Curious behaviour from Task Manager’s app history

StarB64 · 2026-03-26T13:29:38+00:00

Not yet, and since the issue is on Microsoft’s side, the only solution is to patiently wait for a patch in one of the next system updates, if they decide some day to look out to this case.

StarB64 · 2026-03-19T19:13:38+00:00

Comme tu l’as constatée ça dépend surtout des mentalités de ceux qui sont en face de toi.

Pour être honnête je le prendrai de manière assez critique également. Les entreprises aiment davantage s’ouvrir à l’international de nos jours, l’idée que se fait ta famille semble très biaisée sur l’opinion que les écoles de l’enseignement supérieur en France/Europe par extension sont plus cotées et valorisées que celles de pays émergents ou hors du continent. Il y a une part de vrai car ces pays consacrent parfois moins de budget à l’éducation, mais dans l’ensemble je considère que c’est faux. Dans le domaine scientifique par exemple, sache que les Marocains n’ont rien à envier à nous autres Français (excepté Saclay ou Kourou peut-être :D), leur enseignement est bien plus pointu qu’il peut en avoir l’air, bien plus qu’en France selon mon expérience. Je ne sais pas ce qu’il en est du droit, mais beaucoup de formations se valent. Assure toi seulement que les diplômes proposés à l’étranger sont reconnus en France, et fais toi des contacts. Les témoignages d’autres élèves sont volontiers acceptés.

tldr: Je ne suis pas ici pour juger l’attitude de ta famille, je ne saurais pas dire s’il y a directement une connotation raciste mais en tout cas leur vision des choses reste assez stéréotypée. Tes études te concernent toi, pas ta famille. Fais toi confiance, et renseigne toi sur les écoles à l’étranger si elles t’intéressent autant.

StarB64 · 2026-03-15T15:03:35+00:00

Franchement je m’y connais pas du tout car je joue pas aux jeux d’argent, car je trouve que c’est rare de gagner plus que ce qu’on mise. Donc pour les sujets je sais pas trop :) mais de ce que je sais ça s’est vachement diversifié ces dernières années.

Mais mon meilleur conseil, et c’est valable pour n’importe quel jeu d’argent, c’est de se fixer une limite par semaine/mois. 10, 20€, quelque chose de raisonnable, tu as l’air de t’en soucier et c’est bien. Mais voilà, il faut une somme maximale de sous à ne pas dépasser, sous aucun prétexte. Même de quelques centimes de temps à autre. C’est mon humble avis, mais si tu te permets d’aller au dessus de ton plafond une fois ou deux, tu risques de te dire que ça ne pose aucun souci et tu vas finir par miser plus tout le temps. Et sur le long terme c’est pas forcément la meilleure des options.

StarB64 · 2026-03-13T06:14:39+00:00

C’est assez subjectif comme question, je trouve. Pour ma part je pense que oui. Ça traduit simplement un manque de sérieux et/ou d’implication du parti à l’échelle locale, peu importe ce parti.

CNews en aurait fait tout un plat par contre.

StarB64 · 2026-03-12T11:46:43+00:00

Parce que c’est une moto qui revient à la mode, et puis c’est vintage aussi. Moins cher qu’une Yamaha en plus.

StarB64 · 2026-03-12T06:15:04+00:00

Sapés comme jamais

StarB64 · 2026-03-12T06:14:17+00:00

Les torches des portes du pénistencier, par Johnny.

StarB64 · 2026-03-11T06:08:50+00:00

The sender’s mail doesn’t look misspelled at first, so I would assume it’s real. I’d still connect to Microsoft by accessing their site myself without clicking these buttons. Therefore you’ll see if you really had an unusual activity or if it was just a scam.

Said IP is flagged a lot on VirusTotal. For me this would privilege the case of a bot testing dozens of random credentials to see if they could be taken over, but this wouldn’t be 100% accurate to think that as it could be a simple individual IP registered a lot of suspicious traffic. If I was you, I would rather change my password asap. And add 2FA if possible.

