New ransomware abuses Windows PowerShell, Word document macros

Discussion in 'malware problems & news' started by ronjor, Mar 25, 2016.

Page 2 of 2
  1. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    instead of using the word etc. can you be nice to print entire list of exe's?

    thank you.

    as I was not aware of cscript and more.

    Ironically i am soon to test sdefend, but I prefer not to overload myself with third party tools and instead use built in windows Protection/hardening and a very limited set of 3rd party tools when possible, this is to avoid conflicts, bloat, etc.

    My initial testing of radar no exe pro software isnt great, I had issues like config randomlly disappearing and random times when exe works and then does not work, I found if brute force try to start exe radar no exe pro gets overwhelmed and allows it. Not good. Whilst SRP is at least consistent but does have buggy dll protection. Applocker for me is by far the best of the 3 but microsoft stupidly made it corporate only so is a no go.

    The 2 reg keys are now hardened in that I removed rights for my user to modify/delete them.
     
    chrcol, May 11, 2016
    #26
  2. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,367
    Location:
    Italy
    Sampei Nihira, May 22, 2016
    #27
Page 2 of 2
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...