diaz1510 150 Posted June 7, 2023 Share Posted June 7, 2023 (edited) I'm assuming this isn't normal? Discovered by Windows Defender. Edited June 7, 2023 by diaz1510 Link to comment Share on other sites More sharing options...
nuke11 21 Posted June 7, 2023 Share Posted June 7, 2023 (edited) You might want to read the security alert at the top of the forum. Emby Server does not start - Security advisory 2023-05-25 | Emby Documentation Before you delete the file, try and send them to the developers of Emby as instructed at the bottom of the article. Edited June 7, 2023 by nuke11 1 Link to comment Share on other sites More sharing options...
diaz1510 150 Posted June 8, 2023 Author Share Posted June 8, 2023 Gotcha. I will say I see absolutely no issues with the way Emby is performing. I am not having any trouble at all. It just came up after I did a scan. Link to comment Share on other sites More sharing options...
seanbuff 846 Posted June 8, 2023 Share Posted June 8, 2023 5 minutes ago, diaz1510 said: Gotcha. I will say I see absolutely no issues with the way Emby is performing. I am not having any trouble at all. It just came up after I did a scan. Good to hear, however as your system has detected the presence of one the key infected files. I would take the time to perform some of the necessary actions in the advisory, looking for and deleting any of the other known affected files. Also ensure you upgrade to the latest version 4.7.13.0 and perform these actions: Quote Assign new passwords to all of your Emby Server users Don't allow local login without password Ensure no user has an empty password 1 Link to comment Share on other sites More sharing options...
darkassassin07 434 Posted June 8, 2023 Share Posted June 8, 2023 40 minutes ago, diaz1510 said: Gotcha. I will say I see absolutely no issues with the way Emby is performing. I am not having any trouble at all. It just came up after I did a scan. Yeah, hacking peoples systems and maintaining that connection usually requires avoiding being noticed... Don't be complacent and make sure you don't have other compromised systems/services. Literally everything else you do with that computer is potentially at risk; online banking for example. The good news is the domain that 'pluggin' was sending your data too is no longer active as of a few weeks ago now. (assuming you don't have an updated version of the virus than what emby had analyzed, still a good idea to send them your copy) 1 Link to comment Share on other sites More sharing options...
diaz1510 150 Posted June 8, 2023 Author Share Posted June 8, 2023 Sent it to softworkz and got it all handled...thanks! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now