Hi I have been getting this popup recently and am struggling to find the source/fix it.

"aborted connection to api.privatechatting.com because it was infected with url blacklist. "

URL - -http://api.privatechatting.com/connect-

process - C:/Windows/System32/WindowsPowerShell/v1.0/powershell.exe

I’m not very computer literate, so please explain it simply for me

I saw some forums online that prompted me to install autorun and sysinspector. I’m not too familiar with either program but I couldn’t see anything obvious when using them, as to what the cause may be. Any help is appreciated

Hi, I’d suggest to post/ask here: https://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-help

okay, I will post there, thank you

You’re welcome.

Any link starting with http should make you twice shy to click it without checking it’s security in advance.

The link you presented us with landed you at: -https://www.afternic.com/forsale/api.privatechatting.com?utm_source=TDFS_DASLNC&utm_medium=DASLNC&utm_campaign=TDFS_DASLNC&traffic_type=TDFS_DASLNC&traffic_id=daslnc&utm_source=TDFS_DASLNC&utm_medium=DAS

The word ‘forsale’ in that link may say enough i.m.h.o.

Therefore Asyn’s advice is a valid one, as you will find some trained malware removal expert’s advice there, tailored to your specific malware situation.

Anyway the link above was given clean: https://www.virustotal.com/gui/url/534a35411f212abb3d349ca8e0a13a81ceb200e888fa731d6db1c1f0584691ce?nocache=1 But wait for the opinion of the malware cleansers at bleepingcomputer dot com.

polonus