Skip to content

GSA SER Security Concern - Need Advice

DnsaddrDnsaddr Internet
in Need Help

Hi everyone,

I recently encountered a security issue on my Windows machine and wanted to check if anyone else has experienced something similar.

Windows Security Alert (Severe):

  • Detected: Trojan/ScrInject.EK!MTB
  • Status: Quarantined
  • Affected file path: AppData\Roaming\GSA Search Engine Ranker\projects\[]...new_targets
  • The alert mentioned that the program is dangerous and may execute commands from an attacker.

So far, Windows Defender has quarantined the threat, but I also noticed a “Remediation incomplete” message from an earlier detection, which is a bit concerning.

A few questions:

  1. Has anyone here encountered this specific threat before (especially related to GSA SER or similar tools)?
  2. Is Windows Defender quarantine sufficient, or should I take additional steps?
  3. Would you recommend running other tools (e.g., Malwarebytes, full system scan, etc.)?
  4. Should I completely remove and reinstall the affected software?

I’d appreciate any advice on best practices to ensure my system is fully clean and secure.

Thanks in advance.


Tagged:

Comments

  • SvenSven www.GSA-Online.de
    It can happen that a website is infected. Our software doesn't know that of course when it visits it and has previously got the target from search engines or site lists / imports.
    However, this is not really a security problem here. The software does not execute anything on these sites (like javascript). It just performs the actions defined int he script for that site (if at all and the site matches some defined patterns). It can not infect your system.
    Your virus scanner does not know what will happen with such an infected site and warns you of course. Which is OK but also a bit annoying and slows things down a lot. I suggest to add an exception for the folder/app.
Sign In or Register to comment.