Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Kaspersky
Need urgent advice on "Mr.Santa Checker is attempting to establish outgoing TCP"
Message
<blockquote data-quote="Rebsat" data-source="post: 968444" data-attributes="member: 21067"><p>Dears, I hope you are doing very well. I need an urgent advice on the following case. Yesterday, I installed Kaspersky Internet Security 2021 and tweaked settings based on <strong>Soulbound</strong> and <strong>rndmblk</strong>'s settings (adaptable). I have also made a change and set Application Control settings to <strong>High Restricted </strong>which was suggested by <strong>rndmblk</strong>. Later, I couldn't wait any longer and tried to test the power of this configuration against phishing urls and malwares. I visited some malicious sites and downloaded a setup which KIS didn't show me a pop up window message to be blocked once I saved it on my desktop. Next step, I scanned the setup file by right click --> scan for viruses but nothing has been detected via KIS. The last step was to open the file by double click on it. Based on the screenshot, <strong>I did a check reputation in KSN, first appeared: 4 days ago</strong> and it seems to be a new/fresh malware or may be a ransomware.</p><p></p><p><u><span style="font-size: 18px">Solution Needed:</span></u></p><p>First, no matter how many times I clicked on <strong>Block</strong> but that pop up window message keeps coming back...</p><p><strong>What steps should I do in order to effectively block the setup file from making any other connection and prevent it from infecting my laptop? thanks</strong></p><p>1. Create rule based on action --> and then Block</p><p>OR</p><p>2. Apply always --> and then Block</p><p></p><p>Fortunately, my files, folders, new text document, picture and videos are all still safe... Big Thanks to [USER=36043]@harlan4096[/USER] [USER=33155]@Soulbound[/USER] and [USER=89746]@rndmblk[/USER] for your original work and amazing Kaspersky config.</p><p></p><p>[USER=36043]@harlan4096[/USER] I would greatly appreciated if you could assist me on this bro. Thank you very much for always supporting everyone at MalwareTips <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /><img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /> and in case you need the setup file to be uploaded for further analysis then just let me know and it will be done.</p><p></p><p></p><p>[ATTACH=full]262836[/ATTACH]</p></blockquote><p></p>
[QUOTE="Rebsat, post: 968444, member: 21067"] Dears, I hope you are doing very well. I need an urgent advice on the following case. Yesterday, I installed Kaspersky Internet Security 2021 and tweaked settings based on [B]Soulbound[/B] and [B]rndmblk[/B]'s settings (adaptable). I have also made a change and set Application Control settings to [B]High Restricted [/B]which was suggested by [B]rndmblk[/B]. Later, I couldn't wait any longer and tried to test the power of this configuration against phishing urls and malwares. I visited some malicious sites and downloaded a setup which KIS didn't show me a pop up window message to be blocked once I saved it on my desktop. Next step, I scanned the setup file by right click --> scan for viruses but nothing has been detected via KIS. The last step was to open the file by double click on it. Based on the screenshot, [B]I did a check reputation in KSN, first appeared: 4 days ago[/B] and it seems to be a new/fresh malware or may be a ransomware. [U][SIZE=5]Solution Needed:[/SIZE][/U] First, no matter how many times I clicked on [B]Block[/B] but that pop up window message keeps coming back... [B]What steps should I do in order to effectively block the setup file from making any other connection and prevent it from infecting my laptop? thanks[/B] 1. Create rule based on action --> and then Block OR 2. Apply always --> and then Block Fortunately, my files, folders, new text document, picture and videos are all still safe... Big Thanks to [USER=36043]@harlan4096[/USER] [USER=33155]@Soulbound[/USER] and [USER=89746]@rndmblk[/USER] for your original work and amazing Kaspersky config. [USER=36043]@harlan4096[/USER] I would greatly appreciated if you could assist me on this bro. Thank you very much for always supporting everyone at MalwareTips :)(y) and in case you need the setup file to be uploaded for further analysis then just let me know and it will be done. [ATTACH type="full" alt="Mr.Santa.png"]262836[/ATTACH] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
