All Questions
43
questions
0
votes
1
answer
53
views
When AV software puts files and various malicious "objects" in "quarantine", what exactly do they actually do?
I had malware on a computer, which Malwarebytes managed to remove. Or did it? It rather "put it in quarantine". And it's remained like that. I see no way to actually delete it.
This appears ...
2
votes
0
answers
307
views
Mysterious hidden files in C:\Windows -- are they malicious?
A few months ago, I noticed two strange hidden files in C:\Windows. They had seemingly random alphanumeric names, no file extensions, and seemingly random binary content. I didn't think much of it at ...
- 21
4
votes
1
answer
261
views
How do tech support scams work in windows? Is it malware, phishing, or how else would threats gain access to computers?
I'm currently working for Geek Squad at Best Buy in the front of the operation checking in client computers and I am frequently encountering bogus tech support scams which involves copious amounts of ...
- 49
0
votes
0
answers
28
views
I clicked on “show pictures” in a malware e-mail [duplicate]
I carelessly pressed “show picture “in a spam e-mail that was in my unwanted folder
When i clicked the link just disappeared and no picture was shown.how worried should I be?
I did a disk clean-up ...
0
votes
1
answer
4k
views
rundll32.exe making outbound TCP connection
I've been attempting to harden my network, and have taken some extra security precautions for the sake of learning, as well as.. to be secure. I've recently formatted and re-installed Windows 10, and ...
- 1
0
votes
1
answer
626
views
Explorer.exe making outbound TCP connection to Akamai
I've just noticed that my c:\windows\explorer.exe executable has attempted to make an outbound connection from localhost:49844 -> 104.111.87.125:443.
It seems that this IP is registered to Akamai, ...
0
votes
1
answer
55
views
win 10 - What are the things to look out for after you uninstalled a suspected malware?
I'm relatively under informed when it comes to windows operating system's core, other than it is notoriously insecure and features a wacky access control system unlike Linux.
I've accidentally ...
- 1
0
votes
1
answer
1k
views
Windows defender not removing Program:Win32/Cayunamer.A!ml from system [duplicate]
My Windows firewall gives me security alert that my device is affected by Program:Win32/Cayunamer.A!ml. But when I try to remove it by selecting action as Remove, no change occurs. It loads for a time ...
- 15
1
vote
1
answer
343
views
Prevent Infection of USB drive
I have a bootable USB drive full of computer repair tools. I would use it to repair a computer that might very well be infected by a virus or other malware. I would like to know how I can prevent ...
- 79
2
votes
1
answer
4k
views
Bypass UAC by using Remote Desktop to connect to localhost?
I can use Remote Desktop (RDP) to connect to computer B from computer A without typing my password, and vice versa, because I use the same account on these two computers. Further, in a remote desktop ...
- 123
5
votes
1
answer
27k
views
"Trojan:Script/Cloxer.A!cl", any info on this virus? what does this virus do? [duplicate]
Windows Defender identified and removed a threat on my Win10Pro PC called "Trojan:Script/Cloxer.A!cl". But there is no information on the web on this trojan, searching for this yields little/nothing. ...
- 73
0
votes
0
answers
43
views
Removing the Malware From Hell [duplicate]
My home server (aging HP Proliant MicroServer, Windows 7 x64) has acquired some Malware from Hell. Turned up in one of those dodgy installers that wraps a legitimate installer in another package, and ...
- 101
1
vote
2
answers
1k
views
Malicious software removal tool reports hundreds of infections and finally finds nothing
I have downloaded the Malicious software removal tool from the Microsoft website, and got the November 2017 edition, which obviously is the latest one available. During Quick analyse, the tool reports ...
- 1,397
0
votes
3
answers
116
views
Can ransomware encrypt data on protected devices by coming through unprotected devices?
We have about 8-10 Windows devices in our business. Some of them do not hold important data. Others store company accounting files, labels, inventory databases, etc. We would like to install a good ...
- 104
-2
votes
1
answer
330
views
Can a normal antivirus protect you from WannaCry or other ransomware?
My understanding is that the WannaCry ransomware spreads itself using two mechanisms:
Opening an infected email attachment
Exploiting a remote code execution vulnerability in another computer
...
