Jump to content


Most Valued Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


itman last won the day on February 9

itman had the most liked content!


Profile Information

  • Gender
  • Location

Recent Profile Visitors

6,304 profile views
  1. itman

    Trojan keep detected by Eset

    If you need further inducement to apply the above SMBv1 mentioned patch, here's another one attacking Italian concerns: https://blog.trendmicro.com/trendlabs-security-intelligence/monero-miner-malware-uses-radmin-mimikatz-to-infect-propagate-via-vulnerability/
  2. Do you have issues with other software updating? How about Win Updates - do they download and install within a reasonable amount of time?
  3. What I am wondering is if for some strange reason on this device, Eset has gotten stuck in a never ending update loop. Perhaps caused by updates running at default scheduled times but prior updates still in progress; or Eset detects they are but in reality are not? What might be worth a shot is to temporarily disable all updating as shown in the Eset Knowledgebase article: https://support.eset.com/kb2767/ . Reboot the device. Then verify if the product updating activity has stopped. If the product updating activity has ceased, then reenable the previous disabled settings and verify that Eset is now updating as scheduled and without issue. If after reboot the product updating activity is still active, let the device run for a while to complete any current activity in process. Once that stops, then reenable the previous disabled settings and verify that Eset is now updating as scheduled and without issue.
  4. itman


    Or, just post a screen shot with the Eset alert shown. Do you use Chrome as your browser?
  5. itman

    Ransom email

    Again as previously explained, its a scam e-mail. Everything stated in the e-mail is untrue. Sometimes a bit of deductive logic goes a long way in these situations. If the e-mail author had all the capability he states, your PC would already have had all its files encrypted and you would be greeted with the typical ransomware desktop screen at boot time. BTW - you should not be opening e-mails from unknown/untrusted sources unless you previously verified that the sender was legitimate.
  6. FYI - MSRT is downloaded and run with each Win Update monthly cumulative update as noted in the link reference posted below. Therefore, there is no need to download it separately. It is also of dubious effectiveness: https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx As far as Microsoft Safety Scanner which is a bootable media installation, you can create a more effective like solution using the Eset "SysRescue Live" option available in the Eset GUI Tools section. Bottom line - Eset provides you with all the system security you need.
  7. Correct. But you should verify this using Win Security Center. The below screen shot is for Win 10 1809: Correct. Although really not needed, running most non-realtime security software for a second opinion should cause no issues. For example, you could configure Windows Defender to perform "Periodic scanning." The only issue in this regard and possibly with other like security software is system resource usage. In the case of Windows Defender, it will load its engine at boot time which consumes quite a bit of memory although the engine is only used for its once a day periodic scanning.
  8. Doubt the installation of Eset has anything to do with this browser error. The error is usually an access permissions issue associated with a directory/file on the server you are connected to. Additional causes are here: https://www.lifewire.com/403-forbidden-error-explained-2617989 . I would contact the vendor associated with survey as to possible causes and remedies.
  9. itman


    Since you have received no response to this issue in the Malwarebytes forum where you also posted, it appears you have a malicious Chrome extension installed that is connecting to this domain. You will have to remove each extension one by one until you find the one that is performing the attempted connection. My guess it is the extension associated with the game you mentioned. You can also at your own peril and definitely not recommended, add an exclusion for scrlink.cool for malware scanning within Eset Web Access protection as shown in the below screen shot:
  10. itman

    websites automatically opening

    First, make sure your browser pop-up settings are properly configured to block or ask you permission for pop-ups to run. If you are using Chrome, refer to this article: https://support.google.com/chrome/answer/2765944?co=GENIE.Platform%3DDesktop&hl=en
  11. itman


    BTW - scrlink.cool is also blocked in IE11:
  12. itman


    Another thing you can do is open an admin command prompt window. Then enter "tracert scrlink.cool " as shown in the below screen shot. As shown, I see a connection to one of my ISP servers that forwards the connection to a relay server in Amsterdam. This in turn routes the connection to its final destination, customer.worldstream.nl. Of note is URLVoid does show one malware detection for customer.worldstream.nl: https://www.urlvoid.com/scan/customer.worldstream.nl/. However, it is from WOT which leads me to believe the site is OK. However, it appears this is a "hosting" server with other sub-domains associated with it; at least hundreds per Robtex. So it may be that Eset is detecting one or more of the sub-domains as malicious?
  13. itman


    Since you are no longer using a VPN, go here: https://dnsleaktest.com/ and click on the Standard test. All the IP address shown should be associated with your ISP assuming you're using your ISP DNS servers. My ISP is AT&T and here are my results: Query round Progress... Servers found 1 ...... 6 IP Hostname ISP Country none AT&T Services United States none AT&T Services United States none AT&T Internet Services United States none AT&T Services United States none AT&T Internet Services United States none AT&T Services United States
  14. itman


    Go here: https://thebestvpn.com/chrome-extension-vpn-dns-leaks/ and click on "take test here link." Report back with test result.
  15. itman


    I don't have an answer for you. It is possible your Internet traffic is being monitored, etc.. It has happened previously in Egypt: https://en.wikipedia.org/wiki/Internet_censorship_and_surveillance_by_country .