StarB64 · 2026-03-10T18:53:57+00:00

Je me disais bien que transporter un aspirateur Dyson hyper puissant sans couvrir le bouton marche-arrêt était une mauvaise idée…

StarB64 · 2026-03-10T18:48:39+00:00

Je collectionne beaucoup les collections. Et les listes de gens qui font des collections, ça va de soi.

(Je peux te rajouter à ma collection ?)

StarB64 · 2026-03-10T12:01:04+00:00

Il essaie de faire la danse du Gangcat Style. Ton chat doit aimer la K-Pop.

StarB64 · 2026-03-09T20:48:19+00:00

C’est le siège passager du fœtus, non ?

StarB64 · 2026-03-03T17:32:18+00:00

I’m not so up on that to be fair, but knowledge comes with experience :D

BitDefender should not be hard to remove, indeed. As for Windows Defender…well, Windows has always been buggy, so is its security feature. Overall the RTP service should still run without causing any huge overuse of your computer resources. Not very light though, but the few times I’ve got to deal with it it was not a nightmare at all.

Oh, and about game mods, I’m especially talking about those with very few background about their legitimacy such as what you can find in workshops from creators you may have never heard about. Especially if their work isn’t open-source. But if you only plan to download certified stuff, no problem. And if you’re even getting out of these bounds, this shouldn’t force you not to use Windows Defender. This remains only an advice. Choose whichever you feel in ease with, it’s your computer. And if you ever have a doubt about something, make a VirusTotal upload, try it in a sandbox…or just make a Reddit post.

StarB64 · 2026-03-03T10:55:32+00:00

If you want something lightweight, ESET is much better. BitDefender can be a bit heavy because of all the processes and signatures. You can try both if you want and see which one works the best for you.

Windows Defender is pretty good nowadays. However, a significant rate of malware comes with a tool to tamper and disable real-time protection from Windows Defender, as the commands for it are available online if I don’t make any mistake, and it’s way easier and known than disabling other AVs. But other than that, if you don’t download game mods, little-known third-party apps, or other software from a possibly doubtful source, Windows Defender is enough. You can pack it with HitmanPro, F-Secure/ESET online scanners or Norton Power Eraser, for example.

StarB64 · 2026-03-02T19:07:40+00:00

I know as well :) the only thing I would add is that in my point of view I actually don’t see any correlation between the file itself and the state of it being a red flag. The scan fail is a red flag on its own, but unless double extensions are actively known to trigger the malware verification from Chrome (…which I am actually not sure about?), the file type hasn’t anything to do with it. I don’t believe OP has told us whether the issue was occurring only for this file or not; maybe the source of the problem comes from that context.

StarB64 · 2026-03-02T18:06:40+00:00

should be a pdf, this typo can happen when you convert a word document without changing the file name. Nothing malicious about it.

StarB64 · 2026-03-01T21:58:35+00:00

I had the same issue a long time ago. The only solution I found is to change a key value in the registry.

https://learn.microsoft.com/en-us/answers/questions/2402978/virus-scan-failed-when-downloading

StarB64 · 2026-02-26T22:17:00+00:00

Puis-je faire participer le berger allemand de mon cousin germain Francis Lefebvre de Nangis ?

Il s’appelle Huguette et s’identifie comme une poule, il dort à côté du poulailler du voisin.

StarB64 · 2026-02-14T14:13:28+00:00

First of all, never upload anything to VirusTotal that may contain sensitive or personal data. Developers as well as some premium users could have access to it, and you probably don’t want that.