- 1,732
0
votes
0
answers
1k
views
Are home users vulnerable to the wcrypt malware "outbreak"?
Let me see if I get it all right...
Hackers are exploiting the vulnerability that was leaked from NSA files using wcrypt(all other the news today), which seems to be a worm virus: it searches for new ...
- 223
0
votes
1
answer
2k
views
Weird USB device shows up in logs
From time to time I use usbdeview, a small tool to show installed usb drivers, to check on my PC if someone has plugged in a flash drive etc. while I was not attending the computer.
Anyway, couple ...
- 11
0
votes
1
answer
1k
views
window security center can't be started [duplicate]
I'm using Windows 7 64-bit (x64)
Infection date and initial symptoms:
Last week, I noticed when I right click on a red flag in "Window Security Alert" icon, it pop out a message "Security Center ...
- 13
3
votes
1
answer
884
views
Is it possible for a console application to deny closing with CTRL + C?
When I run a console application (either a .bat or a .exe console application made with a language like Cpp or C# for example) in a shell, I can hit Control + C to stop the operation.
Is it possible ...
- 193
1
vote
3
answers
1k
views
Does password protecting folders protects against ransomware?
In Linux, one of the layers of protection against malware is the fact that you need sudo privileges, malware most often would not be able to crack the sudo password, hence it's unable to do what is ...
- 5,450
4
votes
1
answer
3k
views
Random powershell.exe process?
I noticed a couple days ago in Task Manager that I have a powershell.exe process running. When I went to msconfig it has a really long command. Here it is:
C:\Windows\system32\WindowsPowerShell\v1.0\...
- 65
2
votes
1
answer
3k
views
Can Windows 'USB Install Media' Get Infected With Malware When Booting From It?
If you were to boot from a clean Windows USB Install Media drive on an infected system, could that USB drive get infected with malware while in that environment?
If the system is infected and we want ...
- 21
0
votes
1
answer
162
views
How credible is company/publisher and its version information of DLL or EXE?
This Stackoverflow question shows how to modify version information in some classes of binary files, like DLLs. I often rely on the version information as one metric (amongst many) for peace of mind ...
- 4,877
0
votes
1
answer
185
views
Does marking files as readonly make them secure?
In Windows (or any OS, really), does marking a file as "Readonly" make it less susceptible to malware and unwanted manipulation? Additionally, should I still scan readonly files for viruses and other ...
- 111
2
votes
1
answer
5k
views
Is UEFI more or less vulnerable than Legacy BIOS?
Is UEFI more secure than BIOS on a Windows 8.1 machine?
Is UEFI vulnerable to malware in ways that Legacy BIOS is not?
Is it correct that UEFI can connect to the internet before the OS (or anti-...
- 39
1
vote
1
answer
41
views
Is there a way to restrict my program installation to a certain web-source on Windows?
I have a program HelloWorld, signed by me and distributed from my company site. But someone has downloaded it from my site, wrapped into program SuperDuperHelloWorld and also added some malware into ...
- 281
1
vote
1
answer
14k
views
Identifying program attempting to install certificate on windows
I'm trying to help a friend using Windows (which I'm not an expert on by any means) who's experiencing malware-like behavior: a dialog box is repeatedly popping up reading:
You are about to install ...
8
votes
4
answers
4k
views
If you block an .exe file in Windows Firewall, are you also blocking the .dll files it uses or it needs to be done separatly?
Let's consider this scenario:
There's some X software downloaded from the internet with one .exe file and several .dll files.
The .exe file is prevented from accessing the Internet by using Windows ...
- 2,099
3
votes
1
answer
10k
views
Is it possible to find the origin of a virus?
Is there any method with which you can determine the origin for a given piece of malware in Windows?
One of my PCs was recently infected with the PWS:Win32/Zbot.gen!AP password stealing trojan. Is ...
user201262
10
votes
4
answers
1k
views
Is it possible to safely contain a virus - not letting it spread?
I need to run a program, but I don't trust the author. I think it is infected with spyware, viruses, or malicious files. I scanned it and didn't find anything, but I'm still not feeling good about it. ...
- 5,450