This is probably not the right community but I haven’t found a better one.

So I watched a video from Seytonic where he mentiond that some malware creates a windows link with the name of the usb on a usb. So I checked my usb because I remembered that I had to click 2 times on my usb to opened it. I found a link that contained cmd.exe and a name of a file next to it. Upload to the virustotal showed Raspberry Roblin worm.

I use Linux but my familly uses windows so I will have to go through all familly computers and remove the worm. Where can I find info how to remove this specific worm - Raspberry Roblin? On google I found a description about how the worm works but not specific files it creates and how to remove it.

The first page that shows up is microsoft.com and it says that windows defender detects the worm, but clearly it doesnt.

Edit: The worm was on one computer and it did not have windows defender installed. Seems like malware removed it and also disabled automatic updates. I installed MalwareBytes and sucessfully removed the worm :)

      • davel [he/him]@lemmy.ml
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        I think this is poor form, and I won’t be surprised or sad if your one-person instance gets defederated by other instances for this kind of behavior.

        • Saik0@lemmy.saik0.com
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          6 months ago

          Any serious security expert is not a Russophobe

          Categorically wrong. One of the core focuses many security experts care about IS government overreach/interference. Governments are one of the leading pressures for software vulnerabilities/backdoors. Doesn’t matter that it’s Russian, because this isn’t a “Russophobe” stance. However, Russian and Chinese interference is usually on a much larger scale than other countries and typically has a much higher amount of scrutiny than other countries because of this fact. Due to those countries policies it’s hard to trust code that comes out of either country.

          https://www.cnet.com/news/privacy/kaspersky-lab-russian-hacking-us-government-national-security-faq/

          “The case against Kaspersky Lab is overwhelming,” Sen. Jeanne Shaheen, a Democrat from New Hampshire, said in a statement. “The strong ties between Kaspersky Lab and the Kremlin are alarming and well-documented.”

          Isn’t it funny that many other Anti-viruses don’t seem to have these issues?

          Case and point from other countries on the government pressure argument.
          https://www.wired.com/story/australia-encryption-law-global-impact/
          https://www.atlasobscura.com/articles/a-brief-history-of-the-nsa-attempting-to-insert-backdoors-into-encrypted-data
          https://www.bloomberg.com/features/2021-supermicro/

          Many countries have these issues documented when interference happen. You know which ones don’t? The ones that you lemmy.ml shills usually defend. That’s not because they’re not doing it by the way.

          Damn… And you’re a mod here? Anyone know of another community that is privacy focused and isn’t on lemmy.ml? A mod that doesn’t understand that closed source software with known ties to government entities is a problem.

          Hell this isn’t even a “Dumb American” stance either (forget that I hold an eastern EU citizenship). https://en.wikipedia.org/wiki/Kaspersky_bans_and_allegations_of_Russian_government_ties has a whole section of “Concerns raised by other governments”. Virtually all of the EU also has this concern with Kaspersky. Additional countries included… It’s at the very least ODD that a company has such ties to a government. And the sheer PARANOIA that all “serious security experts” hold would immediately bar most of them from using the software due to that fact alone.

          Hell it’s even typical for a security professional to outright block ALL Russian and Chinese internet traffic for their platform. Just because it’s not worth the effort to deal with those countries and all the risks that come with them. But right! This must be “Russophobe” and no “serious security expert” has a problem. You’re full of it dude(tte).

          You are not one of those serious security people.

          News to me… I guess I should turn in my CISO position. Who’s going to tell the R1 college that I taught at for years? All those thousands of students, many of which still reach out to me regularly and have made it quite far in industry?.. Hmm… Oh and it’s not an “appeal to fallacy” or any other logical fallacy when it’s me defending my own status from a bullshit claim.

          Edit: for any non-admin 3rd parties wondering who downvoted me… 100% of those votes at the moment is lemmy.ml or lemmygrad.ml. Take with that what you will. To me that screams “How dare you talk facts about the motherland” vibes.

          Edit2: Oh they also edited their post to seem more normal… Their original post said

          Any serious security expert is not a Russophobe and regards Kaspersky as the best commercial tool provider for malware analysis, based on merit and not on nationality. You are not one of them. I do not trust Bitdefender, Norton, McAfee and other western companies with CIA backdooring, and since CIA does use metadata to kill people (just like Yemen or Palestine), it is a clear cut choice.

