Virus and Ransomware related questions Latest Topics

My domain has been flagged

Sat, 06 Apr 2024 18:35:46 +0000

Hi there,
I see that your website/application has put my domain on phishing category which may be happen as in last year it was hacked but now it's clean and running,

so please take a look and unflag my domain softlinkx.com

Thanks

My site is marked as dangerous by Kaspersky

Wed, 03 Apr 2024 18:21:01 +0000

Hello!

Customer reported me that he can't open my site and see notice by Kaspersky. I've already scanned my site by all available instruments and haven't found any viruses. Could you please recheck it? 🙏

Website Blacklist Removal

Thu, 04 Apr 2024 02:51:42 +0000

Please I have my website https://www.idico-idi.com.vn, which does not have a malware now. I totally cleaned it but Kaspersky keeps flagging my domain as dangerous. Kindly reanalyze for me. Help me remove the blacklist. Thank you!

Network attack detected by Scan.Generic.PortScan.TCP

Sun, 17 Mar 2024 11:19:06 +0000

Hello,

Not long ago, I started receiving messages saying that my IP address was being attacked, by a software called Scan.Generic.PortScan.TCP. What must I do? Is my computer in danger? Thanks in advance.

False Malware

Wed, 03 Apr 2024 10:01:56 +0000

Good morning, since yesterday I have had a problem due to very unpleasant behavior regarding the creation of an executable file. During compilation, my Kaspersky Antivirus software reports that the .exe file contains malicious software: HEUR:Trojan-Spy.MSIL.Bobik.gen

In fact, there are no viruses or any other harmful code in the mentioned file. There may be some suspicious strings in this EXE file. Could you inspect and resolve this issue please?

I emphasize that using this version of the file it was working since 03/26/2024 and previous versions also for at least five years and everything was always correct - until 04/02/2024, when the problem appeared out of nowhere.

If I pause AV protection everything works correctly and the installation file is created. However, after resuming protection, the created file is labeled as described above and Kaspersky deletes it.

Thanks.
Cintia

New Tab Page Hacked

Tue, 02 Apr 2024 16:46:37 +0000

I all of the sudden have a new set of links showing up on my google chrome browser. See attached. How do I change it back? Is that from a malware?

Stubborn malware/virus

Mon, 01 Apr 2024 23:38:58 +0000

Hello all. I've got the malware/virus blues. Despite the installation of Kaspersky plus, and a deep scan, I still have these annoying popup ads on my laptop. In addition, they're interfering with Medieval Total War 2. Here are the pics. I couldn't screenshot the ads, so I used my phone instead. I'm also using Windows 10. Any help would be appreciated.

KIS Detection/Block In Browser ct-ajax.js Further Action?

Sat, 30 Mar 2024 21:55:08 +0000

Hello,

Advice sought with gratitude on any further action required.

Browsing https : //www.chinese-tools.com/blog/ KIS detected and blocked on heuristic analysis Object Path: https : //aws-ajax.com/ Object Name: ct-ajax.js

Code: not-a-virus:HEUR:AdWare.Script.Generic, MD5: 3FE507553728BF6136C90179E183934A.

Scanning with URL VOID for https : //aws-ajax.com/ showed IP address 190.2.139.23.

Other posts such as https : //forum.avast.com/index.php?topic=326224.0 suggest it is a WPAD.dat attempt attack.

As KIS blocked, should I check or action anything further?

Thank you for any advice, I appreciate your time.

Browser used was Chrome (123.0.6312.86, current main branch build).

Windows 10 Build 19045

KIS 21.3.10.391

what is this "Trojan.Multi.LockedFolder.a" in "Kaspersky Lab Setup Files"?

Tue, 26 Mar 2024 09:22:15 +0000

Hi,

Today morningk, when i about th start using my laptop, i noticed a prompt stated about malicious object and asking the next course of action.

Without thinking much, i clicked disinfect option. After it completed, i realised that the Kasperksy is running a background scan, which i have turned off permanently.

The malicious object with name "Trojan.Multi.LockedFolder.a" was located in "Kaspersky Lab Setup Files". However this object was never been flagged during my weekly full scan at all. The setting for my weekly full scanning can be seen on 2nd and 3rd screenshots.

Hence I was anxious wondering how long has this malicious object been sitting in my computer given that I never turn on the background scan option given there is no setting can be configured for this background scan except to switch on / off.

While I am pretty confident that my settings for full scan are on high end scanning setting but unable to detect this malicious object.

Hence what's the underlying setting/option in background scan that need to be turn on in full scan setting so that such malicious object can be detected in future?

Please advice.

Thanks

No response, reanalyze

Tue, 26 Mar 2024 10:26:47 +0000

No response, reanalyze false report, the problem was with Google Drive, and as a solution I adjusted the file, instead of PDF, I changed it to MarkDown with a link to github.

https:// otcipherbot . com /api/Download/Tutoria

Kaspersky keeps detecting Heur:Trojan.script.generic in erdarchitect.com secure site website

Mon, 25 Mar 2024 18:34:05 +0000

Hello,

I am trying to connect to the ERD Architect Data Modeler website (it is "erdarchitect.com" and is an https site but for obvious reasons I am not putting the full URL here in this note) and Kaspersky keeps indicating that there is a dangerous object trying to download. This object is the Heur:Trojan.script.generic trojan. This occurs in both Firefox and Brave browsers which would be expected.

I understand that it is possible the site is in fact infected but I would like to confirm. I recall reading on the Kaspersky site about providing the same information as above in another area of the site so it can be reviewed. Unfortunately, I cannot recall where this is to submit this. I have also included screenshots as well.

Can someone direct me to this area so I can see if it is in fact an issue or a false positive?

