Hi All
A bizarre problem has reared its head yesterday afternoon on one of my stations. It has all of the stink of Malware that is targeted specifically to the SS32 Scott Ver. 5 software. The MO is as follows; At random times, in an approximate one hour time frame, all of the files with the .skd extension get deleted, included in that is the SS32 default log. The files affected are only in the SKD directory of the SS32 software. As anyone who knows this software, the SS32 does not like its schedule files to be missing and the software crashes, taking the station off the air. Has anyone run into this? Like a said, it has the stink of malicious software. Wide Orbit has no answers and after isolating the shares on the particular workstation the issue stopped. So, I suspect the file is somewhere in my sub net. I intentionally designed the SS32 on it's own isolated sub net to prevent something like this from happening, since you cannot run AV software with the SS32. In this case, even AV software would have been no help.
We have had some personnel problems but, that was some time ago. Now it is possible it could have been planted before they left or it can have a dead man switch...
Any thoughts would be appreciated!
Dave
A bizarre problem has reared its head yesterday afternoon on one of my stations. It has all of the stink of Malware that is targeted specifically to the SS32 Scott Ver. 5 software. The MO is as follows; At random times, in an approximate one hour time frame, all of the files with the .skd extension get deleted, included in that is the SS32 default log. The files affected are only in the SKD directory of the SS32 software. As anyone who knows this software, the SS32 does not like its schedule files to be missing and the software crashes, taking the station off the air. Has anyone run into this? Like a said, it has the stink of malicious software. Wide Orbit has no answers and after isolating the shares on the particular workstation the issue stopped. So, I suspect the file is somewhere in my sub net. I intentionally designed the SS32 on it's own isolated sub net to prevent something like this from happening, since you cannot run AV software with the SS32. In this case, even AV software would have been no help.
We have had some personnel problems but, that was some time ago. Now it is possible it could have been planted before they left or it can have a dead man switch...
Any thoughts would be appreciated!
Dave