У меня никак не влияет, с включенной SB все нормально работает. После всех сканов ничего не обнаружилось, подозрения не подтвердились?

1) Recently, my Microsoft Defender removed a malicious file: AppData\Roaming\secure\QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml) Before migrating to Microsoft Defender, I used Kaspersky Free as my main antivirus and scanned with Malwarebytes Free. 2) The files in the secure folder are dated 08/12/2024. I found a Malwarebytes Free log, and this log shows that a removal occurred on the same day the secure folder was created, 08/12/2024. 3) Are these events interconnected? And why didn't Kaspersky Free's real-time protection block and remove the malware? Only Malwarebytes Free detected and removed these files from the log, and only Microsoft Defender later removed AppData\Roaming\secure\QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml) after the full scan? 4) After infection, was this malware always active until the day of the Defender scan? My scan sequence was: KFree then Malwarebytes Free Both 08/12/2024 Log Malwarebytes Free: Malwarebytes -Report Details- Scan Date: 08/12/2024 Scan Time: 15:38 Report File: 8ef8ddf6-b593-11ef-bcfd-bc5ff4cbae09.json -Software Information- Version: 5.2.3.156 Component Version: 1.0.5108 Definition Pack Version: 1.0.92804 License: Free -System Information- Operating System: Windows 10 (Build 19045.5198) Processor: x64 File System: NTFS User: DESKTOP-3DM2P71\Retrogamer87 SSD -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 213928 Threats Detected: 2 Threats in Quarantine: 2 Elapsed time: 15 min, 27 sec -Analysis Options- Memory: Enabled Startup: Enabled File system: Enabled Compressed files: Enabled Rootkits: Enabled Heuristics: Enabled Potentially Unwanted Program: Detect PUM (potentially unwanted modification): Detect -Analysis Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry key: 0 (No malicious items detected) Registry value: 0 (No malicious items detected) Registry data: 0 (No malicious items detected) Data stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 2 Legit.MisusedLegit.AutoIt, C:\PROGRAMDATA\WAF.COM, Quarantine, 6823, 975772, 1.0.92804, , ame, , 3F58A517F1F4796225137E7659AD2ADB, 1DA298CAB4D537B0B7B5DABF09BFF6A212B9E45731E0CC772F99026005FB9E48 Malware.AI.4154888263, C:\USERS\RETROGAMER87 SSD\APPDATA\LOCAL\TEMP\IEWKRR1ONNHJAAUWNKX4VSIQR2.EXE, Quarentena, 1000000, -140079033, 1.0.92804, 59B09B4B01ECED57F7A69047, dds, 03122948, BEED7B1858D259FA2349B88E707E164E, 5C79501AD48DE8BD3F643E7F487C2D73FDA5EE10095E5E5A414ECAC91F951451 Physical sector: 0 (No malicious items detected) Windows Instrumentation (WMI): 0 (No malicious items detected) (end)

Human truth is more reliable, but I don't know what it is Falcon Sandbox Reports

Otomatik satın alma kapalı. Banka hesabıma baktım herhangi bir işlem gerçekleşmemiş. Ancak enteresan bir şekilde hesabımda 2 yıllık olarak aktif görünüyor.

That link it's the file I sent to K. analysts... in general, for now, I better trust a human verdict than an automatic verdict, that often may be quite paranoid.

Thanks for the reply. I thought that the same file with the same name was only considered 100% clean if there were no detections in VT, so one of them had 3 detections and the other had 0. Is this other test of my Falcon Sandbox Reports malicious file also a false positive? https://hybrid-analysis.com/sample/91c707f73b4a0d13d4ad0906ea9cee5925c2fa59c7f54c1d88375c81238d7d1f

1st link, already replied in MWT, I sent that file to K. analysts, and They said it's clean, those VT detections are false positives. 2nd link, nothing to comment, looks clean. Both are different files, same name.

так и не смог найти точного ответа, влияет ли включение/выключение secure boot на работу KRD, а также стало интересно, почему KVRT проверяет компьютер дольше , чем KRD? Проверка с KRD в первый раз заняла 25~ минут, во второй 30, а KVRT в то же время подольше, где то 40~