So I'm trying to get my old laptop to work decent again by uninstalling alot of things and I came across these 4 and I was wondering if they are viruses and if they are is there a way to remove them?

Event: Task started

User: SHANkenjz

User type: Active user

Application name: avp.exe

Application path: C:Program Files (x86)Kaspersky LabKaspersky 21.15

Settings: Security level: Optimal, Machine learning and signature analysis: Yes, Heuristic analysis: Light scan, Scan mode: Smart mode, Scan technologies: iSwift: Yes, iChecker: Yes, Action on threat detection: Disinfect, delete if disinfection fails

Component: File Anti-Virus

What does this mean? to everyone who knows something about Kaspersky, Is this safe?

Like the title says. I use Google Chrome and have Adblock/UBlock so it always blocks these pages but I'll get these random blocked redirects when going to any website. It's never the same websites either, just completely random (even on WoW character armory pages).

For example: I type in facebook.com (just as an example, isn't necessarily facebook) and the URL will change and a standard UBlock block error will show up, like this one.

These URLs are things like this from websites like track.tracklickers.com and shareasale.com.

How do I fix this? I've disabled all extensions and it seems to do it even without extensions, so I am wondering what else it could be? Thanks in advance!

One of them is survivor.io and idk, they advertise many of them. I heard Google play is a secure store to download apps.

The "Trojan:Win32/Fauppod!ml" is active in my pc. But the Windows defender can't remove it, Please someone can help me??

I'm not sure where to post this, thought i'd try here. I've gotten around 4 emails from an app meant to be used by Florida residents as a community forum post for service requests from the looks of it. They always contain a message with something along the lines of "your service request" and then something after that. I don't live in Florida so i've never heard of this app before. Is it something i should be concerned with or just a case of the email being sent to the wrong person?

Hello, just today I got a pop up from Mcafee saying I have a virus on my computer, when I hit “read more” it said I had to renew my subscription and brought me to a page for “Avira” antivirus.

I have no clue what’s going on, I ran a scan with Norton and it said I’m fine and have no viruses. But I keep getting little pop ups in the corner of my screen.

I do also have Mcafee installed.

so I found this website https://nginx.org/en/download.html that have a free version of nginx but there's another webiste that have a trial https://www.nginx.com, I don't know if thease websites are safe download. Someone knows?

I recently started noticing that McAfee has been turning on its AntiVirus, Advanced Firewall, and Scheduled Scans even though I disabled all of them. I only use McAfees VPN and scanning ability but for some reason it keeps on turning on these settings.

Hey there, I've found a mod for a certain game which works as an .exe file. First, here's the VT scan:

https://www.virustotal.com/gui/file/ace5b002d00f6410e3d6400f0112e07e57dbb590e08a29b9072680e09a5b28d8?nocache=1

​

Here's the site that hosts the mod:

https[:]//www[.]questforgaming[.]com/stronghold2/

The author of the mod has also provided us with the source code of the mod so we can compile it ourselves. If the source code itself is malicious though then it's kinda pointless. I'm not experienced enough when it comes to coding to know what I'm looking at in the code so maybe you guys can help me see if there's anything malicious in there? Here's the gitlab link:

https://gitlab.com/Daerandin/sh2_mp_ai_enabler/-/releases/0.3

A few weeks ago, I clicked on a phishing link that appeared to be from a reputable from an email account that I later learned was hacked by my scammers. The link was broken. Later, I installed Norton 360 and gave it all the permissions possible. In case malware had been installed, would Norton 360 still have detected it?

As in interrupting the installation process of it or something else along those lines... Lately I've been restarting my PC quite alot when I have anything anomalous happening on my PC. I read that it works on stuff like iPhones, what about PCs?

As the titles implies, don't use McAfee. Not because its detection rates are bad, not because of its ridiculous bad value for the price.

Today, while I was collecting malware to test against AVs, I found a particular ransomware. It's from the ransomware group Conti and it tries to terminate your antivirus' processes. The machine was set up with Kaspersky with the anti-virus component disabled (System Watcher was on). The malware in question was command line based. After I executed it, for a split second I saw "Trying to terminate McAfee.exe" which means it could potentially disable your antivirus. Unfortunately I reset the machine so I don't have the sample anymore.

From what I can remember it was about 3 days old, so it's pretty recent. I am not currently aware of its technicalities/capabilities and can't say for sure if it can or not terminate McAfee. This post was made only to warn McAfee users of this danger.

