Jump to content


Most Valued Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by itman

  1. YouTube scams are nothing new. Below are a couple of them: https://www.msn.com/en-us/news/technology/how-malware-started-a-bitcoin-hack-that-youtube-just-can-e2-80-99t-keep-up-with/ar-BB17JlUW https://www.leaprate.com/cryptocurrency/regulation-cryptocurrency/crypto-fraud-alert-new-trojan-horse-malware-on-youtube-bitcoin-video/ This is one reason many security forums prohibit YouTube reference link posting.
  2. A couple of closing comments here. 1. You disabled Eset thereby allowing the malware to install a bootkit on your device. Hopefully, you learned a lesson to never do that again. 2. You need to upgrade to Win 10 ASAP. Why? The likelihood of boot/rootkits occurring on Win 10 x(64) is greatly reduced due to kernel patch protection; i.e. KPP, employed in Win 10. Additionally, Eset running on Win 10 employs an early launch anti-malware; i.e. ELAM, driver that loads at boot time prior to any other app drivers. In this case, Eset would have been able to block the bootkit from loading a
  3. I read a posting over at bleepingcomputer.com that Kaspersky's TDSSKiller will remove this type of boot/rookit. You can give it a shot and see if it detects and removes the rootkit. It runs very fast and will produce a log file. Review the log file and see if anything was detected. If so, wording will probably exist instructing you to reboot the PC to complete removal of the rootkit. TDSSKIller can be downloaded here: https://support.kaspersky.com/5350#list -EDIT- After opening TDSSKiller but prior to running it , select "Change parameters" and ensure all the settings shown in this
  4. Panda has an article on this: https://www.pandasecurity.com/en/mediacenter/mobile-news/youtube-virus-tips/ .
  5. You can try using Kaspersky Virus Removal tool: https://support.kaspersky.com/8528 . Make sure when run to select "Change parameters" and select all objects shown including the system drive. Note: If this app refuses to run or aborts shortly after startup, rename the file download - KVRT.exe - to something else and run the renamed executable.
  6. You posted two conflicting statements. First, you stated services are running. Next, you state Eset services are stopped after boot time. If Eset services are currently stopped, restart them. Now try to access Eset GUI via Start menu and run an Eset scan.
  7. Further clarification need on this. Are you referring to the Eset desktop toolbar icon missing? Does Eset still exist in the Win 10 Start menu? Is the Eset service, "Eset Service," listed in Control Panel -> System and Security -> Administrative Tools ->Services? Is the service started and running? Does this folder, "Eset", still exist in C:\Program Files? Does it contain the "Eset Security" folder? Does this folder contain sub-folders and files?
  8. Ignoring the Eset issue for the moment if this is Win 10, Windows Defender should be active and functioning as your real-time protection. Did you check Windows Security Center and verify this is the case?
  9. Same here connecting from the U.S. No issues from Eset connecting to this URL, https://status.camerfirma.com , using Firefox, Edge - Chromium, or Internet Explorer.
  10. Do you have an existing Eset product installed on this device? If it is not Eset Endpoint Antivirus, it should be uninstalled prior to installing the version of Eset Endpoint Antivirus you downloaded. Perhaps you have Eset Endpoint Security installed on the device?
  11. If problems persist after running ESET Online scanner, you could also try performing a Win system restore using a restore point prior to when you installed the app/malware. This won't remove all of the malware and/or app but should reset system settings to what existed prior to the app install. This will hopefully also restore Eset functionality to the point you could run a full scan with it. Note: the malware may have disabled system restore functionality.
  12. No offense taken. My advice is submit the installer to Hybrid-Analysis: https://www.hybrid-analysis.com/ , for a full sandbox analysis and see what it determines.
  13. Further analysis of VT sandbox findings confirms my early suspicions. To understand what is going on, two epi.exe, aka bootstrapper.exe, processes are running. One as the parent process and one as a child processes. Note that the epi.exe processes are not the same. The malicious process being detected at VT is the unsigned parent epi.exe process. The child epi.exe process spawned is legit and validly signed. Ref.: https://www.virustotal.com/gui/file/a7af6d852fadd2bf4b9ef36b3f96e322e08254b20682fe174b0c38738e5f3864/detection Of note is most of the VT detection's for the pare
  14. VT is slowing conflicting info. per the below screen shot. Again, its flagging bootstrapper.exe as the problem. This file is signed. Also, VT lists epi.exe. But, when I scanned the hash for the extracted file, there were no detections. It's as if VT is perhaps detecting the downloaded ver. of epi.exe which I assume is a latest ver. update of the file?
  15. Perhaps the prudent thing to do here is that Eset provide the file hash for epi.exe. Then compare that hash value to the epi.exe file hash value downloaded. -EDIT- Also the VT detection is for bootstrapper.exe which appears to create the following: C:\Users\<USER>\AppData\Local\Temp\eset\bts.session\{02D83BBE-EB93-B7D9-1A5E-10CDAD2E32F1}\epi.exe C:\Users\<USER>\AppData\Local\Temp\eset\bts.session\{02D83BBE-EB93-B7D9-1A5E-10CDAD2E32F1}\sciter-x.dll C:\Users\<USER>\AppData\Local\Temp\eset\bts.session\{02D83BBE-EB93-B7D9-1A5E-10CDAD2E32F1}\eguiActivation.d
  16. For what it is worth, I checked out payment policies at a major e-retailer, newegg.com. They don't accept either MasterCard or Visa payments in any fashion from Canada. Ref.: https://kb.newegg.com/knowledge-base/international-payment-methods/
  17. I never stated or implied that. I was just stating a justification for any merchant not wanting to accept a debit card.
  18. A couple more discussion points on this issue. If you have a Visa or MasterCard logo debit card and the merchant accepts either in credit card form, they must also accept a debit card for payment by either. If they don't, they are in violation with their existing payment processing agreement with Visa or MasterCard. Something for you to check out. If this is the case, you can file a formal complaint with Visa or MasterCard. The only other reason I can think of is why a merchant wouldn't accept a debit card deals with payment issues. A debit card transaction is for all practical purp
  19. Did you set up the proxy server data per the below screen shot?
  20. Additionally, Eset license status is shown in the Eset GUI Help and support section per below screen shot. The posted example shows an Eset license with one seat; i.e. 1 device, purchased:
  21. You're referring to "seats." For example, a 3 PC license has only one license key but 3 seats allocated to it. When this license is installed on a PC, a seat is allocated to it. To reallocate a previous used seat to another device, you uninstall Eset on the device where it is installed. This should automatically remove this seat allocation in Eset License Manager. You can now install Eset on another device and a seat will be allocated to this device in Eset License Manager. However, sometimes things get screwed up for a variety of reasons and the seat allocation in Eset License Manag
  22. Of note is if you run in permanent private browser mode in Firefox as I do, all your history is auto deleted at browser close time.
  23. In regards to why Eset won't accept Paypal payments, Eset licenses have geographic restrictions; both for purchase and use. Paypal payments in regards to purchaser identity are anonymous as to origin of the purchaser. https://www.paypal.com/us/webapps/mpp/paypal-safety-and-security
  24. Appears it depends on whether your debit card is restricted to use only within Canada: https://travel.stackexchange.com/questions/112712/can-i-use-us-bank-issued-credit-debit-cards-in-canada#comment274511_112714 I believe most Visa/Mastercard sponsored bank issued debit cards can be used internationally but some countries have problems. You need to contact your bank about use of your debit card outside of Canada. Your complaint should be why Eset N.A. does not have a relationship with financial concerns outside of the U.S. in countries that th
  • Create New...