-
Posts
23 -
Joined
-
Last visited
Posts posted by MRnutty200
-
-
so i recently made a post and i asked a question to a mod about this so he told me to make a post about this!
heres the virustotal link:https://www.virustotal.com/gui/file/274655e208fdbb597a5dd9b8538d15fa1e388be7b3365eb01db357d3318180ad/relations
why is this probably malicious? well recently theres been a thing going on on youtube that includes file sharing. its for a program called alkad rust(its a client that host servers for the game called rust its free) and its becoming quite popular. apart from this client theres people making loaders that allow modifications on this client since its allowed on some specific servers where people are allowed to use this modifications whit no restrictions and you fight whit other people that have the same programs that modify. talking about this modifications half the time this videos are filled whit kid things like minecraft npc's dancing so they can probably trick kids into downloading these programs.
and what does the modification programs have to do whit this? well half of these PAID and FREE clients/modifications are malware and include mainly crypto miners or RATS
so today i have this exe that only gets 8 virus total scans and its a supposted cryptominer from i was told . I was actually going to run it but i got kinda concerned . so i did some research and kapersky detects it as good ? im shure this is a cryptominer. If not a cryptominer then it still potentually malicious and can cause harm to peoples pc
dont know how to hide the link to the file so ill wait for a mod since the mod that i was talking 2 said:
- When posting suspect - potentially malicious URL(s) or files to the Community for review, modify the information so it's not *live*
-
18 minutes ago, Flood and Flood's wife said:
Hello @MRnutty200,
Thank you for posting back & the extra question!
- When posting suspect - potentially malicious URL(s) or files to the Community for review, modify the information so it's not *live*
- Same place as you've posted (your) other topics: Home, English Forum, Products for Home, Virus and Ransomware related questions.
- Alternatively, IF (your) Kaspersky software is *licensed*, not Free OR Trial, submit directly to Kaspersky Customer Service - https://support.kaspersky.com/b2c#contacts - so KCS can escalate direct to Kaspersky's Virus Lab experts - they're the *only* Kaspersky team qualified to perform detailed analysis & provide verified results; fill in the template as shown in the image & IF it's an executable - ZIP it - password protect the ZIP with 'INFECTED' OR 'MALWARE & tell the support team the password:
Thank you🙏
Flood🐳+🐋how do i not set it to "live"?
-
31 minutes ago, Flood and Flood's wife said:
Hello @MRnutty200,
Thank you for posting back some of the information!
The scan engine/function is the *same* across all of Kaspersky's software range - what is used in Kaspersky Free is the same as what's used in Kaspersky Premium - the different subscriptions have different features/options *but* not the basic fundamentals of the software - that's the same irrespective of: Free, Basic, Plus & or Premium.
- Please read: Scan settings.
Thank you🙏
Flood🐳+🐋also where or in what part of the forum can i make a post about a exe file that i think bypasses kapersky scanning so it doesnt get detected?
its a cryptominer im pretty shure
would be nice if we could do it right here!
-
40 minutes ago, Flood and Flood's wife said:
Hello @MRnutty200
Welcome back!
In an effort to effectively respond & wondering why (you've) decided to open a topic in the Beta Testing Products for Home & Business, Discussion section, we reviewed (your) previous topics; we observe a *theme*
To enable the Community to assist - please provide very simple information, outlined here: Read before you create a new topic! by Danila T., primarily:
- OS version & build?
- Kaspersky software name & version?
- Which *scanner* was used in the Kaspersky software?
- Re: "What it does" - are you referring to Kaspersky's scan software or the exe?
- READ: Scanning the computer & Scan settings -> *lots of information in the doco*.
Thank you🙏
Flood🐳+🐋i didnt see this was on the beta testing products etc but ok im using windows 10 and i used kapersky free since my trial is over (still waiting for christmass so i can buy it) i used the free version to scan this massive file and it came out as safe but i need specific directions of what it installs and does so i used kapersky threat intelligence portal to scan it . so im kinda asking if i need to buy premium on kapersky intelligence or can i do it whit the dialy trials . Also i used my dialy premium use and when i tried adding the file it was kinda big like 20 gigs so i yust added the exe(downloader) and it needed the other files so ? do i buy premium since i dont know if it supports massive files
-
so i scanned this big file thats a downloader and it yust scans it and says its safe?? and I know it might be safe but i need more details of what it does so i when to the scanner on the threat intelligence portal and it scanned it perfectly but... theres a problem the downloader needs like 6 extra files that are 2 gigs each and the intelligence portal cant scan big files so im here to ask to the professionals for help! so if yall know pls tell me !
heres the report hash:B66157F16489B018CCEECD7B2275D70F1D261A245D3BA2F19F027D4A4B2828CA
-
-
10 hours ago, Berny said:
Any suspicious application under Kaspersky Network Monitor ?
how do i find this feature since my kapersky is in spanish for somereason? i press alt f12 and still cant find it
-
hello i've been kinda concerned since theres aloot of weird stuff on my netstat that looks very odd does anyone know how to find RATS or how to remove them?
-
15 hours ago, harlan4096 said:
Check the pics taken in the test I've done in my VM:
https://mega.nz/folder/h8QVhR4T#VmUbg7B1Uu9JJ1oKIZmyjA
There is no infection there apparently, the only thing I saw is that it install Opera browser and set it in Windows AuntoRuns... none of the Second Opinion Scanners found anything suspicious...
im not shure it its safe but from what i heard its that it use to steal people passwords and they also have dlls for stuff and they never really checked the dlls and made shure that they where safe thats why it gained a load of contreversy.
but the conclusion is that its not malicious?
im super confused?