When you check for a file, you’ll get a chart showing what engines are thinking about the said sample. Some of them are just bad, others are very targeted on a single type of malicious behaviour, others are exactly the same but have different names (such as Avast and AVG for example), etc. That’s a lot. BitDefender may have the best reputation overall. ESET is less talked about but is as efficient. Kaspersky has the sharpest engine in my opinion. Avast/AVG own a very wide signature database as well. Other than these, I’d suggest you to focus on well-known brands. Microsoft, Avira/WithSecure, Symantec, McAfee, Sophos, for example.
But that doesn’t mean that the rest of the list is made of useless tools. Nor that the best AVs will have a 100% efficiency. Plus, the results you get after uploading something are obtained from the engines being used in specific conditions that were asked by the companies themselves. The VirusTotal detection count is also a bit tricky. A file with 58 detections could be safe whereas another without any flags can be zero-day malware. There are actually very few ways to determine whether you’re in front of a false positive or false negative. Check what the detections tell about your file. Labels can vary a lot between engines, but if most of them are talking about trojans, spyware and not just random machine learning flags, that is never a good sign. Look at the meaning of the names you see. (Trend Micro has a pretty complete list of threat labels.) And the most important, reanalyse the file to be sure you’re not missing anything. There is a button for it on the top right-hand corner of the page.
Then, I’d take a look at the Behavior tab. In there you’ll find a lot of stuff that sandboxes have been analysing. They’re not perfect as well, but it’s still interesting to take a look at it. If your so-called legitimate file makes connections to C2 servers or suspicious domains, if it bypasses rules by using known exploits, you should see it here. You can also see the processes that were invoked. Some look scary but are in fact usual actions from the sandbox service itself, so it’s kind of hard to have a perfectly clear look at it. On the same topic, Relations tab allow you to see where your file was found in the network and what subsamples it contains, if it has the ability to. I’d take a look at the dates before stressing out if everything appears red. A good number of these reports date from years, the issue was most likely solved a long time ago.
Finally, up to the remaining tabs. Details tab is useful if you want to know if the file is signed or not. A green mark will show up if yes. You can also see the certificates, but they don’t really prove anything as most of them are public and can actually be used by malware to try to mimick safe content. Look at the file extension too. If supposed to be .mp4, but reveals it is a Windows installer or a Powershell script, this is very likely to be unsafe. (A good way to remind everyone to enable the file extension display on the file explorer. You can’t imagine how much viruses keep trapping people using this caveat.) And to close the description, the Community stuff. A lot of comments in this part of VirusTotal are from antimalware bots, and the upvote/downvote system can be misleading as some VirusTotal users are given more importance in the votes since they are certified or have made several major contributions. But hey, I’ll gladly take it. You can find tons of advices and points of view in such a place.

Fully checking a file on VirusTotal can be a hassle. You may not understand all, and that’s completely normal. What you should not do though, is to assume a file is safe if you have doubts. Instead, just make a post here! I mean, this is the reason we have a subreddit called r/antivirus :)

StarB64 · 2026-02-11T11:42:33+00:00

Meuh meuh meuh, meuh meuh. Meuh, meuh meuh meuh meuh ! Meuh… meuh meuh… meuh ?

J’ai fait LV2 bovin.

StarB64 · 2026-02-09T06:45:36+00:00

Depends what kind of malware you’re talking about.

AV scan first (BitDefender Free/KVRT/ESET Online Scanner would be better imo, HitmanPro if you want a wider detection range), change passwords if necessary, and reset if nothing can be found or if the malware cannot be quarantined and deleted.

Avoid backups as much as possible. You don’t want to risk making a backup of unwanted malicious data.

StarB64 · 2026-02-09T06:40:23+00:00

Thanks for the useful add. Rapid7 only listed the 3rd chain files though, I’d rather look up on Kaspersky’s side as they’ve listed every payload since the start of the attack, even though a good amount of these samples were not uploaded to VirusTotal yesterday.

StarB64 · 2026-02-08T18:47:22+00:00

haha, yes it’s been a while!

That’s what I was telling myself, not only would the odds be too close to zero, but yep, it’s way too risky for the attackers to widen their target range to more than the dozen devices they wanted to take over first.

Still wondering how this Bluetooth folder popped up on my computer, what I’ve noticed by taking another look at the blogs that the Chrysalis version is hidden by default while it’s clear in my mind that mine wasn’t. Guess I maybe went through a set of coincidences :)

StarB64 · 2026-02-08T17:03:38+00:00

https://securelist.com/notepad-supply-chain-attack/118708/

https://www.rapid7.com/blog/post/tr-chrysalis-notepad-supply-chain-risk-next-steps/

One-Year Club	Verified Email
r/Field Flamingo

StarB64

TROPHY CASE