All Questions
43
questions
0
votes
1
answer
53
views
When AV software puts files and various malicious "objects" in "quarantine", what exactly do they actually do?
I had malware on a computer, which Malwarebytes managed to remove. Or did it? It rather "put it in quarantine". And it's remained like that. I see no way to actually delete it.
This appears ...
2
votes
0
answers
307
views
Mysterious hidden files in C:\Windows -- are they malicious?
A few months ago, I noticed two strange hidden files in C:\Windows. They had seemingly random alphanumeric names, no file extensions, and seemingly random binary content. I didn't think much of it at ...
4
votes
1
answer
261
views
How do tech support scams work in windows? Is it malware, phishing, or how else would threats gain access to computers?
I'm currently working for Geek Squad at Best Buy in the front of the operation checking in client computers and I am frequently encountering bogus tech support scams which involves copious amounts of ...
0
votes
0
answers
28
views
I clicked on “show pictures” in a malware e-mail [duplicate]
I carelessly pressed “show picture “in a spam e-mail that was in my unwanted folder
When i clicked the link just disappeared and no picture was shown.how worried should I be?
I did a disk clean-up ...
0
votes
1
answer
4k
views
rundll32.exe making outbound TCP connection
I've been attempting to harden my network, and have taken some extra security precautions for the sake of learning, as well as.. to be secure. I've recently formatted and re-installed Windows 10, and ...
0
votes
1
answer
626
views
Explorer.exe making outbound TCP connection to Akamai
I've just noticed that my c:\windows\explorer.exe executable has attempted to make an outbound connection from localhost:49844 -> 104.111.87.125:443.
It seems that this IP is registered to Akamai, ...
0
votes
1
answer
55
views
win 10 - What are the things to look out for after you uninstalled a suspected malware?
I'm relatively under informed when it comes to windows operating system's core, other than it is notoriously insecure and features a wacky access control system unlike Linux.
I've accidentally ...
0
votes
1
answer
1k
views
Windows defender not removing Program:Win32/Cayunamer.A!ml from system [duplicate]
My Windows firewall gives me security alert that my device is affected by Program:Win32/Cayunamer.A!ml. But when I try to remove it by selecting action as Remove, no change occurs. It loads for a time ...
1
vote
1
answer
343
views
Prevent Infection of USB drive
I have a bootable USB drive full of computer repair tools. I would use it to repair a computer that might very well be infected by a virus or other malware. I would like to know how I can prevent ...
2
votes
1
answer
4k
views
Bypass UAC by using Remote Desktop to connect to localhost?
I can use Remote Desktop (RDP) to connect to computer B from computer A without typing my password, and vice versa, because I use the same account on these two computers. Further, in a remote desktop ...
5
votes
1
answer
27k
views
"Trojan:Script/Cloxer.A!cl", any info on this virus? what does this virus do? [duplicate]
Windows Defender identified and removed a threat on my Win10Pro PC called "Trojan:Script/Cloxer.A!cl". But there is no information on the web on this trojan, searching for this yields little/nothing. ...
0
votes
0
answers
43
views
Removing the Malware From Hell [duplicate]
My home server (aging HP Proliant MicroServer, Windows 7 x64) has acquired some Malware from Hell. Turned up in one of those dodgy installers that wraps a legitimate installer in another package, and ...
1
vote
2
answers
1k
views
Malicious software removal tool reports hundreds of infections and finally finds nothing
I have downloaded the Malicious software removal tool from the Microsoft website, and got the November 2017 edition, which obviously is the latest one available. During Quick analyse, the tool reports ...
0
votes
3
answers
116
views
Can ransomware encrypt data on protected devices by coming through unprotected devices?
We have about 8-10 Windows devices in our business. Some of them do not hold important data. Others store company accounting files, labels, inventory databases, etc. We would like to install a good ...
-2
votes
1
answer
330
views
Can a normal antivirus protect you from WannaCry or other ransomware?
My understanding is that the WannaCry ransomware spreads itself using two mechanisms:
Opening an infected email attachment
Exploiting a remote code execution vulnerability in another computer
...
0
votes
0
answers
1k
views
Are home users vulnerable to the wcrypt malware "outbreak"?
Let me see if I get it all right...
Hackers are exploiting the vulnerability that was leaked from NSA files using wcrypt(all other the news today), which seems to be a worm virus: it searches for new ...
0
votes
1
answer
2k
views
Weird USB device shows up in logs
From time to time I use usbdeview, a small tool to show installed usb drivers, to check on my PC if someone has plugged in a flash drive etc. while I was not attending the computer.
Anyway, couple ...
0
votes
1
answer
1k
views
window security center can't be started [duplicate]
I'm using Windows 7 64-bit (x64)
Infection date and initial symptoms:
Last week, I noticed when I right click on a red flag in "Window Security Alert" icon, it pop out a message "Security Center ...
3
votes
1
answer
884
views
Is it possible for a console application to deny closing with CTRL + C?
When I run a console application (either a .bat or a .exe console application made with a language like Cpp or C# for example) in a shell, I can hit Control + C to stop the operation.
Is it possible ...
1
vote
3
answers
1k
views
Does password protecting folders protects against ransomware?
In Linux, one of the layers of protection against malware is the fact that you need sudo privileges, malware most often would not be able to crack the sudo password, hence it's unable to do what is ...
4
votes
1
answer
3k
views
Random powershell.exe process?
I noticed a couple days ago in Task Manager that I have a powershell.exe process running. When I went to msconfig it has a really long command. Here it is:
C:\Windows\system32\WindowsPowerShell\v1.0\...
2
votes
1
answer
3k
views
Can Windows 'USB Install Media' Get Infected With Malware When Booting From It?
