Jump to content

ausgumbie

Members
  • Posts

    54
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

3,486 profile views
  1. Ahem! Sorry about this but I seem to have jumped the gun a little. I've just now got an invite to upgrade to 3.6.1.2711. I've done it and I'm scanning with it. Again, sorry 'bout this. All good now. ? Cheers ausgumbie
  2. Hi all I have one of those Premium versions of Malwarebytes that is enduring. That is it never expires. My wife has a free version and recently upgraded to a newer version which I assume is 3.6.1.2711. My present version is 3.5.1.2522 and I haven't had any popups or notice on the app. about upgrading to the new version. What can I do? Cheers ausgumbie
  3. PS The reason for the removal of editing facilities is interesting! In Australia too, we seem to be needing to keep a certain "alertness" in that area. Pity! It doesn't seem a time where the internet is a place to "play nice". Cheers ausgumbie
  4. Hi Ron, Yes, I had seen it, but my thanks for posting this particular link, because it's another piece of info in the chain that may eventually reveal what's going on. I'll keep following. Cheers ausgumbie
  5. Change to General PC noted - many thanks. BTW - Is there a way to edit or delete posts ourselves? Cheers ausgumbie
  6. Gaah Prunes! Sorry all - I didn't read my OP. ?. Mods, would you mind deleting my second post as it's simply repeating the first. (That'll learn me!) Cheers ausgumbie
  7. Hi all I write from the Land Down Under, Queensland, Brisbane. I'm currently enjoying a large number of internet outages. For fellow Aussies, I'm with Telstra. Technology = NBN-HFC. Arris CM8200 modem, Sagemcom F@st 5355 router. Fellow Aussies would suggest the outages are caused by one or more of: NBN upgrades (possible - they've been flagged), Telstra (no further explanation needed), or F@st 5355 router (no further explanation needed). In the router log, I and others have noted a frequently-appearing Error Message, viz: "DNS name resolution failure (canonicalizer.ucsuri.tcs)" On a very few places online this connection is discussed, the connection between Windows 10 SmartScreen and canonicalizer.ucsuri.tcs is confirmed but no one is able to say more than that. canonicalizer.ucsuri.tcs is NOT a registered domain. So, I'm searching for info... A respondent to a Ten Forums thread (https://www.tenforums.com/antivirus-firewalls-system-security/118347-any-win10-smartscreen-canonical...) I started on this point directed me to a German article: (https://www.gameindustry.de/hints.php). The section on SmartScreen seems to read (my translation - I have some German - based on Google Translate and Collins Online): Microsoft SmartScreen: Behind the introduction of SmartScreen as a protective function in Windows against "potential threats" hides a [stupid]* telemetry service. Microsoft SmartScreen turns itself on during each installation of a program and asks the user if he/she really wants to install a program. In the background three addresses activate themselves for this purpose. 1. checkappexec.Microsoft.com 2. t.checkappexec.Microsoft.com 3. canonicalizer.ucsuri.TCS If something is installed from the Windows Store, the "licensing.mp.microsoft.com" activates itself in addition. While the "licensing" address does make sense in validating product keys, Smartscreen directly [passes on]* recorded data from the user's computer in relation to installation directories, installation time, language settings, what will be installed where, operating system / version, location, unique user ID, settings for created group policies and much more. These three addresses from Microsoft SmartScreen (besides the mentioned licensing) are also entered in the hosts file and thus prevent unnecessary disclosure of things. A win-win situation for both sides, because in addition to [the host’s] own privacy and Microsoft's server will also be protected. (Caption to pic) Microsoft Smartscreen Telemetry With SmartScreen, Microsoft not only gets a precise insight into folder structures, but can theoretically get an overview of any user interests. [It gets that gratis]* with each click on an exe file being installed. An excerpt prepared here as a screenshot. Contents vary little for these three addresses listed. *NOTES: [stupid]. The paragraphs don't seem derisive of Win 10/SmartScreen. So, I'd understand "stupid" here as "simple, unsophisticated"; i.e., the telemetry service is something of a blunt instrument. [passes on]. My interpretation of "SmartScreen gibt ... weiter". [the host's] own (privacy). My interpretation of "eigener (Privatsphäre)". [It gets that gratis]. My best understanding of "Das umsonst ..." Any additional info - guidance most appreciated. ausgumbie
