Jump to content

plb4333

Members
  • Content Count

    343
  • Joined

  • Last visited

Everything posted by plb4333

  1. After seeing the headers and paths, the Email meets the criteria for having fake credentials. This is like a form letter that no doubt gets mailed to a lot of people and most likely Gmail users.. It's not too hard to forge the email header to show your email address, as who its from. Your best bet, IMO, is to send your email with all headers, as a source file, just like you did above already. This should bring about an investigation by the postmaster for that domain.( abuse@cloud134.ihsystem.com ) If that doesn't work and bounces, just use (postmaster@cloud134.ihsystem.com) Here's a link to see what's going on with this fraudster. It shows its well known and the guy's format for the letters, AND using the recipent's email address. It's a link to Bitcoint Abuse Database and I got it by using the BTC address the guy gave you in his email for where to send the Bitcoin. You do not need to pay and just toss it. https://www.bitcoinabuse.com/reports/12yCNJHAwda8Kgxv9DswpS9k16XnstSqcJ 12yCNJHAwda8Kgxv9DswpS9k16XnstSqcJ was used in your Email. So doing a search for this bitcoin address shows the resulting abuse database. This works on any and all BTC addresses, and providing there is fraud involved for the BTC address...
  2. But did you try leaving all of them components as checked and then just click the box below them so that its Inactive as opposed to active for default? Wasn't sure if you only did the unchecking of components is all. Maybe just disable the 'Scan' option. This should cover everything I would think, and then it should allow saving. Object name for making exclusion would probably be: HEUR:Trojan.PowerShell.Generic After reviewing this Kaspersky setting window, it looks like I misunderstood how it works. To me, it looks like the default is as a exception and the person would want to leave all components as clicked. And the Active on the bottom of window, as is.. But it might be if the object name I listed could make a difference for working, not exactly sure. I had never used this setting before in Kaspersky so was unfamiliar with it. The double-checking helped tho and I believe just putting in the folder name with the object name as well, and nothing else done, would work ok.
  3. Here's a possibility. Go to Kasperksy Settings, then 'Additional', then 'Threats and Exclusions', about 1/2 way down there's 'Manage Exclusions', after clicking that, then Click 'Add'. In this window popup, input the folder with scripts, then go to bottom of window and set the protection components to be as 'Inactive'. This includes System Watcher, plus other components. Otherwise you could just click System Watcher so that the checkmark is gone making it inactive.
  4. Sorry about that. I read your post too fast and had left and returned, forgetting some of what you said.
  5. Have you thought about making an exception to the folder with the Scripts? Not sure if this would help, but it might be that running CMD.EXE is not the problem so much, but it's the scripts running that are causing the blocking of cmd.exe. Otherwise, IMO, Kaspersky would block cmd.exe all the time, but it doesn't...Worth a try
  6. Change JDownloader,exe, java.exe and javaw.exe in Kaspersky's Firewall as trusted if they're showing as Untrusted or Restricted. You might also have to make application exclusions to these as well.
  7. Thank you very much for this info! I have tried in the past to do this, but gave up after about an hour. Too much work. But then I didn't think about doing just the Taskbar Icons. This works superbly and appreciated it. All I did was disable Kaspersky's setting for 'Self-Protection' and then copy/pasted the Taskbar folder. I made sure to rename the original folder, just in case it was needed later. But, almost immediately I seen the results, after doing a Quit, and then restart Kaspersky program. Much better ICON in system tray! Thankyou again.
  8. Nevermind..I got the scoop on KC softwares and what's going on with it and Anti-Malware programs going back to Aug/Sept 2007 for SUMo.
  9. Hello Kyle. Can you tell me when version 5.89 will become available for SUMo? I know you're a programmer for this SUMo software, and perhaps the only one, and I figure out of all people, you would know about the releases and their dates. Thanks. On a sidenote, I'm surprised you haven't mentioned Kaspersky has seen reports of this software getting blocked as far back as 2013. In 2018 alone, there were reports given to Kaspersky in May, August, Oct., and not Dec. Rather curious why this is such an ongoing venture for blocking and reports. I realize its a direct competitor to Kaspersky's Software Updater, but still...Thanks again