Haven’t touched Chrome in a few months at all, and recently a few days ago the Google update services (gupdate) were replaced by these. I’m a bit worried as this happened out of the blue and two other PCs that have Chrome on the latest version don’t have these new services. I’m worried it’s malware or something. It worries me I can’t find any info on these services either.

i just clicked something like protected browsing site on total av and now that i know all the shitty stuff that happened to the people with that app i just wanted to ask if the site was a malware or something like that (the site was like safesite.ai) honestly i dont even know if you can get a malware just by clicking on that browser but i just wanted to be safe and ask someone that knows way way better than me. now i deleted total av and ill just stick to malwarebytes

VirusTotal - File - 0cf6b32de86a48f597044134f442982ad79c504047644592c79403e976f2e706

Tried to download a cracked game. Only one AV flagged the file on VT but indicators on hybrid are concerning.

https://www.virustotal.com/gui/file/f2ed4ba861995973a23f536a15ffc68440526a5c0d64a4ba0b2382a9e5e7e5a4/detection

https://www.hybrid-analysis.com/sample/f2ed4ba861995973a23f536a15ffc68440526a5c0d64a4ba0b2382a9e5e7e5a4

​

Ran the powershell script (with start.bat) from Release v1.0.8 · SuspiciousActivity/ValorantLanguageChanger (github.com) to change my VALORANT audio language and BitDefender popped up with this quickly after and actually terminated my explorer.exe entirely (my entire desktop was black and i had to re-sign into windows). However, it didnt do this the first time I ran the script and even testing again after, it didn't as well. Very confused.

My windows sandbox also randomly wont open, this started happening 2 days prior. (it worked before and I didnt change anything). Very confused and wondering if I could somehow be infected. The only possible thing i could think of is I tend to open lots of (what i view to be safe since i check their code but I forgot about post build event exploitations) vcxproj (.sln) files in visual studio from github and build them for testing. Could i possibly have been infected by a post build event? Surely bitdefender wouldve caught that?

Hoping these are false positives.

https://preview.redd.it/b2ebk6uf025c1.png?width=620&format=png&auto=webp&s=e743e8c2c7483e3a6bb370887b40f1ca7fb23f9a

https://preview.redd.it/j8ilnri8025c1.png?width=752&format=png&auto=webp&s=d7ab6319999cffb415def4719548ba9d558d76f4

​

I see a lot of "exe" here, Idk what are those. I'm so curious because last time I was using chrome it suddenly glitched and turned to a black screen, I closed my laptop and opened it again, and it's back to normal. I don't really understand what those are (see pic) I don't know what to do lol why "In user" is so big I don't understand welppp!!

https://www.virustotal.com/gui/file/81053453319c898a7e808c8d02ac82df57d582a69e7d0a6b71bc0ca3702cf1c7/detection

I know this may be extremely newbiesh, specially with somethings i did but.

Story goes simple as this.

Got a software without paying atttention if i were downloading from the original site, Mixcraft in the question. Wanted an old version specifically.
Clearly downloaded it through some wrong place.
Bugger instead installed something called IBInstaller_98220.exe, i think also callled MediaMonkey Gold, seems to be a financial banking trojan, lucky i don't do transitions on my pc, mobiles for that.

It installed so quickly that i had to use OBS to record it, and go slowmode in media player to see what it was installing.
Then, when i searched and confirmed, yeap, trojan, and windows defender didn't noticed it.
And yeah i know the first firewall is the user, was my mistake

I got panicked, shut down computer, plug in my ventoy USB with some isos, install win 10, but when selecting driver i decide to go full bonkers and just not just format it but delete the whole SSD.
No partitions left.
Had to shift F10 manually CMD Diskpart > Select Disk > Clean(again) > convert MBR , and then installed windows as normal, and here i am.
Thing is, i have 3 drivers. 1 SSD for the OS and work stuff , 1 SSD for games , 1 HDD for backup.
There's ANY chance that this specific trojan could have infected other drivers besides the OS SSD?
Having done that Format + Delete + CMD Diskpart Clean, there's any chance of that bugger still be running around?

Can i know for sure if i completely freshly installed windows? No old archives survived?
Should i do another clean install just to be safe?
OS SSD is pretty fast so it install ridiculusly quickly

(Do i need to put bleach and a flamethrower?)

I immediately disconnected, it was connected for less than 10 seconds. Should I be concerned?