-
20 hours ago, harlan4096 said:
Thanks, I will try in a VM...
apart from it being a keylogger what else does it have?
-
1 minute ago, harlan4096 said:
Thanks, I will try in a VM...
also is kapersky threat intelligence good for scanning dlls?
it doesnt really give me aloot of info even whit a full scan
- 1
-
35 minutes ago, harlan4096 said:
the installer is not malicious but the EXE that it downloads is a keylogger
Mod Note: link removed.
-
47 minutes ago, harlan4096 said:
I sent 9 hours ago that file to K. analysts, and this is their final verdict:
Don't trust neither all the VT detections nor the comments there, They tend sometimes to be wrong or false positives...
also why does kapersky say that this program called exloader is safe:https://opentip.kaspersky.com/7AD99C1905E0C0CA46BD97650A50645592A6006F05062AA4580198C41C6491A1/results/suspiciousEvents
its a well known keylogger and has cause a load of contreversy on reddit. its a installer(setup) . the program in the installer is probably the keylogger or maybe the loader
and if you wonder why i keep replying whit more programs its yust cuzz something feels off about kapersky threat intelligence portal like really off its eather 100% accurate and doesnt give false positives or its detecting programs and dll's as safe
-
hello i've been using virus total for a while to spot rats and it works pretty well but when i use kapersky threat intelligence it doesnt detect the rat and says its safe
if you wonder how i know the dll its a rat is because.
1.-comes from a not repuateble website
2.-its a crack
3.-URLDownloadToFileW
URLDownloadToFileW is normal to find in dlls that are rats
-
1 hour ago, Flood and Flood's wife said:
Hello @MRnutty200,
Thank you for the update!
Before you end the chat, request the Chat operator send you a copy of the Chat transcript, otherwise you'll have no record of the conversation & if they tell you you can request by selecting the email icon, tell them there is no email icon for Kaspersky customers, only for Chat operators!
Thank you🙏
Flood🐳+🐋so what will happen after i wait for them to respond in gmail and also is there any other way of scanning my program so i can confirm that its not a virus
- 1
-
7 minutes ago, Flood and Flood's wife said:
Hello @MRnutty200,
Thank you for the update!
Before you end the chat, request the Chat operator send you a copy of the Chat transcript, otherwise you'll have no record of the conversation & if they tell you you can request by selecting the email icon, tell them there is no email icon for Kaspersky customers, only for Chat operators!
Thank you🙏
Flood🐳+🐋helloYou5.02.2024 23:13How may i assist you today?Operator5.02.2024 23:13i was recently told to make a chat for a problem whit kapersky Threat Intelligence PortalYou5.02.2024 23:13by a forum masterYou5.02.2024 23:13Okay, let me check on the issue details for youOperator5.02.2024 23:14okYou5.02.2024 23:14If you could please hold on for 1-3 minutes and I will check for you.Operator5.02.2024 23:14ok ill holdYou5.02.2024 23:15Thank you, please waitOperator5.02.2024 23:16Thank you for waiting patientlyOperator5.02.2024 23:18We are just trying to get more details on this, is that will be okay if I update you with an email within 24hours?Operator5.02.2024 23:19okYou5.02.2024 23:19We are just trying to get more details on this, is that will be okay if I update you with an email within 24hours?Operator5.02.2024 23:19like for messeges?You5.02.2024 23:19we will update you on emailOperator5.02.2024 23:19well yes its okayYou5.02.2024 23:20Sorry for the inconvenience caused.Operator5.02.2024 23:20Is there anything else I can help with before we end the chat?Operator5.02.2024 23:20no thats it thank you for the helpYou5.02.2024 23:20No worries.
Please take note of the reference number for this chat: INC000016171813
If that is all for now, I will end this chat here and I would appreciate it if you could complete a quick survey about the support that I have provided. 😊
Thank you for contacting Kaspersky and have a nice day. 😉Operator5.02.2024 23:21The conversation has been completed. Please feel free- 1
-
48 minutes ago, Flood and Flood's wife said:
Hello @MRnutty200,
Welcome back!
Has the issue been submitted to the Kaspersky Virus Lab - ask them why it's classified as Not categorized & also with the contrasting results from Virus Total: https://www.virustotal.com/gui/file/d79ab61997c279fb925193d6007569b47fa0515c11f62c3d30f76e271595757b/detection?
On the Kaspersky Customer Service page: https://support.kaspersky.com/b2c#contacts - select either Chat or Email, then fill in Malware, Other template; please include any screen images of the error & a *detailed history*. Zip the exe & password protect it - use either Malware OR Infected, *tell support the password*
Please share the outcome with the Community, when it's available?Thank you🙏
Flood🐳+🐋well i made a chat or ticket and they yust put me on gmail hold and know i have to wait lol
- 1
-
hello guys i've recently been told that kapersky threat intellingence is way better than virus total and that i should use it to scan exe's or anything that can have a virus well i've really liked it but now that im scanning some stuff it gives me a not categorized on extracted files and i cant really get an answer for the program that im scanning . does anyone in this forum now why i get this "NOT CATEGORIZED " thing on the scan? and how can i fix it .
and yes this only happens when i scan this specific program
-
everytime that i scan something that gets like 40 or 50 detections in virutototal KasperskyThreat Intelligence Portal gets no detections. Is this a problem whit the Kaspersky
Threat Intelligence Portal or is it correct?
does anyone know where i can scan big files\installers? kapersky scan doesnt do the job !
in Kaspersky Free
Posted
talking about this i yust sended the link to this forum guy called harlan4096 since he asked me to provide the link!