  8. Hi again Porthos OK, compatibilities cleared, files and folders added to Norton's "Items to Exclude from Scans" and Clean and Reinstall done (and updated). I restarted the laptop and can report success. All real-time protections are enabled. I chose "Scan for rootkits" also in settings but have left "Enable self-protection module early start" as I'm not entirely sure what it does. If I remember rightly something I read, choosing this causes a one-time delay in self-protection but I'm not sure. If there's an advantage to enabling it, I'll do that. I've kept the Clean log. Would you like me to post it? I'll express my sincere gratitude at this point, because it's wonderful to be back in action again. The Windows 10 Fall Creator's Update has been giving me enough to moan about with the changing login picture and other silliness I note other users are also suffering. Cheers ausgumbie
  9. Hi Porthos, I haven't abandoned you or my request. I've been traveling and have a few things to keep me busy before I can settle back to wrestling with Norton. Meanwhile I was intrigued by your comment: I'd chosen Norton based on reading a number of online reviews (usually the same sources each year) which placed Norton 360, later Premium, in (if not always at the top of) the top 5 AVs. I've been a Norton customer for years on this basis, breaking off at one period when their reviews were bad. So, I'm not loyal to Norton - I'll be loyal to whatever gives me optimal protection. But I'd never thought of WD as a strong AV. I'd be curious to know what you see as "unattractive" about Norton and what you feel makes WD attractive. Norton costs, WD is free and you've always got to watch that you don't tell Norton to 'automatically renew' a subscription as happened to my wife several years ago. Also, I'd go WD + MBAM if it gave comparable protection and avoided the sort of conflict that seems to be plaguing me now. I also like MBAM's popups that tell you why a certain page wasn't loaded - can't get that without Realtime protection. And that often occurs on pages Norton throws up no objection to. I've also been increasingly unhappy (along with a number of others I gather) about the way Norton Account doesn't clearly show the number of seats you are using your product with (e.g. https://community.norton.com/en/forums/accounts-devices-missing-device#comment-7482141. and https://community.norton.com/en/forums/where-has-my-services-link-my-norton-account-gone.) Granted, that has noting to do with protection. The other thing I felt unhappy about was that now you have to be online to "comprehensively" scan with Norton. I'd like to scan my detachable hard-drives, but won't do so online. So, I'd certainly value opinions and arguments here. Please pm me if you feel uncomfortable about commenting on the thread. Cheers ausgumbie
  10. Hi Porthos, Need to break off here (family demands). I'll return later tonight or tomorrow. Just two questions. After the Clean install, I assume MBAM will still recognize a lifetime licence as being in my name? And, anywhere I can get help on adding exclusions to Norton Premium? Can't find, on brief explore of NP, how to do this. Till later, then. Many thanks ausgumbie
  11. Thanks Porthos Herewith the mb-check-results zip. A note. I downloaded the FRST and check exes to a usb on my second laptop (running Ubuntu 16.04), transferred them to the affected laptop and did the scans there. (Then, by usb back to the Ubuntu laptop to connect with you). FRST naturally reported it "could not update" as the affected laptop wasn't connected to the internet (see orig post for why I'm reluctant to conect as yet). So the FRST scan is done without the latest updates. If that causes issues, obviously let me know. cheers ausgumbie mb-check-results.zip
