powershell/psw.coinstealer.b

[mohu 0]

No problem at present.

Okay, I will do daily security checks for the next week or so.

Thank you very much for your kind attention.
Thank you very much for your cooperation.

I am truly happy to have purchased ESET from the bottom of my heart.

[Nightowl 206]

To be more safe , block in your firewall the IP Address that the detections came from

93.115.20.78

 

Edited November 13, 2022 by Nightowl

[Marcos 5,273]

41 minutes ago, Nightowl said:

To be more safe , block in your firewall the IP Address that the detections came from

93.115.20.78

 

It's already blacklisted by ESET.

[mohu 0]

I have been checking every day and so far no virus has been detected.
No virus has been detected so far and the system is stable.
Thank you very much.

I have one problem.
After I installed eset and solved everything, I started to have a problem with Google Chrome.

The IP address of the server for the site [url of the site] could not be found.
Please try the following

Check your proxy, firewall, and DNS settings
Run the Windows Network Diagnostic Tool
DNS_PROBE_FINISHED_BAD_CONFIG

This has never happened to me before,
It has been happening after disinfection or eset installation.
I have reset the DNSservice cache/reinstalled lanDriver/reset network settings and reinstalled Chrome.
I have tried to reset DNS cache, re-install lanDriver, and reinstall Chrome, but the problem is not resolved at all.

If I repeat F5 after the error message, the connection is restored,
I don't know the cause.
The symptom occurs only in Chrome.

Is there some other system that is broken, such as DNSservice?

Translated with www.DeepL.com/Translator (free version)

[itman 1,748]

32 minutes ago, mohu said:

It has been happening after disinfection or eset installation.

The distinction here is important. If this issue occurred prior to disinfection methods Eset had you perform, then the issue is not related to this activity.

[JamesR 58]

These symptoms are not likely due to the infection, but I do have some steps for you to try before contacting your Internet Provider.

 

According to the logs we gathered previously, you are using your home router/wifi device for DNS and one IPv6 address for DNS.  That means I would apply the following troubleshooting steps:
 

1. Attempt to power off and on your router/wifi and modem.  This may clear it up.  If this works, stop here.  No need to continue.
2. Set your computer to use specific DNS servers like Google DNS.  Here are steps to try seeing if this helps.
   1. Windows key + R
   2. Type in: ncpa.cpl and press enter
   3. Right-click on the following network name and select Properties: イーサネット
   4. Find "TCP/IPv4" and right click it and select properties.
   5. Click "Advanced" then click on the DNS tab
   6. Make note of any DNS servers listed (incase you need to put them back in), then remove each one.
      1. 
   7. Next click Add, and add the following one at a time.  Then click OK to all of the windows and test if your internet has stabilized.
      • 8.8.8.8
      • 8.8.4.4
   8. If your internet still is not stable, repeat the steps above, but at step "4. Find TCP/IPv4...", instead find "TCP/IPv6" and click properties. then Advanced > DNS and remove all DNS, and add the following 2 addresses one at a time:
      • 2001:4860:4860::8888
      • 2001:4860:4860::8844

If this still does not work, then you will need to contact your internet service provider to perform more troubleshooting or even default/reset your router/wifi or modem to factory defaults.  Also, if this does not work, do not forget to set your DNS back to what it was before.

If this does work, and you do not wish to use Google DNS, you can find many alternatives, or contact your Internet Provider to obtain the DNS Addresses they would normally provide.

 

Side Note: Some may not like that I am having you test with Google DNS.  This is just a test and feel free to use other DNS servers as you wish.  In my opinion, Google DNS is just simpler to type IP Addresses for quick testing purposes, with less chance of a typo causing a problem.

[mohu 0]

I have already tried rebooting the router, etc.
I don't have the identical symptoms on other pc's.

When I reach the end of my patience, I will give up and initialize my main pc once (;_;)

[itman 1,748]

1 hour ago, mohu said:

The symptom occurs only in Chrome

I believe this is the significant comment.

If this was an ISP DNS server issue, it should manifest on all browsers.

You stated you uninstalled Chrome and reinstalled it. I am not that familiar with Chrome since I always use Firefox. In Firefox when it is uninstalled, it does not delete your existing profile data. It then uses that existing profile data when you reinstall it. Perhaps the same occurs in Chrome? If so, the issue may lie in your Chrome profile data.

Another possibility to explore is if you have installed Chrome add-ons/extensions. One of those might be the culprit.

Finally, in the past, Eset's SSL/TLS protocol scanning has caused issues in both Firefox and Chrome. You can temporarily disable SSL/TLS protocol scanning and see if this resolves your Chrome issues. This way we can narrow down where the problem is.

Edited November 15, 2022 by itman

[mohu 0]

That is certainly the case if it is caused by dns.
I am convinced.

When uninstalling Chrome, you can use the
Along with the check to delete all profiles
Revo Uninstaller Pro is used, so there is no log.
I think it is very likely.

I have tested with all extensions turned off once.
Symptoms are still there.

But the strange thing is that when I run the test in Secret mode, the symptoms do not appear.

This is a bug of Chrome which was updated just a few days ago! LOL!

 

[mohu 0]

Just to be sure, I didn't reboot the router earlier.
I have just initialized the router instead of rebooting it to be sure, so we will see how it goes again in a bit.

Thank you very much for your earnest response to my unanswered questions.