ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Topics
    2. Tags
    3. virus
    Log in to post
    • All categories
    • scottalanmillerS

      QBX, Priorietary Dashcams and Hacked Police Departments

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion security qbx video dashcam chain of custody rootkit virus trojan flashback
      4
      2 Votes
      4 Posts
      716 Views
      scottalanmillerS

      @DustinB3403 said in QBX, Priorietary Dashcams and Hacked Police Departments:

      @scottalanmiller Yea I've had to deal with this in the past, the software is just awful to deal with, and literally makes nothing more secure, for either the prosecution, defendant(s) or the public attempting to view the material.

      Simple answer is, that it just proves how vulnerable police departments are with such horrible software requirements.

      Not aware of any requirement. They just choose this kind of equipment over other options.

    • CCWTechC

      Windows defender quarentined my VM... WTH?

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion virus hyper-v antivirus server
      6
      0 Votes
      6 Posts
      635 Views
      scottalanmillerS

      @CCWTech said in Windows defender quarentined my VM... WTH?:

      @Obsolesce said in Windows defender quarentined my VM... WTH?:

      @CCWTech said in Windows defender quarentined my VM... WTH?:

      Server down this morning...
      VHDX File is just gone... It's missing...
      I found out that Windows Defender had detected it was (or had) a virus and quarantined it...

      How Windows defender even would ever quarantine a VHDX is beyond me.

      Come on Microsoft!

      That's odd. VHD/VHDX files are NOT ever scanned by the host, unless of course they are mounted in the same way as a disk or USB disk is to the host OS for example. Otherwise, they are treated like a black box. So something else had to have happened for it to be quarantined by the host OS. That doesn't just happen willy-nilly.

      Additionally, VM files are automatically excluded when the Hyper-V server role is installed. So again, something isn't configured correctly or something weird is going on.

      What happened to you isn't default behavior.

      Not sure, we 'inherited' the server. We don't do HYPER-V any longer. Everything is KVM now. (Proxmox)

      But it was for sure quarantiined. Funny thing is that Windows defender scan of the actual VM shows no virus... So weird.

      My guess would be that the VM's AV cleaned it up separate from the host's AV killing the VM.

    • CCWTechC

      Real Time Coronavirus Website

      Watching Ignoring Scheduled Pinned Locked Moved Water Closet coronavirus wuhun virus
      62
      3 Votes
      62 Posts
      6k Views
      CCWTechC

      In other news...

      Coronavirus Conference to be cancelled... Because of Coronavirus.

      https://www.bloomberg.com/news/articles/2020-03-10/coronavirus-conference-gets-canceled-because-of-coronavirus

    • mlnewsM

      New MS Word Attacks Do Not Need Macros

      Watching Ignoring Scheduled Pinned Locked Moved News word security malware virus ars technica
      1
      4 Votes
      1 Posts
      753 Views
      No one has replied
    • mlnewsM

      WikiLeaks Releases CIA Malware Codebase

      Watching Ignoring Scheduled Pinned Locked Moved News wikileaks marble malware virus cia security
      1
      2 Votes
      1 Posts
      836 Views
      No one has replied
    • JaredBuschJ

      WPAD alert

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion virus alerts
      7
      1 Votes
      7 Posts
      2k Views
      CloudKnightC

      @JaredBusch could try hitmanpro and adwcleaner to double check..

    • AmbarishrhA

      virus cleanup-advise needed

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion virus malware
      12
      0 Votes
      12 Posts
      2k Views
      scottalanmillerS

      @Ambarishrh said in virus cleanup-advise needed:

      Can webroot help me here, thinking of using webroot and see if it can clean

      Maybe. Anything "might" work. But you'll never know.

    • Rob DunnR

      Cerber virus/ransomware making the rounds...

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion virus ransomware spam
      28
      5 Votes
      28 Posts
      16k Views
      wirestyle22W

      @scottalanmiller said in Cerber virus/ransomware making the rounds...:

      @wirestyle22 said in Cerber virus/ransomware making the rounds...:

      @scottalanmiller said in Cerber virus/ransomware making the rounds...:

      @wirestyle22 said in Cerber virus/ransomware making the rounds...:

      @scottalanmiller said in Cerber virus/ransomware making the rounds...:

      @wirestyle22 said in Cerber virus/ransomware making the rounds...:

      @scottalanmiller said in Cerber virus/ransomware making the rounds...:

      @wirestyle22 said in Cerber virus/ransomware making the rounds...:

      @Nic said in Cerber virus/ransomware making the rounds...:

      @Dashrender said in Cerber virus/ransomware making the rounds...:

      @Nic said in Cerber virus/ransomware making the rounds...:

      @JaredBusch said in Cerber virus/ransomware making the rounds...:

      @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

      @Kelly said in Cerber virus/ransomware making the rounds...:

      @Rob-Dunn said in Cerber virus/ransomware making the rounds...:

      Another cool thing that we're going to be doing, but not as a result of this infection, is evaluating and maybe implementing Cylance in lieu of Trend on our systems.

