New
#1
WIN 10 Pro let a Trojan in,why?
Windows 10 Pro ( 10.0.19041 Build 19041) Defender let in Trojan: Win32/Blutealifrn into my computer.
When selecting actions,Defender did not remove it or even attempt to remove it.
Why?
Windows 10 Pro ( 10.0.19041 Build 19041) Defender let in Trojan: Win32/Blutealifrn into my computer.
When selecting actions,Defender did not remove it or even attempt to remove it.
Why?
Take a look at the solution there:
How to remove Win32/Bluteal.B!rfn Trojan - virus removal instructions (updated)
Win32/Bluteal.B!rfn is a password stealing virus, a banking malware and a spyware. Malwarebytes (MB) free trial is your best bet to get rid of it. Avoid opening unknown emails.
There is no why, you're infected and you must take action.
Take care,
I got ride of it via MB's software I downloaded already. I'm just disappointment it was not caught . I never open any emails if I do not know who they are or spam.
You might want to try this extension then, it might stop it before it even gets into the computer.
https://www.malwarebytes.com/browserguard/
Secure DNS might also block some malicious links and connections and it can even speed up browsing.
Quad9 DNS: Internet Security and Privacy in a Few Easy Steps
IPv4 and IPv6 Anycast DNS Firewall and Resolver
UltraDNS Public | Neustar
Modern malware in all it's forms has become very sophisticated and a high priority is evading detection. The goal is to evade detection by the best AV software with the latest updates. It happens often enough to continue creating malware.
Malware has developed many tricks to evade detection and new ones are being developed all the time. One is the "Army of malware" approach. The same software has a large number of variations that make it look different to security software. This makes detection much more difficult. Methods of getting around this have been developed but they can be fooled and the malware gets through.
Another problem is that security software can't be too aggressive in detection or it will produce a large number of false positives and that isn't good either.
You don't have to down;load software or open infected email to get a malware. You can get it just by visiting an infected website. This can happen even with highly trusted websites. Even commercial software can be infected. It is rare but it has happened.
If you want to prevent such problems in the future consider setting up mpengine "Block at first sight" feature.
It will stop files from running up to 60 seconds until file is scanned for malware in cloud on Microsoft servers instead on local machine (your computer)
This setting is disabled by default and can be enabled in group policy editor.
If you do not frequently install new software it's recommended to set mpegine to generate hash signature of scanned files for performance reasons.
- - - Updated - - -
Btw. here is how to enable this:
Computer configuration\Administrative templates\Windows Components\Microsoft Defender Antivirus\MAPS
Join Microsoft MAPS (Enabled)
Send file samples when further analysis is required (Send safe samples)
Configure the 'Block at First Sight' feature (Enabled)
Computer configuration\Administrative templates\Windows Components\Microsoft Defender Antivirus\Real-time Protection
Scan all downloaded files and attachments (Enabled)
Turn off real-time protection (Disabled)
Computer configuration\Administrative templates\Windows Components\Microsoft Defender Antivirus\mpengine
Configure extended cloud check (50)
- - - Updated - - -
If desired:
Computer configuration\Administrative templates\Windows Components\Microsoft Defender Antivirus\mpengine
Enable file hash computation feature
Microsoft has commitment issues. It's the weirdest thing to watch and even weirder how the majority of users are good with this.
Let's back up.
(RANT ON)
Windows 10. When it was released -- it was released way too early. It was like a partially new operating system design glued onto an older OS which, itself, was glued on top of an older one.
Commitment issue: are you introducing a new updated OS, Microsoft, or not. It's like they only half committed in case people hated it. To this day they're still working on updating core parts of the OS (Explorer, Settings) as if these things should haven't been updated on day one. It's mind-boggling.
Defender. I've said it before and I'll say it again: why does it offer 'Quick Scan' and 'Full scan'. Doesn't EVERY user want a complete scan? Always?!? "Gee, Doctor, I don't want you to see if I actually have cancer. I just want you to do a quick blood test and see if I might maybe kinda sorta could have it." WTF.
It's been my experience Defender (or Windows Security... because they can't even commit to a name for the thing) finds hidden items better with FULL SCAN. Or what might as well be called an ACTUAL COMPLETE scan. Commitment issues.
Here's another one. Windows 10 Home vs. Windows 10 Pro. Earth to MS: commit to Pro and simply call it... wait for it... Windows 10. I mean don't you clowns want to offer the most 'Pro' OS you have? I get the other versions for Enterprise and such -- but seriously -- commit to one OS and GO with it.
Yet another example: Video Editor. There's a new (experience?) called Video Editor. Just showed up in a recent update. A Windows app that allows you to edit together basic videos. Yay.
But does it have its own app? Nope. That would be too much commitment from Windows. And so it's hiding inside of the Photos app. Makes a lot of sense to do that... said nobody ever.
Can't wait for the new Calendar app to be featured inside the calculator app.
(RANT OFF)