Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/
Thank you for your understanding.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/
Thank you for your understanding.
Malware infection (Windows 7/10/NT / Mac / Linux / Chro(miumO)s / Embedded
Options
To whom it way concern,
It might be your computer or server may be compromised by some evil program code and be used for some more compromising. Please check your server on some hidden or deleted folders made by arachni tool. Some folders may have logs of sql and other database brute-force attempts.
The folder can have a name of an employee working, but it is not made by this person. If your antivirus finds a folder with brute force attempts or php/perl file with , for example If ($C=$C|POST[$A]$C*$C.. it may be compromomised and the person should be investigated, but not charged immediately, maybe but on paid leave.
Check the videocard firmware, init or systemd with keyloggers or $ARG[0] statements for injecting from fimware or open ports. please check for running in a VM by checking processors, pci routing, dma fences, irq routing, temperature, fans spinning, ultrasound, infra red, sensors.
Check for openoffice/quickoffice/libreoffice/office360 and xml and rels files. They may be compromised by vba scripting and/or jpg/avi/png/jpeg/jfif/ exif and ihdr. Also PDF/PS/AI files may be compromised by JS (obfusicated) scripting. also look for 456789!@$% and other code. watch out for inline pdf forms and onclick events.
This malware hides by glibc++ and check for strings in root directory or boot directory. Firefox and Chrome /Safari (Blink/Webkit/Gecko are compromised and will install firmware udate. watch out for xulrunner. xul is evil!! openoffice idem when using xul. Check for overlays of Chrome when actually running Firefox/ecosia/opera Check for files of Marionette (blackmail) and omnia.js , check omnia for dictionaries and uncompress and see.. you may be surprised..
If your browser is compromised, you will only get addons who are compromised.. not original.. check archives and verson number... for example chromeos or chromium os with version 3.1.6 in 2015 cannot be replaced by 3.1.1 in 2021.. should be > 5.
and filesize is the same. Also check the stars and downloads. Also the name of the producer.. www.google.com /google.com /google is fake. check by google and see results. also it should be a correct link like: Google LLC , with link to google original website. check for coding like stolen from everywhere.. Polymer3/SPDX/ (links to zendesk(it is from them)/Ruby (On Rails)/Perl/PHP/Python2/python3/ASP.NET and other clownesk coding. Check for sharing and tor connections/ Ubuntu upstart by ChromeOs (no Ubuntu -> Gentoo, check portage)
Check for VMS by quickoffice/ nexe files/pnacl/ ARC++ (hdmi streaming) GAIA Id or AD id. also email and android SDK 26+ . Check for enrollment and if your account is enrolled. check for MessageLog , it will show also your non enrypted whatsapp messages. Also check app-internals check if they are enrolled or managed.
They are still managed if the code states: {['notmanaged'],['managed']}
Check for ports 5252, 9002, 9090,5080 5006, SIP connections, port 59 tftp, check for 5008,5009,5016udp/tcp also port 53 udp juniper. port 22, 9022, 6022. I can continue, but I think this is it for now...
Can prove more at a later stage..
It might be your computer or server may be compromised by some evil program code and be used for some more compromising. Please check your server on some hidden or deleted folders made by arachni tool. Some folders may have logs of sql and other database brute-force attempts.
The folder can have a name of an employee working, but it is not made by this person. If your antivirus finds a folder with brute force attempts or php/perl file with , for example If ($C=$C|POST[$A]$C*$C.. it may be compromomised and the person should be investigated, but not charged immediately, maybe but on paid leave.
Check the videocard firmware, init or systemd with keyloggers or $ARG[0] statements for injecting from fimware or open ports. please check for running in a VM by checking processors, pci routing, dma fences, irq routing, temperature, fans spinning, ultrasound, infra red, sensors.
Check for openoffice/quickoffice/libreoffice/office360 and xml and rels files. They may be compromised by vba scripting and/or jpg/avi/png/jpeg/jfif/ exif and ihdr. Also PDF/PS/AI files may be compromised by JS (obfusicated) scripting. also look for 456789!@$% and other code. watch out for inline pdf forms and onclick events.
This malware hides by glibc++ and check for strings in root directory or boot directory. Firefox and Chrome /Safari (Blink/Webkit/Gecko are compromised and will install firmware udate. watch out for xulrunner. xul is evil!! openoffice idem when using xul. Check for overlays of Chrome when actually running Firefox/ecosia/opera Check for files of Marionette (blackmail) and omnia.js , check omnia for dictionaries and uncompress and see.. you may be surprised..
If your browser is compromised, you will only get addons who are compromised.. not original.. check archives and verson number... for example chromeos or chromium os with version 3.1.6 in 2015 cannot be replaced by 3.1.1 in 2021.. should be > 5.
and filesize is the same. Also check the stars and downloads. Also the name of the producer.. www.google.com /google.com /google is fake. check by google and see results. also it should be a correct link like: Google LLC , with link to google original website. check for coding like stolen from everywhere.. Polymer3/SPDX/ (links to zendesk(it is from them)/Ruby (On Rails)/Perl/PHP/Python2/python3/ASP.NET and other clownesk coding. Check for sharing and tor connections/ Ubuntu upstart by ChromeOs (no Ubuntu -> Gentoo, check portage)
Check for VMS by quickoffice/ nexe files/pnacl/ ARC++ (hdmi streaming) GAIA Id or AD id. also email and android SDK 26+ . Check for enrollment and if your account is enrolled. check for MessageLog , it will show also your non enrypted whatsapp messages. Also check app-internals check if they are enrolled or managed.
They are still managed if the code states: {['notmanaged'],['managed']}
Check for ports 5252, 9002, 9090,5080 5006, SIP connections, port 59 tftp, check for 5008,5009,5016udp/tcp also port 53 udp juniper. port 22, 9022, 6022. I can continue, but I think this is it for now...
Can prove more at a later stage..
0
