Jump to content

David H. Lipman

Experts
  • Content count

    12,971
  • Joined

  • Last visited

  • Days Won

    1

About David H. Lipman

  • Rank
    Dave

Contact Methods

  • Website URL
    http://multi-av.thespykiller.co.uk

Profile Information

  • Location
    Jersey Shore USA
  • Interests
    Malware Research, dSLR Photography, Numismatics & Surf Fishing

Recent Profile Visitors

100,418 profile views
  1. David H. Lipman

    Ransomware question

    Yepper. Any files can be encrypted as long as the File Handle is not held open by a program and where the process has sufficient privileges on the file. This is easily proven on Windows on a NTFS drive. Just Right-Click on a very large file ( such as a multi-Gigabyte Outlook PST ) and choose; Properties --> Advanced And check the box "Encrypt contents to secure data" After you "Ok" the process, the file will then be shown "Green" in Windows Explorer indicating it has been encrypted using the Windows Encrypting File System by a system created Personal Certificate in your Certificate Store. The only constraint is time as the time to take to encrypt file or folder(s) is a function of the file or data set size. This depends on the crypto trojan and whether the file type ( based upon file extension ) is in its Target List. The encryption will be possible but it may not be targeted.
  2. David H. Lipman

    No Network Access but Internet works fine?

    No kidding ? W o W ! I am glad you now have a resolution.
  3. David H. Lipman

    security alert scam

    johnnycchops: Please review the thread nukecad has presented. In it I discuss a vert similar site. The most important concept here is that it has nothing to do with any software on your PC and thus there is nothing for MBAM to "detect". The content you saw is nothing but a malicious web site and at most IFF MBAM knows the IP address or URL, the site can be blocked. If you have the URL from your Browser's History, you can submit this malicious FakeAlert in Newest IP or URL Threats after reading; READ ME: Purpose of this forum
  4. Some files encrypted is way better than all files being encrypted. There must be something different about that ONE PC where the crypto trojan was able to run rampant. You can also use this opportunity to strengthen and modify your backup agenda. I perform monthly whole drive imaging of all drives and more frequently just data to Memory Cards and to an external USB hard disk. I suggest you visit; https://id-ransomware.malwarehunterteam.com/ There you can upload a encrypted file and/or a "Your files are encrypted notification" to get a handle on the actual crypto trojan and possibly even obtain a Decryption utility.
  5. This thread was originally in in Malwarebytes 3 Support Forum Why was it moved here ? If there is a sample to be harvested it should have been Newest Rogue-Ransomware Threats Do you have a sample of this ransomware to submit dhskier ?
  6. David H. Lipman

    No Network Access but Internet works fine?

    Can you access http://www.msftconnecttest.com/connecttest.txt ? NOTE: I have had systems that could access the above but the icon still shows "No Internet Access" when it truly was. Here's an experiment... Create another Win10 account. Logon to that secondary account. Same icon issue ?
  7. David H. Lipman

    No Network Access but Internet works fine?

    Interestingly enough, the system checks communication with... http://www.msftconnecttest.com/connecttest.txt Which simply returns "Microsoft Connect Test" IFF it reads that, it considers the PC to have an Internet Connection.
  8. David H. Lipman

    Why website security should be a major concern ?

    Are you asking or are you making a statement ?
  9. David H. Lipman

    No Network Access but Internet works fine?

    OK. Another idea... Open a Command Prompt ( CMD.EXE ) with Administrative Privileges and enter netsh int reset When it is completed, reboot the PC Reference: https://www.howtogeek.com/194041/how-to-open-the-command-prompt-as-administrator-in-windows-8 or 10/ https://www.thewindowsclub.com/how-to-run-command-prompt-as-an-administrator
  10. David H. Lipman

    Trojan:097m/dplink.a. severe

    Trojan:097m ==> Trojan, Office 97 Macro I doubt that is a False Positive Samuel. george57: That means that if you are using MS Enterprise on 10 systems, you are on a corporate network and you need to seek corporate support for what is most likely malicious Microsoft Office documents received via email. MBAM does not target Documents or scripted malware. This is a the retail product support sub-forum, the Malwarebytes support for businesses is located in; Malwarebytes for Business Support
  11. David H. Lipman

    Is she paranoid?

    Yes. But do it tactfully and respectfully.
  12. David H. Lipman

    No Network Access but Internet works fine?

    I don't know why Win10 is making the erroneous declaration. Instead of Turning-off and On the router and PC. There is something else to try. Intel Ethernet Interface software provides a capability to change the way the device connects to a network. There is 1Gb/s, 100Mb/s Half Duplex & 100Mb/s Full Duplex and 10Mb/s Half Duplex &10Mb/s Full Duplex We can change this from the POV of the PC's Network Interface and we can change this from the POV of the Router. Follow the directions up to Step #3 in the following https://idoc.vsb.cz/xwiki/bin/view/tuonet/sit-nastaveni/tcp-ip/tcp-ip-win10/?language=en However instead choose "Configure" under where it shows Intel(R) Centrino... You will get a dialogue such as the below. Then Choose "Link Speed". The objective is to change this which will force the way the PC connects to the Switched Ethernet Port on the Router. If it is at 1.Gbps as in the below graphic, change the "Link and duplex" to 100Mbs Full Duplex. That should disconnect the PC from the network and renegotiate a connection with Ethernet switch on the Router. Then see HOW THE PC reacts with the Windows 10 system Tray Connection Icon. ** Conversely, we can do this from the POV of the Router by looking a what LAN Port on the Router the PC is connected to and change the Router software to change the Link Speed at that Port. The preference is for the POV of the PC so the Windows OS can react "more" to the changes.
  13. David H. Lipman

    No Network Access but Internet works fine?

    Yes. Either the driver is installed and works or it doesn't. If you accessed the Internet then the LAN Driver was a wrong route. Have you Logged Off and then Logged On or Rebooted ? What is the Make and Model of the Network Interface ? ( ex: Intel Gigibit Ethernet model ####### ) How is the PC connected to the Local Area Network ? ( Ex: Ethernet cable to Router with the Router LAN port at 1,000 Mb/s )
  14. David H. Lipman

    No Network Access but Internet works fine?

    There is no "driver" to update. If it was a network Interface problem that does have a Hardware Driver, you would not have Internet access at all. It is a Logic Error in the OS where it comes to a faux conclusion and thus displays the erroneous information. Proven to be erroneous by actual Internet Access. I have seen this with Windows 7 all too often. Is this Windows 7 ? Have you Logged Off and then Logged On or Rebooted ?
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.