  10. Also, make sure you have 'Advance Browser Integration' checked in IDM. As well as, some sites use a video protocol that's not yet supported in IDM, but not very many sites. A safe site for checking video's and IDM is YouTube. Sometimes there can be an extension/plugin incompatibility. You might try disabling Kaspersky plugin and see if it makes a difference. Personally, I use IDM and Kaspersky Internet Security and I don't have issues with Video DL bars.
  11. In addition to what i n d i o and Berny have stated, are you using the latest version of SUMo? Like 5.8.8.410 ? According to a site that checked this software (DEC 15th 2018), against virtually all Anti-Malware softwares scans, it comes up Clean. Kaspersky included. I thought maybe you were using an outdated version that had some issues prior.
  12. Hello! Are you using Kaspersky's Anti-Banner by chance? If so, it might be blocking that video bar used by IDM. Or I guess, remotely possible where you have 'Data Collection' from web getting blocked. Sounds more like Banner blocking tho.
  13. It should work. I don't normally suggest doing it this way, but sometimes we have to when the OS is hung up and there's no other recourse. Alot of times all it takes is a driver that's not exiting properly with explorer. And with new program installs it can happen after a fresh install. But normally I wouldn't recommend doing things this way, as it can possibly cause some corruption in specific files. But not usually, and a sfc /scannow usually resolves these if a system file got involved.
  14. Ok, I understand better now, I think. Thanks for the info. So, its like Kasperksy won't allow importing of a cert into trusted certs group, if its self-signed originally? Or am I missing the mark completely? This isn't my best known subject, but I'm learning. Do you have the Key to the cert, or does the server keep it?
  15. You could do a CNTRL-ALT-DELETE and view the Tasks running. See if there's a program still running that shouldn't be. Where's it hung up. Otherwise, while you're in Task Manager window, do a forced 'explorer' shutdown and it will restart. Could be a driver is not exiting properly. Once you restart tho, if its related to Kaspersky, and a driver not exiting, I believe it will be ok after a restart is performed.
  16. Are you making sure Rootkit scans are done? How about browser extensions that could be culprit? When Anti-malware programs check for malware, they use signatures of trusted, and legitmate files, your system files especially. They are always compared. If something is slipping by, it tells me either there's a rootkit in your BIOS or MBR that might be not protected against yet. And I believe it can get more sophisticated than this even, I don't keep up that well honestly. Just here and there info.
  17. Is this certificate using SSL encryption? Is this for a LAN or internet? If there's no encryption getting used, its considered insecure and thus the warning. Self-signed certs aren't a good idea, unless you're willing to get hacked by a MITM attack, and taken over. Here's some advice by someone from another site: Don't use self-signed certificates for sensitive, public connections. If you don't want to buy an SSL certificate, at least set-up your own certificate authority with its own root certificate. This will still give an error message to visitors, unless you, or they import the root certificate into the browser, but there is far less of a chance of a man-in-the-middle-attack. To make an exception tho, if you persist, go to: Kaspersky's settings choose not to scan encrypted connections, on a per site basis
  18. Very interesting DIVERSE. I read both links you provided, plus your posts. I'm really at a loss on what's up. I'll just mark it as the relationship between anti-virus programs have difficulties with Email programs. I'm not up on the inner workings of such and I don't have any experience either, when it comes to Thunderbird or Outlook or any others. So, what I'm trying to say is, I have to give it up unfortunately, since I can't come up with anything meaningful for helping you. Sorry! I do wish you the best, and I certainly hope this gets improved upon by either software updates or something you find down the road. Thank you for all the info you provided, as I learned something, and you were great to work with.
  19. I don't believe there's any Offline Installers available, as used to be with Kaspersky. I don't recall completely, but, I think if/when the program upgrades, and does an automatic download of program, when the 1st screen comes out in the installer, just click Cancel. If I'm wrong, someone will correct. Just realized, go to Kaspersky settings, then at the bottom of left-side list, you'll see 'Additional'. On the right side of window that pops out, at the top you'll see where you can disable program upgrades under Update Category.
  20. Yes, it might take a couple of days. However, if its slow to upgrade, you can do so manually.
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.