Jump to content

David H. Lipman

Experts
  • Content Count

    14,108
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by David H. Lipman

  1. There is no such thing as a "rootkit virus" just like there is no such thing as a Chevy Ford. RootKits are a type of trojan. Viruses and trojans are sub-types of malware just like Chevrolet and Ford are types of automobiles.
  2. None of those symptoms are from malware. Malware is either stealthy such that it can perform the objective of the payload in secrecy for as long as possible or is self evident, such as the subtype of trojans called "adware", by Pop-Ups, consistent redirection to specific sites, etc. There is a subtype of semi-malicious utilities that are classed as "Jokes". They may open a CD/DVD drive, etc. There is no malware that resides in the BIOS at this time. If you think you are truly infected we will close this thread and you'll create a new post requesting that you need assistance in verify if your PC is infected or not. In that post, do not post any conclusions. Just post that you request assistance in verifying your system and nothing else.
  3. You'd have to post the exact problems as they occur and analyze each. If you reinstalled the OS, it's too late. Is this a Desktop or Notebook/Laptop computer ?
  4. The OS marks the construct as a part of the System and is Hidden. This is not a virus. That's a faux conclusion. In fact on 99% of malicious files calling it a "virus" is a faux conclusion. The terminology "virus" is overly used and very much abused. All viruses are malware but not all malware are viruses. The vast majority of malware are trojans. To be a virus the malicious code must be able to self replicate. That is to be a virus the code must be able to spread from "file to file", "file to system" , "system to system" or "system to file" autonomously. Trojans need assistance to spread. Malware does not create the Recycle Bin. It is an Operating System Construct. You stated " its somehow associated with virus ". No malware has been identified to draw that conclusion.
  5. Fake notification from a website and it eminates from the 'net and NOT from your PC. A true Anti Virus application that scans and detects scripted malware would detect this as a HTML.FakeAlert ( aka; TechBrolo ). I have created a 1series of videos generated from these fraud sites for the purposes of recognition and education. They are all videos from real web sites. ALL are FRAUDS. All these have one thing in common and they have nothing to do with any software on your PC. They are all nefarious web sites meant to defraud you of money. The objective is to, falsely, goad you to make the phone call and pay for some service contract for an incident that never happened. From there they may continue to charge your Credit Card for other services, remote into your computer and do real damage and/or exfiltrate your personal data and they may use the information they obtain from you to commit additional frauds. MalwareScam.wmv MalwareScam-1.wmv MalwareScam-2.wmv MalwareScam-3.wmv MalwareScam-4.wmv MalwareScam-5.wmv MalwareScam-6.wmv I have also created a PDF ScreenShow of a myriad of FakeAlert screens - FakeAlert-Screens.pdf Reference: US FBI PSA - Tech Support Scam 1. Also located at "My Online Security" - Some videos of typical tech support scams
  6. That is correct ! However if they were using a CAC or FIPS-201 compliant Federal PIV they would enter a PIN that would be shorter than a password and the dialogues would be associated with Pubic Key procedures. Even the entity logo is wrong. Most likely the dialogue would not show a DoD logo but a subordinate organizational logo such as; DISA, DIA, Army, Navy, etc. and state that it is a Department of Defense Computer System and it would also state the system's classification level.
  7. BIOS malware is too difficult due to that fact there are many logistical obstructions starting with; the motherboard manufacturer, the EEPROM chipset used, the BIOS checksum verification process and the implementation of the Trusted Platform Module ( TPM ) . There have been cases of what is called the The Insider Threat. There was a case some years back where a disgruntled employee inserted code into a BIOS routine that played the PC speaker ( I can't recall what the tune was ). However, there have been "lab experiments" ( I believe performed prior to TPM implementation ) but only targeted one particular platform from a Chinese manufacturer. You will find that when it comes to malicious activity "Greatest Bang for the Buck" is the philosophy so the malicious actors will implement a methodology that serves to reach the most amount of prospective victims in the shortest amount of time. That precludes the BIOS vector. NOTE: The exception being a targeted attack against a High Value Target by a state sanctioned IC.
  8. It may be a network issue as well. It should not take 30 secs from the time you hit "send" to the time a PM reply is made. I also have an issue with a PM thread. If it is sent to me I can reply to that thread. However when I search for the the PM thread its not in my messenger.
  9. Forum is running "badly". Slow to reply to a PM, random errors and unable to access the Forum.
  10. OK - I am back in the Experts Forum group and I can attach again. However, I still can not modify my Avatar. All I can do, based upon the above, is to remove what I have by choosing "No Photo".
  11. Lost the Dark ( Gothic ) Theme ( preferred ), the ability to attach and the ability to change personal avatar. Also... What is with the Alphabet Soup of Avatars ?
  12. STILL A PROBLEM with NO FEEDBACK from Forum !!! https://forums.malwarebytes.com/topic/203739-httpwwwskinscamcommax-alpha-boost/?do=getNewComment Click on it and you'll get... This particular one is not new. This one has reoccurred on three occasions and continues to resurface.
  13. It is now ~ mid July and not only has this topic NOT been popped off the queue but the problem still exists !
  14. For those reading this thread... I sent the PM as requested. It is now ~mid July and there has been no contact from the Malwarebyte's legal team. They NEVER contacted me!
  15. joshkmartinez: Are you still with us on this topic ?
  16. marysimsbury: Please realize that the sub-forums on the Malwarebytes' Forum are compartmentalized based upon functionality and mission. Each sub-forum has a specific goal in mind. This sub-forum is specifically geared to assist with problems with the Windows OS where it concerns the OS Kernel and failures to stay quiescent and where the system goes into crash situation resulting in a Blue Screen of Death ( aka; BSoD ) result. What you have expressed is not associated with that kind of subject matter and thus the subject matter is Off Topic for this sub-forum What you have expressed is that your "...state-owned computer was hacked. " That is a presumption on your part but more importantly is the system's ownership and role. Any Government Furnished Equipment ( GFE ) or corporate equipment is owned and operated by a central IT group which is a part of that entity. As such any support that can be provided here at the Malwarebyte's Forum is extremely limited. As GFE, you really can not take matters in your own hands and MUST go through their IT Support Channels. The Free services provided by the Malwarebytes' Forum are meant for the home user/consumer. Corporate product users have the Malwarebytes' Business support unit to get assistance from. There just is no support for GFE and Malwarebytes' can't help you with their systems unless the Gov't entity has a contract with the Malwarebytes Business unit and the Gov't entity has authorized Malwarebytes' assistance.
  17. We also need to know the Make, Model and Size of the SD card as there are variations of the card and thus compatibility issues between Card Readers and the types of SD cards
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.