All Questions
43
questions
2
votes
0
answers
307
views
Mysterious hidden files in C:\Windows -- are they malicious?
A few months ago, I noticed two strange hidden files in C:\Windows. They had seemingly random alphanumeric names, no file extensions, and seemingly random binary content. I didn't think much of it at ...
23
votes
4
answers
6k
views
What are ways to prevent files with the Right-to-Left Override (RLO) Unicode character in their filenames (malware spoofing method) from being run?
How the RLO unicode character is used by malware:
[...] This virus's file name is crafted in a way that PC users take it for a benign file from its appearance (mainly the file extension) and open it.
...
- 6,313
0
votes
1
answer
53
views
When AV software puts files and various malicious "objects" in "quarantine", what exactly do they actually do?
I had malware on a computer, which Malwarebytes managed to remove. Or did it? It rather "put it in quarantine". And it's remained like that. I see no way to actually delete it.
This appears ...
CommunityBot
- 1
4
votes
1
answer
261
views
How do tech support scams work in windows? Is it malware, phishing, or how else would threats gain access to computers?
I'm currently working for Geek Squad at Best Buy in the front of the operation checking in client computers and I am frequently encountering bogus tech support scams which involves copious amounts of ...
- 10.8k
3
votes
4
answers
4k
views
Trusteer Rapport "security software" says my computer is infected
I'm sure I'm not the first person to come across this, but here in the UK it seems every major bank (e.g. HSBC, NatWest, etc.) are getting their customers to install Trusteer's Rapport software before ...
0
votes
0
answers
28
views
I clicked on “show pictures” in a malware e-mail [duplicate]
I carelessly pressed “show picture “in a spam e-mail that was in my unwanted folder
When i clicked the link just disappeared and no picture was shown.how worried should I be?
I did a disk clean-up ...
CommunityBot
- 1
0
votes
1
answer
4k
views
rundll32.exe making outbound TCP connection
I've been attempting to harden my network, and have taken some extra security precautions for the sake of learning, as well as.. to be secure. I've recently formatted and re-installed Windows 10, and ...
- 1
0
votes
1
answer
626
views
Explorer.exe making outbound TCP connection to Akamai
I've just noticed that my c:\windows\explorer.exe executable has attempted to make an outbound connection from localhost:49844 -> 104.111.87.125:443.
It seems that this IP is registered to Akamai, ...
CommunityBot
- 1
0
votes
1
answer
55
views
win 10 - What are the things to look out for after you uninstalled a suspected malware?
I'm relatively under informed when it comes to windows operating system's core, other than it is notoriously insecure and features a wacky access control system unlike Linux.
I've accidentally ...
- 159k
0
votes
1
answer
1k
views
Windows defender not removing Program:Win32/Cayunamer.A!ml from system [duplicate]
My Windows firewall gives me security alert that my device is affected by Program:Win32/Cayunamer.A!ml. But when I try to remove it by selecting action as Remove, no change occurs. It loads for a time ...
CommunityBot
- 1
2
votes
1
answer
4k
views
Bypass UAC by using Remote Desktop to connect to localhost?
I can use Remote Desktop (RDP) to connect to computer B from computer A without typing my password, and vice versa, because I use the same account on these two computers. Further, in a remote desktop ...
CommunityBot
- 1
8
votes
4
answers
4k
views
If you block an .exe file in Windows Firewall, are you also blocking the .dll files it uses or it needs to be done separatly?
Let's consider this scenario:
There's some X software downloaded from the internet with one .exe file and several .dll files.
The .exe file is prevented from accessing the Internet by using Windows ...
- 1
1
vote
3
answers
1k
views
Does password protecting folders protects against ransomware?
In Linux, one of the layers of protection against malware is the fact that you need sudo privileges, malware most often would not be able to crack the sudo password, hence it's unable to do what is ...
CommunityBot
- 1
1
vote
1
answer
343
views
Prevent Infection of USB drive
I have a bootable USB drive full of computer repair tools. I would use it to repair a computer that might very well be infected by a virus or other malware. I would like to know how I can prevent ...
- 26.2k
5
votes
1
answer
27k
views
"Trojan:Script/Cloxer.A!cl", any info on this virus? what does this virus do? [duplicate]
Windows Defender identified and removed a threat on my Win10Pro PC called "Trojan:Script/Cloxer.A!cl". But there is no information on the web on this trojan, searching for this yields little/nothing. ...
- 73