  12. Hi all I have a 1 lifetime Anti-Malware license for PC which I got back in the day. It's dutifully upgraded over the years, most recently 7 November, when I got version 3.3.1.2183. I'm runing Windows 10 Home (Build 16299) and Norton Premium. Today (Sat. 18 Nov) was a big day for updates. I got a Windows update, Adobe Reader 11 (and changed it for Acrobat DC), 100 MB of Norton - I think that's it. At one point my Outlook 2013 client (I was online at the time) got fed up with working and disappeared. (I mean its open windows did - its icon stayed on the taskbar and kept launching textboxes at me when I asked it to reopen saying no, it wouldn't). It was about then I noticed the orange popups in the lower right corner screaming there was no realtime protection. I had recently clicked accidentally on a link in an email I distrusted and, although nothing happened except the Microsoft "something's-happening" wheel rotated for a bit, I've paranoically worried since I've thereby downloaded spyware which will call back to mother next time I go online. I've done a compatability check, repeated scans in and out of Safe Mode. Found nothing - changed nothing. I'm only unable to turn real-time protection on. All other settings except Delay real time protection ... I've turned or left on. I'm writing this from another laptop. So, long story short, help??? ausgumbie
  13. Hi all Just came across the thread below (Not sure if what's now displaying was meant to happen - I just pasted the url and ... ). Anyhow, thought I'd start a new thread rather than tag onto the previous. My experience seems similar to the other thread's OP. I was researching an apparently innocuous topic (ancient Greek roads in Attica). I started exploring links from a page (A GIS-BASED STUDY OF ATTICA) on the bordersofattica.org website. The further pages I tried to access, I assume, were all in that website. MBAM threw up a number of Malicious Website Blocked alerts. I checked these and found only one IP address* referenced (*212.27.63.106) although there were a number of blocks. I checked that address (on Central Ops net). That didn't enlighten me. Then, possibly like thais, I googled the address. This produced many links, one of which was "The Anti Hacker Alliance fights against 212.27.63.106". I clicked on this link, and first came to (I've left off the http bit deliberately) "//anti-hacker-alliance.com/index.php?ip=212.27.63.106". That page seemed to load successfully, but then it suddenly 'flipped' to a page "//www.validome.org/lang/en/get/http://212.27.63.106". At this point I think MBAM again threw up a couple of popups announcing further blockages. (On VirusTotal, Yandex Safebrowsing called the "Anti Hacker Alliance" a Malware site. The "Validome" url had no bad reports). The flip to the "Validome" page worried me as further googling didn't seem to establish a connection between "The Anti Hacker Alliance" and "Validome" so I don't know if this was a valid redirection. I'll attach a (composite) screenshot of the "Validome" page below. I gather MBAM thought loading the "Validome" page was an attempt to access the malicious site. I looked at the protection log again (an MBAM threat scan had been running at the time) and noted there were 3 "outbounds". There had been 2 when I first checked after noting the alert popups, but I subsaequently re-launched the "Validome" page from Firefox memory to get the screenshots. I've kept the Threatlog and Protection Log if they're needed. Help appreciated ausgumbie
  14. Hi all This has been pointed up in other places but it probably doesn't hurt in the retelling for any upgrading to Windows 10. I received this from staysmartonline (Aust. Govt.) to which I subscribe: "Fake Windows 10 update leading to ransomware attack: Alert Priority High Ransomware disguised as an installer of the new Microsoft Windows 10 operating system is encrypting Australian user and business computers. The ransomware resides in an email that claims to be from Microsoft which offers a free upgrade to Windows 10. The email contains a zip file attachment, which contains a program labelled as the Windows 10 installer. However, if you run this program, it will encrypt any important files, including Word documents and photos on your computer. If you receive an email offering a free upgrade to Windows 10, we advise that you delete the email and do not open it or any attachments. Windows users interested in upgrading their computer can register via Microsoft’s official website. Windows 10 updates will then be facilitated by a program on your computer, not via an email offer." And so on. The word is certainly out there although some (like me) twig to it a bit slower than others. This post is for them. See, e.g.: https://www.google.com.au/?gws_rd=ssl#q=windows+10+ransomware+alert Cheers ausgumbie
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.