Windows Xp Virus

[Faustina Bartsch]

Onlyviruses targeted at Linux would affect Ubuntu. There are currently zero viruses active that are targetting Linux the way Windows can be infested. We desktop users are still a lot more better protected out of the box than Windors users.

A fully updated current Ubuntu could have an unknown bug in a software someone could abuse to get a virus onto your system but there is currently not a method where a malware infects millions of systems by releasing that virus. Your system would be targeted specifically to attack you.

You can install a virus yourself by downloading it as part of another software but that would be from an unsecure source and we just do not do that. All of our ways of installing software are through trusted sources.

Yes: malware on Windows could modify the bootloader of you Linux system. This modified bootloader could then for example save the encryption key to your disk once you provide the password to unlock your disk or it could further infect the then unlocked disk. There are no known virusses doing this, but it's entirely possible this exists and just has not been detected yet.

Longer answer: yes, but unlikely (too rare target to bother) and if they do, they will more likely destroy/damage your Linux partition than access data there (it's possible, but way too tricky for most malware).

Yes, absolutely. Any program running on your user account has the ability to do anything that you can do - that includes modifying disks, as long as you have access to them in Explorer. Raw disk access requires administrator permissions, but there are still a lot of evil things that you can do as a standard user account to corrupt a Linux installation, like formatting the partition.

Note that Windows is a fundamentally insecure OS, and if you are concerned about it being able to tamper with your Linux installation, you should be running it in a sufficiently sandboxed virtual machine.

If your computer has a TPM (most recent machines do), it might be possible for you to enable Secure Boot with disk encryption, which would prevent a bare-metal Windows from reading your Linux data (but not corrupting it). It would also prevent it from installing a rootkit in kernel-space (...by bricking your Linux install if it tries), but it wouldn't prevent reflashing/infection of the BIOS like some of the other answers here describe.

Note that UEFI is not separate from the BIOS as some answerers claim. UEFI is simply an interface that some modern BIOSes implement as an alternative (or the only) way of booting the system. Therefore any "UEFI malware" is actually just BIOS malware.

In the mid 1980's I used Norton Utilities to wipe the free space on my C: drive. I had a D: drive on the the same physical disk. It erased the D: drive entirely as free space. Recovering from 360K floppies was not fun, and ultimately not successful. Lesson learned.

I had compiled a simple hello world program in C with the MinGW compiler using the command line. As it had finished compiling, windows defender popped up and detected a virus (Trojan:Win32/Fuery.C!cl).

EDIT: I deleted the path variable of C:/MinGW and added CodeBlock's MinGW compiler. I then used the command line to compile the same C file again and had uploaded the .exe file to VirusTotal. This time, 0 engines detected. So I have come to the conclusion that, the MinGW compiler that I had installed was creating this problem.

This is what I did: I removed the PATH Variable of C:\MinGW and added CodeBlock's MinGW compiler (CodeBlocks/MinGW/bin). I used the command line to compile the same C file, and had uploaded the .exe to VirusTotal. No engines detected this file!

Since you wrote that program and you know it isn't actually a Trojan, it's obviously a false positive. You should submit the file to them at so they can figure out why it's triggering the false positive and fix it. (If it happens with everything you compile, just sending them one will suffice.) In the meantime, you should add an exclusion to Windows Defender for the folder that you compile your executables in.

I ran into this after installing MinGW on 01-08-20(dd-mm-yy).For me it was also Windows Defender, the way to - hopefully temporarily- get rid of this is to add an exception for the folder your compilation output will reside in.The Microsoft website states these steps to add an exclusion:

I had a similar problem. I figured out that the following dll was missing: mingw32-libmingwex-dll. Once I installed it via "MinGW Installation Package", I didn't have the problem anymore.I hope this can help others.

I had the same problem (having a freshly compiled executable on a clean machine, accused of carrying malware), however when updating a project with VS2022, originally done in VS2015 and using VB. After compiling and taking the executable to the installation folder, a few seconds after replacing the old executable, Windows Defender detected a virus (Win32/Nuqel!pz), removed it from the run folder and quarantined it. My client, who needed to use the new version, had to put the executable as an exception, which is a reduced security condition.

