Eraser 6.7.1893 Accessing Internet

manny

New Member
I have Eraser 6.7.1893, running under Windows 7, and for some odd reason both my Firewall and PeerBlock said the program was trying to access the Internet when it started, before it erases something and after it is done erasing. I've read how Eraser can "check" the authenticity of the plug-in's in other threads, but that does not explain why it has to "jump online and show itself" every time you erase something. Could it also be sending data on what is being erased? Why did both my firewall and PeerBlock just start noticing this today? It's said that Eraser uses Windows to access the Internet, but when I do a component trace it's the core Eraser executable that is accessing the Internet. Furthermore, it accesses the following IP addresses which none of them, to my knowledge, have anything to do with Microsoft / Windows.

213.222.193.191
213.222.201.178
213.222.193.217

I have been using Eraser for months now. I really hope there isn't some database that contains parts of files or names - anything!
 

Joel

Active Member
manny said:
I've read how Eraser can "check" the authenticity of the plug-in's in other threads, but that does not explain why it has to "jump online and show itself" every time you erase something.
If you are erasing from the context menu, one copy of Eraser starts up.

manny said:
Could it also be sending data on what is being erased?
No.

manny said:
Why did both my firewall and PeerBlock just start noticing this today? It's said that Eraser uses Windows to access the Internet, but when I do a component trace it's the core Eraser executable that is accessing the Internet. Furthermore, it accesses the following IP addresses which none of them, to my knowledge, have anything to do with Microsoft / Windows.

213.222.193.191
213.222.201.178
213.222.193.217
They belongs to Certum, which should be expected that it would be access as it stores CRLs. Indeed it doesn't have anything to do with Windows, because Windows isn't administering the certificate! However, if you do a full component trace which includes DLLs, the call was made into Wintrust.dll, which is the one actually doing the work.
 
Top