If you were to boot from a clean Windows USB Install Media drive on an infected system, could that USB drive get infected with malware while in that environment?
If the system is infected and we want ...
0
votes
1
answer
162
views
How credible is company/publisher and its version information of DLL or EXE?
This Stackoverflow question shows how to modify version information in some classes of binary files, like DLLs. I often rely on the version information as one metric (amongst many) for peace of mind ...
0
votes
1
answer
185
views
Does marking files as readonly make them secure?
In Windows (or any OS, really), does marking a file as "Readonly" make it less susceptible to malware and unwanted manipulation? Additionally, should I still scan readonly files for viruses and other ...
2
votes
1
answer
5k
views
Is UEFI more or less vulnerable than Legacy BIOS?
Is UEFI more secure than BIOS on a Windows 8.1 machine?
Is UEFI vulnerable to malware in ways that Legacy BIOS is not?
Is it correct that UEFI can connect to the internet before the OS (or anti-...
1
vote
1
answer
41
views
Is there a way to restrict my program installation to a certain web-source on Windows?
I have a program HelloWorld, signed by me and distributed from my company site. But someone has downloaded it from my site, wrapped into program SuperDuperHelloWorld and also added some malware into ...
1
vote
1
answer
14k
views
Identifying program attempting to install certificate on windows
I'm trying to help a friend using Windows (which I'm not an expert on by any means) who's experiencing malware-like behavior: a dialog box is repeatedly popping up reading:
You are about to install ...
8
votes
4
answers
4k
views
If you block an .exe file in Windows Firewall, are you also blocking the .dll files it uses or it needs to be done separatly?
Let's consider this scenario:
There's some X software downloaded from the internet with one .exe file and several .dll files.
The .exe file is prevented from accessing the Internet by using Windows ...
3
votes
1
answer
10k
views
Is it possible to find the origin of a virus?
Is there any method with which you can determine the origin for a given piece of malware in Windows?
One of my PCs was recently infected with the PWS:Win32/Zbot.gen!AP password stealing trojan. Is ...
10
votes
4
answers
1k
views
Is it possible to safely contain a virus - not letting it spread?
I need to run a program, but I don't trust the author. I think it is infected with spyware, viruses, or malicious files. I scanned it and didn't find anything, but I'm still not feeling good about it. ...
1
vote
3
answers
2k
views
Do you recognise this suspicious folder: Malicious or Benign
Does anyone recognise this suspicious folder that sits on my C drive?
The folder sits on my C drive at C:\cacde6d0fd849a939328ab\ The name obviously looks like a hash/encryption/or junk text.
The ...
3
votes
2
answers
292
views
What does an AVG "False alarm" message mean?
My question is about the category of AVG alerts which contain the text "False alarm", such as the one that appears in this old forum thread: http://forums.avg.com/us-en/avg-forums?sec=thread&act=...
5
votes
1
answer
3k
views
Are live CD/DVDs more secure than live USB?
If you create a bootable live CD/DVD for an OS such as Linux or Windows, is that more secure than a live USB that does the same thing? What if the disk is a CD-R or DVD-R as opposed to a CD-RW or DVD-...
1
vote
2
answers
206
views
How can I harden my system against an infected website? [closed]
Let’s say that I have to go to a website, and I am 99% sure that it will attempt to put a virus on my computer somehow. What settings can I change in my browser, OS, etc. to make sure that I will be ...
1
vote
2
answers
783
views
How to fully uninstall Adobe Flash?
Unfortunately a game bundled Adobe Flash in its installer, thus it clawed its way onto my PC. I haven't been using Windows for a while (Used it for a long time but took a hiatus with another OS) so I ...
23
votes
4
answers
6k
views
What are ways to prevent files with the Right-to-Left Override (RLO) Unicode character in their filenames (malware spoofing method) from being run?
How the RLO unicode character is used by malware:
[...] This virus's file name is crafted in a way that PC users take it for a benign file from its appearance (mainly the file extension) and open it.
...
0
votes
1
answer
1k
views
Is dual-booting more secure than having a single operating system installed?
I need some advice. I've recently become wary about using one computer for everything I do, from a security perspective. I have antimalware installed, but I also download and run a lot of stuff I find ...
1
vote
3
answers
146
views
Can malware/intrusion attempt via browser, attack other computers on same local network? (Windows) (no shares setup)? [closed]
Can malware, if running within a plug-in or elsewhere within the browser, or if downloaded and executed, or within a site that attempts intrusion, attack other machines on the local network, even if ...
2
votes
2
answers
126
views
Is it possible to install software in such a way that the user can't remove it?
Let's say a program is contained entirely in a jar or exe. Is it possible for this program to propagate itself such that the user can't possibly remove it from the machine? I'm wondering how much ...
3
votes
4
answers
4k
views
Trusteer Rapport "security software" says my computer is infected
I'm sure I'm not the first person to come across this, but here in the UK it seems every major bank (e.g. HSBC, NatWest, etc.) are getting their customers to install Trusteer's Rapport software before ...
3
votes
6
answers
1k
views
How did my computer get compromised?
How is it possible that my up to date install of Windows 7 with UAC enabled and Microsoft Security Essentials running became compromised, seemingly in a website drive-by?
I've run ostensibly the same ...
4
votes
18
answers
1k
views
Is free security software as good as paid security software? [closed]
I mostly use free security solutions to protect my home PC, but I wonder if I would get better protection from a paid solution.
I prefer the free software, since I can have multiple applications ...
103
votes
23
answers
17k
views
How can I make a Windows PC bullet-proof for home users? [closed]
I realize that virus-proof on a Windows PC is far fetched, but in the interest of keeping time spent as the "family-tech-support" to a minimum, I am looking for ideas to lock a computer down to the ...