Microsoft Safety Scanner is a scan tool designed to find and remove malware from Windows computers. Simply download it and run a scan to find malware and try to reverse changes made by identified threats.

Safety Scanner is exclusively SHA-2 signed. Your devices must be updated to support SHA-2 in order to run Safety Scanner. To learn more, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.

Microsoft Safety Scanner only scans when manually triggered. Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run Safety Scanner again. We recommend that you always download the latest version of this tool before each scan.

This tool doesn't replace your antimalware product. For real-time protection with automatic updates, use Microsoft Defender Antivirus on Windows 11, Windows 10, and Windows 8 or Microsoft Security Essentials on Windows 7. These antimalware products also provide powerful malware removal capabilities. If you're having difficulties removing malware with these products, you can refer to our help on removing difficult threats.

So today I was watching a Youtube video and I noticed everything started getting extremely slow and things became very delayed, even just moving my mouse, I opened task manager which took several seconds and saw "Antimalware Service Executable" using 80% of my disk, which is strange as I don't recall starting a scan or anything.

Upon searching it up people are suggesting it's either an error with windows defender, or a virus that may be acting as windows defender. I've ran a full scan with windows defender and am running one with Malwarebytes currently but neither seem to be finding anything.

Does anyone know how to fix this? Any kind of help would be greatlyyy appreciated.

While you are waiting for the next qualified/approved malware removal expert helper to weigh in on your topic, and even though you may have run the following Malwarebytes utility, or its subsets, please carefully follow these instructions:

For the short time between when you post the diagnostic logs, and when your helper weighs in, please take no further self-directed remedial actions that will invalidate the diagnostic logs you will have sent.

Hi. Very glad to read the scan result. As to the screen grab above, the very key words are "during a scan run of Microsoft Defender antivirus". Yes that is normal during a on-going scan of MS Defender.

As to when there is NOT a scan on-going, like during idle or lightly loaded system, the percentahe of system use would be a lot lower.

Thus, if the screen capture is during a scan, this is normal.

By the by, while in Task Manager, if you do a RIGHT-click on Antimalware Service Executable" and select "Properties" you would see the executbale name of msmpeng.exe on the folder location C:\Programdata\Microsoft\Windows Defender\Platforum\4.18.nnnn.n

That is the engine executable of MS Defender antivirus.

So I was just completely overreacting, I probably have just never thought to check task manager during a scan, so it seemed strange, and also is 95% cpu usage also normal during a scan, cause I was just running another scan just to double check, and it's hovering right around 90-95% cpu.

A standard quick scan with Microsoft Defender should be just a few minutes in duration. And as to the percentage, it would fluctuate up and down. It is not like the percent in use is 90+ all day long. A strong caution I would advise to everybody, is to be cautious when looking at Task Manager stats.

This is a follow-up on the SecurityCheck report. These are what you need to take action on.

I would suggest that you insure to have Version 4.5.24.248 of Malwarebytes.

Do a Check for Update using the Malwarebytes Settings >> General tab.

As to s-l-o-w or lagging computer

there are several areas that you can look into.

Here are a few links to handy articles

Please know that a slow condition can be due to non-infection factors.

KPRM only removes the security tools/report tools I had you use. If you have a concern about installed programs Razer Cortex or Razer Synapse and do not want them, look in Windows installed programs list and remove as desired. -us/windows/uninstall-or-remove-apps-and-programs-in-windows-4b55f974-2cc6-2d2b-d092-5905080eaf98

Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

The reason why I want to do this is because I get laptops that have been infested and its my job to clean them for viruses. Normally I just started up a Virus scan and a Windows Defender scan. An hour later they both would be done.

If you wish to run Windows Defender scan, you must disable you other installed antivirus for that moment. Once the scan from Windows defender has finished scanning, you can start up another antivirus and continue scanning with that. I think, it is a good initiative by Windows 8 to disable Windows defender, if it finds another antivirus, as in case of Windows 7, we have to manually take care of it, as keeping two antivirus software together on a machine is not advisable.

3a8082e126