      I'm not sure if it's appropriate to say, but their engine seems revolutionary.

      What makes you say that Rob?

      Mostly that it's not conventional scanning, but instead it analyzes what the files do rather than just signatures or patterns. The closest comparison I can come up with is the way Android app permissions are broken down in the app store - - it can identify if a file's threat by the characteristics contained therein. Here's an analysis of the FreeConferenceCall.com installer:

      I really want to see a good comparison of Webroot and Cylance from someone not related to either company.

      My problem with Cylance was that there was no small business pricing. they started at something like 1000 licenses at their SpiceWorld 2015 demo. Only knocking it down to 500 during the show.

      Hopefully the testing companies will get there eventually. They're all so geared towards signature detections and it's hard to get them to change. That's why we don't show up in some of them, as they won't come up with a methodology that better reflects what we do.

      I liked Cylance's demo - go to totalvirus, download the last 100 uploaded viruii, and run them.

      That's a good start, but it's tough to truly get a zero day virus that hasn't been seen yet, for a real world test. If it's on virustotal then it's already been identified as a virus by most of the AV companies.

      No way to get around it entirely

      Run them side by side in the real world (honeypot kind of thing) and test.

      No I mean zero day viruses

      Me too.

      I don't have faith either would do the job

      Isn't the other choice... neither, though? Will "none" do the job?

      That's definitely a question

      What I mean is... certainly trust nothing for zero days, protect as much as you can. But part of that would be getting the best AV that you can. It's part of the security picture.

      Agreed

    • iroalI

      Ransomware Petya encrypts hard drives

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion ransomware virus mbr
      6
      1 Votes
      6 Posts
      2k Views
      AmbarishrhA

      Petya ransomware victims can now unlock infected computers without paying.
      http://www.bbc.com/news/technology-36014810

    • M

      Examples of Malware My Clients Once Fell Victim to Include...

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion malware virus security
      4
      1 Votes
      4 Posts
      2k Views
      scottalanmillerS

      @Dashrender said:

      When I was first hanging my own shingle as an IT consultant we were suggesting to all of our clients that they should purchase and install AV everywhere.

      Even in the 1990s that was ridiculous. How does someone manage to get enough money to start a business or hire an IT consultant but doesn't have the brain power to use AV?

    • AmbarishrhA

      Webroot, Infected PC

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion webroot virus
      7
      0 Votes
      7 Posts
      2k Views
      NicN

      @Ambarishrh Glad to hear that did the trick!

    • DustinB3403D

      TeslaCrypt meet TeslaCrack

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion ransomware teslacrypt teslacrack malware virus
      1
      7 Votes
      1 Posts
      1k Views
      No one has replied
    • DashrenderD

      Offline virus scanner - what do you use?

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion virus
      29
      1 Votes
      29 Posts
      5k Views
      DashrenderD

      @anonymous said:

      Tron

      Lightcycle

    • AmbarishrhA

      Laptop infected with virus- Webroot to the rescue

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion virus webroot antivirus malware windows threatcleanupstory
      17
      4 Votes
      17 Posts
      4k Views
      JaredBuschJ

      @Ambarishrh said:

      @nadnerB Thank God i could remote it and do the things required, otherwise would be driving a bit far to do this! 🙂 Thanks to screenconnect, i was actually evaluating screenconnect as my go to tool for remote support, one thing i noticed is few windows message screenconnect didn't allow me to click ok to proceed, at that time it just shows that i am connected but not the guest. Used Teamviewer free for that to complete that action, so i have second thoughts about screenconnect!

      When ScreenConnect is running as an admin process, you can click everything.

    • scottalanmillerS

      Do We Still Need File Protocols Today?

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion storage smb nfs cifs file server nas security ransomware cryptoware malware virus afp netatalk afs
      27
      3 Votes
      27 Posts
      6k Views
      DashrenderD

      @scottalanmiller said:

      Where DNS != DNS

      That was CONFUSING

      I knew exactly what @scottalanmiller issue was when I read his post.. I updated my post for clarity.

    • NicN

      Analysis of Cryptowall 4.0 from the Webroot threat team

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion webroot virus cryptowall malware security
      4
      2 Votes
      4 Posts
      2k Views
      DustinB3403D

      Some people would rather have their toes chewed off by rats that be held hostage by a clown.

    • 1 / 1