Namoh

I assume you mean Aggressive for Reporting not for Security

Ok, so I found it, but what's the best setting? All on Aggressive for as well Reporting as Security...? All these settings are there for a reason I assume, but you still can be infected if some of these settings are incorrect, while you think you're safe. I'll keep them on Agressive (changed this few days ago because of this threads) for Reporting, but not for Security.

Maybe a stupid question, but where's this UNSAFE apps detection option located? Would like to check if I have it enabled or disabled.

I can confirm that ESET now detects this! Just scanned my pc and it came up with: Agent.JK trojan horse and with JK/Kryptik.BPU trojan horse. So if I would install this (cracked) software again, ESET would now block the installation!? Good job.

Ofcourse, I understand the risks of cracks etc, and it's not that I just use cracked software, but I do install cracked software to see if the software is good and usefull for me before I purchase it. The adobe package has a 7 day free trial option. This is for me not enough to see if it's worth the money, because I work full time. The full package costs €60,49 per month!! I'm not going to pay that much money without knowing if I like the software. And maybe a stupid thought but I assumed that my visusscanner would tackle any suspicious behaviour, what else is the reason that I purchased it...? Of course I didn't disable ESET during install but it never gave any sign or pop-ups.

Hereby the zip-file with the hyperlink, don't think it will help but you never know CC-Library-mul683-x64.zip.zip

I have a copy of the file, but it's a hyperlink (snelkoppeling) of 1kb. Still interested or no need to sent it? Mmmmm, although the file name is: CC-Library-mul683-x64.zip it won't allow me to attach it. Probably because it's a hyperlink and not a real zip-file. All this started after installing a version of Adobe Master Collection via this nzb file (no comments ). You can download it yourself and see if you get the same issue. Would advise to make a copy of your drive upfront (which I forgot). Adobe-Master-Collection-CC-2020-19-05-2020-Multilanguage.rar

Yes, I'm using IE11 (11.836.18362.0, update versions: 11.0.190) mostly, but in some cases also Microsoft Edge (?? couldn't quickly find a version number) and Google Chrome (83.0.4103.97). Deleted the file and will restart now.

Isn't there somewhere a setting to change it into English, I'm fine with that

Small steps but we're getting there. This was located in above folder, and it says: C:\WINDOWS\system32\wscript.exe /E:jscript "C:\Users\sande\AppData\Roaming\CC-Library-mul683-x64.zip" wscript.exe/e:key:BVfnB5qsixmIFscLj6DoRCZF

Not quiet sure I understand you correctly. I think I did the first, but you're correct I didn't do the second. See below, or am I on the wrong screen(s). Brontoepassing = Source Application, right? It says/said "Alle toepassing" / "All applications". So that is/was already correct. Toepassingsbewerkingen = Application operation screen, right? I've now enabled the "Nieuwe toepassing starten" setting. Correct me, if I messed up again.

Should I run ProcMon after rebooting, or once the pop-ups start? Currently no pop-ups, so no use of activating ProcMon, right?

The weird part is, yesterday it went crazy again with all the pop-ups. Today………………….so far nothing!! I've changed to Boot Logging, will restart pc, and see if anything happens.

Hope I did the right thing.

I've done all of the above, see below screenshots. Hope I've added the rule correctly. Just to give all info, I've deleted a file from the folder: C:\Users\sande\AppData\Roaming Everytime I'm starting up my pc it now gives an Windows Script Host message. I've attached this as well. These messages started after I installed a program related to this file, that's why I deleted it (finger was quicker than my brain). Don't know if it's related to this issue but thought it was worth mentioning.

I've scanned svchost.exe separately, still nothing (didn't expect anything but just to be sure). What to do?

I did all of the above, the messages keep popping up, but I don't see any hits when I scan my pc with Administrator rights. I don't see anything in the HIPS log, but I do see a lot of hits in the Network security log (Netwerkbeveiliging).

Did all above, hopefully correct. About your other posts………..way above my IT knowledge.

Did it again.

Already did this and it came up with no hits / results 😕

Looks like the pop-ups has been stopped……... Is this because of you..??

and found this via your path.

Found it!! I think. There's 3 that have a huge amount of blocked numbers behind them. svchost.exe 572x unknown device 192...…. 282x unknown device fe80...… 280x

Well, I don't have an eset icon on my desktop. And when I right mouse click on eset in the start menu or the toolbar there's no "Log Files" option. I've attached screenshots to show what I get. Probably doing something wrong. I'm on a paid license btw.

Probably a very stupid question...………..but where do I find the Eset Filtered Website Log? How to enable it? I'm running ESET Smart Security Premium 13.1.21.0 Btw, thanks for your help