Thank you

Couldn't disinfect

Mon, 25 Mar 2024 13:17:22 +0000

I had this for 2 days and still couldn't work

Kaspersky blocks my new website

Sun, 24 Mar 2024 14:53:34 +0000

I have built a new website https : //davefinances.com/

From the day one, when i try to visit it, Kaspersky blocks my access and displays a warning message. Besides harming my website, this issue prevents me from using Kaspersky while working on my site. Consequently, I am unable to renew my subscription until this issue is resolved. I already submitted a request for review more than a month ago, but the problem has not been solved yet

Object is infected by HEUR:Trojan.Script.Balada.gen

Wed, 20 Mar 2024 16:30:15 +0000

Good morning. I am new to using Kaspersky and I am not familiar with all its tools. It really strikes me that two of them are contradictory. Just after downloading the Cinamaker App, complementary to the ZOOM platform, I obtained a report from Kaspersky that warned me that the HEUR:Trojan.Script.Balada.Gen virus was present on a web portal that invoked the installation of the Cinameker App. I ask: Could this virus have infected my computer? I attach the screenshot I obtained.

فايروس الفديه

Sat, 24 Sep 2022 13:14:35 +0000

لقد اصاب الجهاز الكمبيوتر فايروس الفدية قبل استخدام المكافح الفيروس كاسبر من نوع

norvas

هل يوجد حل

My site was tagged as phishing

Tue, 19 Mar 2024 15:12:23 +0000

Hello Kaspersky!

My website, bagrola . com . br was tagged as phishing by Kaspersky.

I asked for a revision at opentip two days ago, so I'm wondering what is the ETA, or, if it was rejected, the reason for that.

Thanks in advance!

Kaspersky blocks installation of official software Epos Connect due to PDM:Trojan.Win32.Generic

Sun, 17 Mar 2024 10:41:58 +0000

Hi,

I'm trying to install EPOS Connect on my pc but Kaspersky blocks the installation due to PDM: Trojan.Win32.Generic.

Epos Connect is the official software for my headset that I use for work.

Can it be that this message is false positive?

How can I ignore this message and install the software? I haven't found an overrule action in Kaspersky (or I don't know where to look :-))

My system:

Windows 11
Kaspersky Plus 21.16.6.467(b)

Epos software: https : //www.eposaudio.com/en/hk/software/epos-connect

Can someone help me what I can do?

Thanks!

Grtz,
Davy

I Accidentally clicked a malicious link

Sat, 16 Mar 2024 01:01:45 +0000

I accidentally clicked a link and received a report.

Quote

Event: Previously opened dangerous link detected
Application name: chrome.exe
Application path: C:\Program Files\Google\Chrome\Application
Component: Web Anti-Virus
Result description: Not processed
Type: Threat of data loss
Precision: Exactly
Threat level: High
Object type: Web page
Object path: pumb - whales . com
Reason: Cloud Protection

I spaced out the object path so it wouldn't be redirected there. Is my PC in trouble? If so how do I fix it?

Windows 11 version 23H2 build 22631.3296 Virus

Sat, 16 Mar 2024 00:29:27 +0000

Kaspersky Standard

AMD Ryzen 9 7950X

Virus = Annoying pop-up claiming I have a virus and need to install an anti-virus package located in India (yeah right).

See the enclosed image.

Kaspersky does not remove it after a full scan operation. Please advise.

how to spot RATS in my pc?

Fri, 15 Mar 2024 07:25:55 +0000

hello i've been kinda concerned since theres aloot of weird stuff on my netstat that looks very odd does anyone know how to find RATS or how to remove them?

kapersky threat intelligence cant detect rats in dlls

Sun, 10 Mar 2024 06:21:42 +0000

hello i've been using virus total for a while to spot rats and it works pretty well but when i use kapersky threat intelligence it doesnt detect the rat and says its safe

https://www.virustotal.com/gui/file/a1d2e9ae54bb0227f48f80afdae9b16fefa2f989a6bec0ae3415bb05d5e72593/relations

https://opentip.kaspersky.com/A1D2E9AE54BB0227F48F80AFDAE9B16FEFA2F989A6BEC0AE3415BB05D5E72593/results?tab=upload

if you wonder how i know the dll its a rat is because.

1.-comes from a not repuateble website

2.-its a crack

3.-URLDownloadToFileW

URLDownloadToFileW is normal to find in dlls that are rats

quick driver update

Wed, 13 Mar 2024 20:54:14 +0000

Hallo!

Habe soeben erstmals Kaspersky auf meinem Rechner installiert, der Grund war, dass am rechten unteren Bildschirmrand ein kleines quadratisches Fenster aufging mit der Meldung "quick driver update" - ich halte das für einen Virus oder sonstigen Trojaner oder Müll. Nach der Installation und vollständiger Systemprüfung erscheint das Fenster immer noch. Es lässt sich mit dem Task Manager unter "task beenden" wegklicken.

Weiss jemand, was das "quick driver update" ist? - ein Virus, Trojaner, sonstwas?

Website is infected by HEUR:Trojan.Script.Balada.gen

Mon, 11 Mar 2024 08:19:40 +0000

When I log into a website, this error will appear.
But I confirmed through the following two websites that there is no problem with the web page.
I would like to ask how I can find out what is wrong with this website?
URL: https:// www . ikonixasia . com

https://www.virustotal.com/
It's OK

https://opentip.kaspersky.com/
It's OK

Kaspersky premium detect a official Bank apps as Trojan

Wed, 13 Mar 2024 04:47:44 +0000

This morning an official banking app was detect a Trojan, which is that possible?

App was update in Play store, Samsung s24 ultral, and Android 14, and oneui6. 1

Website scan

Tue, 12 Mar 2024 18:14:01 +0000

Hi, would you please scan https : //noteshandling.site/

Thanks in Advance.