Jump to content

BigHotStud

Members
  • Posts

    69
  • Joined

  • Last visited

Reputation

14 Good

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Well, I'm pretty sure my ssd is fine. I checked not too long ago and no other file corruption seems to have happened (except some windows files being corrupted a few months back). I reinstalled Kaspersky and it's been working fine since. I'm more concerned about possible malware being what's turning Kaspersky off and on. Could it be that?
  2. Yeah, I know what it is. I'm just not sure how my ISP would be turning off my antivirus.
  3. Sorry for replying so late. 1. I checked that a while ago (I think) and I haven't seen anything suspicious. 2. The startup folder is completely empty. 3. Nothing suspicious there either.
  4. I'll try that out if it happens again. Could it be malware though or is it just a software issue/bug?
  5. This is the second time this month that I've noticed it's turned off and on during a full scan. It's been completely fine prior to this, but this month it's been acting up like hell. I ran full scans with Kaspersky SC, TDSSKiller and a second opinion scanner in both safe and normal modes, neither have found anything. What's going on? Do I have a rootkit or something?
  6. So, one day I was looking through my %appdata% folder, looking for error logs since I was modding a game, only to come across "Goldberg steamemu saves". It caught my attention and checked it out, only to find .txt files inside of it. I found out that this belongs to Goldberg Emulator, but I never downloaded it. I looked online and found a post saying a game repack can have it. Though, I haven't pirated any games in over a year and haven't done so ever on my current installation of Windows. I also checked the creation date of the folder and it was created around a year ago on my current Windows installation. I found some info that it could've been created by game repacks, but I've never pirated anything on this installation of Windows. I have no idea how it got there. I've used SC since I installed Windows on this PC and have used a second opinion scanner several times in the past. Though, I'm still concerned and confused as to how it got onto my computer. Should I reinstall Windows10, just in case?
  7. Kaspersky, in the past, has picked up a file it couldn't process. It just showed up as "Proecessing error". It stopped appearing for a day or two, but soon after it "came back". The file is : C:\Windows\WinSxS\amd64_microsoft-windows-e..-firsttimeinstaller_31bf3856ad364e35_10.0.19041.681_none_31051459c61ca882\MicrosoftEdgeStandaloneInstaller.exe I got told to clear my browser cache and %temp%, then do another scan. I cleared %temp% and nothing really changed. I don't see the point in clearing my browser cache since this seems to be a windows file that installs my browser and nothing related to cookies or anything like that. Is this something to worry about? Can I just delete it? P.S- this file has been here for around a month and shows up in almost every full scan.
  8. I already did as I mentioned in my previous post. It found some corrupted files and fixed them. Also, the files that were corrupted, according to kaspersky, were: C:\Users\{name}\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0022a8 C:\Windows\System32\sru\SRU.chk Are these safe files?
  9. I mean, Kaspersky no longer shows the errors, so it's all fixed. I'm more-so concerned about the "corrupt" files that Kaspersky file anti-virus found. Are they anything to worry about?
  10. As far as I know, it's the first time this' happened. I did a scan today just to check and it seems that they're all gone- no unprocessed files or anything. The not porcessed objects it picked up yesterday before the restart were: C:\Windows\WinSxS\amd64_microsoft-windows-e..-firsttimeinstaller_31bf3856ad364e35_10.0.19041.681_none_31051459c61ca882\MicrosoftEdgeStandaloneInstaller.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\101.0.1210.32\MicrosoftEdge_X64_101.0.1210.32_100.0.1185.50.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\101.0.1210.32\MicrosoftEdge_X64_101.0.1210.32_100.0.1185.50.exe C:\ProgramData\NVIDIA Corporation\Downloader\5446351c34af95235422afe34721311d Though, as mentioned, they didn't appear in the logs after a full scan today. There were also some "corrupt" files that file anti-virus reported around two weeks ago. In order from oldest to newest: C:\Users\{name}\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0022a8 C:\Windows\System32\sru\SRU.chk (These were never brought up again, not in full scans nor file anti-virus) Lastly, there was a file that was skipped: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\wmiav.exe (This was never brought up again, not in full scans nor file anti-virus) The version of Kaspersky SC is the newest one: 21.3.10.391(i). I did a sfc/scannow scan and it said it found some corrupted files which it fixed afterwards. I checked the logs out of curiosity and a few of Windows' folders had "Warning: Overlap" saying that they were either owned twice or had their security set twice. I assume that's normal, right? The only theory I have regarding the shutdown was that Kaspersky updated something and that's why the unprocessed files aren't showing up anymore- it updated something that now allows Kaspersky to process them properly. I have no idea what the corrupt files mean though.
  11. I was scanning my computer when I noticed KSC show up in the system tray thing on the right side. I click on it and I see "loading application", signifying that it had turned off. Full scans have found no detections or anything like that, only files that it couldn't process. I checked the logs and it says that it was turned off for around 5 seconds. Could it have been updating or what happened?
  12. Hello again, sorry that it took so long to get back to you. I had the application I suspected closed for the last two days or so and I've stopped noticing the window. I did notice an invisible, unnamed window open and close as soon as I went into the task witcher, but I also closed a program immediately before that and it was much slower than the one I kept seeing, so it could've been just task switcher bugging out. I've done several more scans with Kaspersky and it hasn't picked anything up. Glasswire doesn't pick up any suspicious connections either. I looked through taskscheduler and I found some that didn't have an author or had a very weird author like system32/{name}/{name}. Here they are: CDSSync Schedule Scan RunUpdateNotificationMgr MsCtfMonitor MaintenanceTasks SpeechModelDownloadTask SpaceManagerTask UpdateUserPictureTask BackgroundUploadTask NetworkStateChangeTask StartComponentCleanup LoginCheck Registration SystemSoundsService Logon Notifications ScanForUpdatesAsUser ScanForUpdates SmartRetry FODCleanupTask Diagnostics StorageSense dusmtask DXGIAdapterCache RegisterDevicePeriodic24 RegisterDeviceProtectionStateChanged RegisterUserDevice Device Device User CreateObjectTask Pre-staged app cleanup Backup Microsoft Compatibility Appraiser ProgramDataUpdater RegisterDeviceLocationRightsChange Do any of these raise any red flags? Am I safe?
  13. I think that might be the case, since I haven't really installed anything that'd be malicious (the only thing I can think of is the Bethesda launcher, but I'm 60% sure it was the official one), plus, two good antivirus engines didn't pick anything malicious up. I'm going to try disabling the "legal" program that I think is the main perpetrator for a day or so and see if that changes anything. I'm not really comfortable tampering with system32, since I don't want to mess my system up. Is there any other way to find out what program it might be?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.