Namoh
Members-
Posts
28 -
Joined
-
Last visited
About Namoh
-
Rank
Newbie
Profile Information
-
Location
Netherlands
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
I assume you mean Aggressive for Reporting not for Security -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
Ok, so I found it, but what's the best setting? All on Aggressive for as well Reporting as Security...? All these settings are there for a reason I assume, but you still can be infected if some of these settings are incorrect, while you think you're safe. I'll keep them on Agressive (changed this few days ago because of this threads) for Reporting, but not for Security. -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
Maybe a stupid question, but where's this UNSAFE apps detection option located? Would like to check if I have it enabled or disabled. -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
I can confirm that ESET now detects this! Just scanned my pc and it came up with: Agent.JK trojan horse and with JK/Kryptik.BPU trojan horse. So if I would install this (cracked) software again, ESET would now block the installation!? Good job. -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
Ofcourse, I understand the risks of cracks etc, and it's not that I just use cracked software, but I do install cracked software to see if the software is good and usefull for me before I purchase it. The adobe package has a 7 day free trial option. This is for me not enough to see if it's worth the money, because I work full time. The full package costs €60,49 per month!! I'm not going to pay that much money without knowing if I like the software. And maybe a stupid thought but I assumed that my visusscanner would tackle any suspicious behaviour, what else is the reason that I purchased it...? Of course I didn't disable ESET during install but it never gave any sign or pop-ups. -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
Hereby the zip-file with the hyperlink, don't think it will help but you never know CC-Library-mul683-x64.zip.zip -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
I have a copy of the file, but it's a hyperlink (snelkoppeling) of 1kb. Still interested or no need to sent it? Mmmmm, although the file name is: CC-Library-mul683-x64.zip it won't allow me to attach it. Probably because it's a hyperlink and not a real zip-file. All this started after installing a version of Adobe Master Collection via this nzb file (no comments ). You can download it yourself and see if you get the same issue. Would advise to make a copy of your drive upfront (which I forgot). Adobe-Master-Collection-CC-2020-19-05-2020-Multilanguage.rar -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
Yes, I'm using IE11 (11.836.18362.0, update versions: 11.0.190) mostly, but in some cases also Microsoft Edge (?? couldn't quickly find a version number) and Google Chrome (83.0.4103.97). Deleted the file and will restart now. -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
Isn't there somewhere a setting to change it into English, I'm fine with that -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
Small steps but we're getting there. This was located in above folder, and it says: C:\WINDOWS\system32\wscript.exe /E:jscript "C:\Users\sande\AppData\Roaming\CC-Library-mul683-x64.zip" wscript.exe/e:key:BVfnB5qsixmIFscLj6DoRCZF -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
Not quiet sure I understand you correctly. I think I did the first, but you're correct I didn't do the second. See below, or am I on the wrong screen(s). Brontoepassing = Source Application, right? It says/said "Alle toepassing" / "All applications". So that is/was already correct. Toepassingsbewerkingen = Application operation screen, right? I've now enabled the "Nieuwe toepassing starten" setting. Correct me, if I messed up again. -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
Should I run ProcMon after rebooting, or once the pop-ups start? Currently no pop-ups, so no use of activating ProcMon, right? -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
The weird part is, yesterday it went crazy again with all the pop-ups. Today………………….so far nothing!! I've changed to Boot Logging, will restart pc, and see if anything happens. -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
Hope I did the right thing. -
ESET I.S. Agressively blocking URL, can't find app
Namoh replied to mandrix's topic in Malware Finding and Cleaning
I've done all of the above, see below screenshots. Hope I've added the rule correctly. Just to give all info, I've deleted a file from the folder: C:\Users\sande\AppData\Roaming Everytime I'm starting up my pc it now gives an Windows Script Host message. I've attached this as well. These messages started after I installed a program related to this file, that's why I deleted it (finger was quicker than my brain). Don't know if it's related to this issue but thought it was worth mentioning.