folders under C:\Windows, etc. On another system, UMI, I have a NOD32 error message that I can't figure out how to eliminate. All my systems are configure the same so I don't understand why I have this message on this system and not on the others. The message is, Email protection by client plugins is non-functional. I use Thunderbird on all systems and it has automatic update. I have also attached the logs from this system. eav_logs.zip
  7. Attached are the collected logs from the node, GUNTHER, that had ESET NOD32 disappear. I used the online scan and it found nothing but it only checked the C:, system, drive and not the other two drives, D and E. I did do a factory reset on the router and then reconfigured with new passwords. After the reconfigure of the router, the NOD32 installation program worked and I was able to install NODE32. There was an initial scan and I implemented a second scan in which I tried to get NOD32 to scan the other two drives, D and E, but I was not convinced that these drives were scanned because the scan was over so quickly. Perhaps you can ally my fears that drives D and E have been scanned. One other unusual aspect on this and my other Windows 10 system, REMY, is the fact that I have a request icon to upgrade Windows Media Center, WMC, in the lower right corner in a pop up window (that also has icons for ESET, Windows Defender, and some other icons.) Both of these systems have WMC downloaded and installed from a French site for people who refused to give up WMC after MS discontinued it in Windows 10. Seems a little strange to have an update since WMC is a discontinued product so why would MS have created an update? On the other hand, MS has deliberately inserted into Windows Updates commands that delete WMC such that it needs to be reinstalled after the Windows update. In any case I have not selected to installed the update and I've disabled the update until I can figure out from where it comes. eav_logs.zip
  8. Does that mean that I should wipe the system disk and start over? Would the other two windows 10 systems on my LAN also be compromised even if they still have NOD32 installed? There are file server connections originating on all and going to the other two. Should I wipe those disks and start over as well? Would data disks also be a threat? Those would be impossible to discard. What would I do about my router? Factory reset it and change the passwords?
  9. I just noticed that eset nod32 was uninstalled from my PC. I did not do this. I then tried to reinstall nod32 but I got a message that told me my internet connection was bad. This is not true. I was even able to download the installer from Eset. Is my machine completely taken over by malicious hackers? I don't use a proxy server, just a wireless access point and router from the phone company.
×
×
  • Create New...