Questions tagged [malware]

Malware is any software application which subverts the will of the legitimate owner of a computer, by means of force or subterfuge, with or without personal or monetary gain on the part of the creator.

"Malware" is a portmanteau of "malicious" and "software"

Common forms of malware include:

Botnet clients, which grant the malware author some degree of control over the compromised operating system and are generally employed in sending spam e-mail and may be rented out to perform DDoS attacks.
Data exfiltrators, which collect and transmit data about the computer they reside on back to the creator. These are commonly used to target login and account details for financial, social networking, and gaming websites.
Rogue Utility Applications, which attempt to use scare tactics in order to entice the computer's user to purchase the "full version" of the Rogue Utility.
Adware, which causes advertisements to appear on the user's desktop, in webpages, or elsewhere.
Rootkits, which attempt to conceal the presence of both the root kit and (usually) an accompanying piece of malware from another category from standard system tools and diagnostic utilities.

333 questions

votes

3 answers

Can "wannacrypt" (wcrypt) spread via Linux server serving over SMB?

Is it possible, or will this only spread via a Windows machine serving over SMB? If Linux serving over SMB can spread wannacrypt, what's the approach to take?

asked May 13 '17 at 07:19

fredrik

votes

2 answers

Rootkit Revealer is failing to run, why?

On a user's laptop (Windows 7 x64), terrible performance led me to suspect a rootkit after ruling almost everything else out. I checked boot entries with Autoruns and ran a full scan with Malwarebytes, and both came up more or less clean. I…

malware rootkit

asked May 10 '13 at 13:19

Bigbio2002

2,823
12
35
54

votes

3 answers

Virus that tries to brute force attack Active Directory users (in alphabetical order)?

Users started complaining about slow network speed so I fired up Wireshark. Did some checking and found many PCs sending packets similar to the following (screenshot): I blurred out the text for the username, computer name and domain name (since it…

security active-directory kerberos malware brute-force-attacks

asked Mar 17 '10 at 22:48

Nate Pinchot

votes

5 answers

Securing Acrobat Reader to mitigate viruses

Aside from patch updates, is there any way to mitigate the risks with adobe reader exploits? Frankly, I don't know how most reader exploits work. However, is there any functionality that I can disable in reader that will make it more safe from…

security malware adobe-acrobat

asked Feb 26 '10 at 20:31

Brett G

2,033
2
28
45

votes

1 answer

How to identify this mysterious Windows service

The name of the service is a 32-digit hex number. It might be randomly generated, since a Google search on the number did not find anything. It points to an EXE file which also has a hex number as name, in a folder which also have a hex number as…

windows malware

asked Apr 26 '17 at 08:34

JacquesB

votes

1 answer

Does anyone recognize this e-mail sniffer or malware using ROT13 encoding?

I have a private website that every week sends e-mails with two different http links to a group of around 30 people. When a link is clicked, the answer is registered in a database. Starting last week, one of the recipient's links is automatically…

email malware

asked Feb 04 '14 at 13:41

Anlo

votes

3 answers

Can a virus spread through a network share used by an RDP connection?

When connecting to a Windows Server (2003 or 2008) desktop through RDP from a local Windows (7 or XP) PC with networks shares enabled (usually, the local C: disk will be shared with the remote server), is there a real chance that a virus infects the…

windows-server-2008 windows-server-2003 malware

asked Oct 11 '11 at 11:42

Olaf

votes

5 answers

Kids + older computers + our network at the office: Security risk?

On occasion, some of my coworkers feel compelled to bring their children to work with them. (I feel compelled to smack them, but that's probably a topic for Parenting.SE.) To ensure that the brats^H^H^H^H^H children stay out of everyone's way, my…

networking security malware

asked Apr 13 '11 at 03:03

eckza

votes

4 answers

Is this is a malware invocation of Powershell?

I got a file that was .avi at the fist glance, but then I found out that in fact this is a .lnk file, but it was too late. And the target element attribute of that file is C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoPr -WINd 1 -eXEc…

malware

asked Nov 05 '18 at 17:45

Yoda

votes

3 answers

Is it possible to check the progress of of a currently running clamAV scan?

I have searched around but not found a possible solution to this so far. I have an ongoing scan which I thought would've been finished at certain time, but unfortunately it has not. So I am wondering if there's a way to check the scan progress of…

anti-virus malware clamav

asked Feb 26 '16 at 09:18

Dark Star1

1,385
7
22
37

votes

12 answers

Hardening a financially critical Windows computer

One of the risks to small and medium businesses is losing your bank credentials to bad guys by use of a key logger or other malware as Bruce Schneier blogs about. A particular threat is real-time key loggers as described in the NY Times. The…

windows security windows-xp malware

asked Aug 26 '09 at 17:58

Knox

2,463
2
26
34

votes

1 answer

ClamAV and MalDet - Are these quarantined or infected?

Learning about hardening my VPS, I installed ClamAV and MalDet, using both for a few months. Tonight, I decided that, instead of just checking home I'd check the entire VPS other than "/sys". This was the…

malware clamav

asked Mar 23 '17 at 03:19

Steven Ventimiglia

votes

1 answer

How to scan for Windows viruses on Linux servers?

I have a CentOS server storing files for windows users. How do I scan for windows viruses in these files, and meanwhile prevent quarantine and other measures? I do not want the files altered in any way, and would prefer if it can be done purely in…

linux windows centos anti-virus malware

asked Oct 12 '16 at 22:39

DannyZB

votes

3 answers

Some questions about the Microsoft Windows Malicious Software Removal Tool (MRT)

Does this program automatically run? If so, when and how often? Is it automatically updated? How do you disable it? How can you tell if it is running? What versions of Windows is it installed on?

anti-virus malware windows

asked May 10 '09 at 17:27

Charles Faiga

votes

2 answers

High CPU load on Centos with process sync_supers

My centos server has high cpu load right now. Please see the Htop output below. sync_supers is very suspected but I don't know how to kill it. Any suggestions?

centos malware

asked Nov 12 '14 at 19:51

Tester

Prev 1

…

22 23 Next