Gualano Marco 2 Posted October 22, 2013 Share Posted October 22, 2013 .. and how eset detects them? Link to comment Share on other sites More sharing options...
Arakasi 549 Posted October 22, 2013 Share Posted October 22, 2013 Hi Gualano Your system has a download manager installed according to the alert. These are usually not good and may dump adware, bloatware, or similar on your computer. IDman.exe must have a history of downloading viruses or connecting to malicious sites. I recommend removing or uninstalling it. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted October 22, 2013 Share Posted October 22, 2013 If you havent run a full scan yet, should start one. Eset may remove it for you. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,926 Posted October 22, 2013 Administrators Share Posted October 22, 2013 It appears there are many LockScreen files with double extensions hosted on the url in question. Perhaps you have visited a compromised website with drive-by malware which attempted to download LockScreen from the mentioned urls. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted October 22, 2013 Share Posted October 22, 2013 I cant see the url Marcos The threats appear to be blocked objects though coming from a local executable. I may be missing something Marcos can see that i dont. Which is ok. Either way scanning local drive is recommended for precaution. Link to comment Share on other sites More sharing options...
ESET Insiders stackz 109 Posted October 22, 2013 ESET Insiders Share Posted October 22, 2013 Arakasi, hxxp://www.malwaredomainlist.com/mdl.php will reveal all without needing to personally do any sort of tracking. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted October 22, 2013 Share Posted October 22, 2013 Thank you stackz , Bookmarked !!! I was thinking to myself, i can only see the subnet. Good enough i guess to query ! B) Link to comment Share on other sites More sharing options...
Administrators Marcos 4,926 Posted October 25, 2013 Administrators Share Posted October 25, 2013 I cant see the url Marcos I may be missing something Marcos can see that i dont. Which is ok. I was looking at LiveGrid data and searched for IP addresses starting with the octets / numbers shown in the screen shot Link to comment Share on other sites More sharing options...
Arakasi 549 Posted October 26, 2013 Share Posted October 26, 2013 Yeah i fail at searching sometimes lol. The subnet was good enough .... *Face palm* Link to comment Share on other sites More sharing options...
Recommended Posts