el el amiril 0 Posted March 11, 2023 Share Posted March 11, 2023 dear admin i am have suspect at IDM for intrusion i have found changes in my pc system windows defender wont do offline scan and the windows recovery environment is lost but i managed to enable it via cmd command but my earliest restore point is gone then i noticed that my IDM app is using an extension from mozilla that is not followed by name Internet Download Manager, Tonec Inc. if i can remember it it was IDM but i cannot find the actual extension in mozilla i think this has not yet been discovered by every AV products as i uploaded the app in virustotal with zero result for malware another thing i observed when i uninstalled it i open gmer and it found rootkit modification then i began searching for hidden files in system32 i found many in red but they are visible in windows explorer there are many symptoms i observed my volume would adjust by itself and recovery will not run and most of them are disabled i think IDM is some PUP with hidden rootkit capabilities or it might be the website is hijacked i now no longer trust it. Link to comment Share on other sites More sharing options...
New_Style_xd 70 Posted March 11, 2023 Share Posted March 11, 2023 3 hours ago, el el amiril said: dear admin i am have suspect at IDM for intrusion i have found changes in my pc system windows defender wont do offline scan and the windows recovery environment is lost but i managed to enable it via cmd command but my earliest restore point is gone then i noticed that my IDM app is using an extension from mozilla that is not followed by name Internet Download Manager, Tonec Inc. if i can remember it it was IDM but i cannot find the actual extension in mozilla i think this has not yet been discovered by every AV products as i uploaded the app in virustotal with zero result for malware another thing i observed when i uninstalled it i open gmer and it found rootkit modification then i began searching for hidden files in system32 i found many in red but they are visible in windows explorer there are many symptoms i observed my volume would adjust by itself and recovery will not run and most of them are disabled i think IDM is some PUP with hidden rootkit capabilities or it might be the website is hijacked i now no longer trust it. Did you even run a full scan of your computer to see if ESET was able to detect it? Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 396 Posted March 11, 2023 Most Valued Members Share Posted March 11, 2023 10 hours ago, el el amiril said: dear admin i am have suspect at IDM for intrusion i have found changes in my pc system windows defender wont do offline scan and the windows recovery environment is lost but i managed to enable it via cmd command but my earliest restore point is gone then i noticed that my IDM app is using an extension from mozilla that is not followed by name Internet Download Manager, Tonec Inc. if i can remember it it was IDM but i cannot find the actual extension in mozilla i think this has not yet been discovered by every AV products as i uploaded the app in virustotal with zero result for malware another thing i observed when i uninstalled it i open gmer and it found rootkit modification then i began searching for hidden files in system32 i found many in red but they are visible in windows explorer there are many symptoms i observed my volume would adjust by itself and recovery will not run and most of them are disabled i think IDM is some PUP with hidden rootkit capabilities or it might be the website is hijacked i now no longer trust it. I'm sure Idm is a well known download manager. Do you have an Eset license as you mentioned defender. This support site is mainly for Eset customers. You could download a trial but actual virus removal help is mainly for paying customers Link to comment Share on other sites More sharing options...
el el amiril 0 Posted March 11, 2023 Author Share Posted March 11, 2023 40 minutes ago, peteyt said: I'm sure Idm is a well known download manager. Do you have an Eset license as you mentioned defender. This support site is mainly for Eset customers. You could download a trial but actual virus removal help is mainly for paying customers yes i got a legit paid eset internet Link to comment Share on other sites More sharing options...
el el amiril 0 Posted March 12, 2023 Author Share Posted March 12, 2023 44 minutes ago, peteyt said: I'm sure Idm is a well known download manager. Do you have an Eset license as you mentioned defender. This support site is mainly for Eset customers. You could download a trial but actual virus removal help is mainly for paying customers 7 hours ago, New_Style_xd said: Did you even run a full scan of your computer to see if ESET was able to detect it? Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 396 Posted March 12, 2023 Most Valued Members Share Posted March 12, 2023 10 hours ago, el el amiril said: What makes you think IDM is the culprit? Link to comment Share on other sites More sharing options...
el el amiril 0 Posted March 12, 2023 Author Share Posted March 12, 2023 4 hours ago, peteyt said: What makes you think IDM is the culprit? everytime i install it the addon mozilla is different andwindows restore become corrupted as well as windows re environmwent Link to comment Share on other sites More sharing options...
Recommended Posts