          So basically ANY software not Russian, you seem to not trust. Claim it’s on merit… But only point out nationality. Don’t you find that odd that Russia can’t do no harm either? Even though other companies do not have as clear cut ties to their governments?

            • Saik0@lemmy.saik0.com
              link
              fedilink
              English
              arrow-up
              0
              ·
              6 months ago

              This nonsense is largely invented by Democrats and people at Washington

              Didn’t know my own analytics is Democrat/Washington run. I guess I should go yell at the people OPNsense (Suricata), WAZUH, and Crowdsec. They must be injecting false notifications about my networks being targetted by shit from Russia and Chinese owned IP space!

              Yes I edited the post, but you also seem to abuse powers as an admin of your one man instance to see unedited content.

              It’s an abuse of power to read the post that’s sent to my email? Well shit! Even for a moderator you seem to not even understand how lemmy works. Let me enlighten you. I got an email with your post in it because you responded to me. What an abuse of Administrative power! Forget that 100% of activitypub network is openly published and thus viewable by anyone… Ooops.

              Lmfao… you reported my post… and likely blocked/“moderated” it on your instance. Don’t really care. To the point though, when 100% of downvotes on a comment is strictly from lemmy.ml or lemmygrad.ml instances. Yes, you’re shills, not a single opposing opinion between you. No discourse. No actual thought process occurring. Just “Russia/China good, rest world bad”. No nuance at all.

              You also failed to address your stance that you published. Why is it that every other platform you originally listed was a problem where Kaspersky isn’t?

                • Saik0@lemmy.saik0.com
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  edit-2
                  6 months ago

                  And that includes a lot of the netsec people who see this stuff.

                  Wait a second! I though NO serious security people are Russophobe? Are you changing your story now?

                  Your own little vote charter shows one dbzer0 user upvoting as well

                  You have the evaluation backwards… Outside people are coming to different consensuses based on opinions and experiences that’s normal… It’s lemmy.ml and lemmygrad.ml that don’t. I would EXPECT that results were mixed, but for your instance it never is. You seem to have missed the point.

                  What if China and Russia started treating .us or .ca or such domains like this and demonise countries?

                  They literally do. Have you not heard of the great firewall? The vast majority of the internet is unusable to China… and requires a VPN to access anything. Hell, I’d say the lemmy.ml and lemmygrad.ml instances acting as hiveminds downvoting anything critical of Russia/China is also evidence of this. It’s OKAY to be critical of a government.

                  It is you people who project the hate you possess onto others, and you even manage to be proud of it like an absolute idiot with no merit based judgement capabilities.

                  Not even close. I evaluate everything as I see it. You seem to be making a lot of assumptions here. Kaspersky has strong ties to the Russian government that is sufficient to warrant any “serious security” person to evaluate a different solution.

                  I did not fail. It is too clear to me how you are parroting US propaganda, even quoting a Democrat (Russia hater party) about it.

                  Yet bitdefender is a problem… And you can’t address why Kaspersky would be any different… Talk about parroting.

                  What room is there for reasoning with a crow like you, shitting everywhere happily?

                  Crows (Corvid family) are the smart birds… You mean pigeon.

                  Edit: Actually come to think of it? Why the ravenous defense of Kaspersky at all? It’s just an anti-virus software no? Why does me disagreeing with the use of Kaspersky in this instance warrant “makes you look like the worst slurs I could summon for an incompetent clown.” Don’t you see how unreasonable you look? How you look like a frothing lunatic?

          • davel [he/him]@lemmy.ml
            link
            fedilink
            English
            arrow-up
            0
            ·
            6 months ago

            Activitypub is open by nature, kbin users can see everything that I’ve published.

            Yes, we know how Activitypub and kbin/mbin work.

            There’s no abuse happening here.

            Others seem to disagree.

            Nor is my instance just one person/user.

            My sincerest apologies: three user instance 🙄

            • Saik0@lemmy.saik0.com
              link
              fedilink
              English
              arrow-up
              0
              ·
              6 months ago

              Others seem to disagree.

              That’s fine. You/them can disagree all you want. Just realize that they’re using it too. I just disagree with the default Lemmy stance that users can’t see something that everyone else on the fediverse(including moderators and admin on any federated instance) can. And if they want to defederate me for that. I’m not sure I care. I’ve been defederated from one instance so far… it’s not been a major loss and definitely doesn’t weigh on my conscience at all.

              My sincerest apologies: three user instance 🙄

              I have no interest in disclosing how many users are using my instance. They can post things if they want. That’s up to them. Many are just lurkers though.