Anti-Spyware

Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.

Share tech news, updates, or what's on your mind.

Sign up to Post

Windows Defender Service pegged 100% CPU.  Any way to fix it?  Do I need to reboot the VM?
This is win 2016 server std edition.  Single CPU 8GB ram
0
Microsoft Azure 2017
LVL 12
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

I’m trying to compare the two solutions, between Webroot anywhere secure with DNS protection or Sophos interecptX advanced with EDR.
I do have a Sophos Firewall, but I’ve been using Webroot for now and just tested InterceptX and I have to decide which route to take.


Does anyone have any recommendations?
0
The client complains about the expense on antivirus software. What solution are you using for a company running over 150 computers?
This client has been using Trend Micro for over a decade, which is installed on servers and PCs. Every year when renewing the software, the client always questions
- Is there anything cheaper but doing the job?
- Can we disable internet access on certain computers and save the license on them?

I am so fxxking annoyed.
1
Hi

Using bit defender

Prompting for me to use its VPN

Is there an extra fee ?

Will I just run with home router on a PC

Thanks
0
https://thehackernews.com/2018/12/china-ransomware-wechat.html?m=1

referring to above link, it did not give the hash for the malware but I need to check if signature has been released by Trendmicro.

Once I have the hash value, can enter into virustotal to check
0
Microtech scam/ransomware was on a computer at a remote location.  Said they needed to call a 1800 number to get virus removed.  This user did that and paid $300 dollars to have fake company remove virus.  Got a text from him and said they are in there right now controlling computer and "trying" to remove  virus.  Should he power off right away or should he let them do their thing so he can use his pc again since he paid the money?  I told him to immediatley power off computer and wait for them to call again.
0
Hi,  my website got hacked a few days ago which has let to my site being blacklisted by Google http://medicaladvocates.ie i have cleaned it on Thursday last and have requested Google to delist and have outlined the reasons why it needed it be delisted and the actions i have taken but it is still blacklisted, i read somewhere that it could take up to 6 hours for them to delist it.

As you can imagine this is really really damaging for my business, does anyone know of anyway of speeding up the process? i have submitted a couple of times in Google Search Console.
0
We have 3 apps that a user runs on his computer every other day: 'SUPERAntiSpyware', 'Spy-Bot Search and Destroy' and 'Comodo Antivirus'.  The user runs the 3 apps at that same time whenever cleaning up is desired.  The user would leave theses tools running overnight.

The app 'Comodo Antivirus' never finds a virus.  The apps 'SUPERAntiSpyware' and 'Spy-Bot Search and Destroy' always finds spyware.  In  the morning the user would first click 'SUPERAntiSpyware' to delete or isolate the threats reported and then do the same to 'Spy-Bot Search and Destroy'.  Finally restart the computer.   Note, prior running the apps, the user would run cCleaner to cleanup any junk in his drive.

To-Date, there is no problem we have identified and all seems to be ok.  Our question is more directed to know EE opinion on:

  • Why 'SUPERAntiSpyware' and 'Spy-Bot Search and Destroy' display different results?
(Spy-bot would show registry entries and superantispyware would show files)
  • Any negative effect by running these 3 apps simultaneously?
  • Finally, is it necessary to run cCleaner prior running the apps?
0
Q1:
If I use a Solaris server as repository server to get from Internet
ClamAV updates, can it be used by other platform 'satellite'
ClamAV such as Windows, Linux?   Ie can freshclam on
Windows/Linux pull signature updates from a Solaris ?


Q2:
Are the 3 cvd files (main, daily, bytecode) inter-useable
between Solaris x86, RHEL & Windows ?
0
What is a good, legitimate antivirus for a Samsung Tab E? I am getting lots of pop ups and the performance is slow.

Thank you.

Robert
0
PMI ACP® Project Management
LVL 12
PMI ACP® Project Management

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.

Hacked e-mail account help required.

Last night a client received an e-mail that starts out:
My nickname in darknet is konstantine23.
I hacked this mailbox more than six months ago, through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

They then list the actual password correctly to her account.  It is an Office 365 account.  She does access her account on her personal laptop, which I will have this afternoon in my possession.   I am currently scanning her work computer, and having everyone else check for the same e-mail in their SPAM folder (Where she found hers).  We are in process of changing password to all of her online accounts (Including e-mail) on another computer, not part of their network.  The business does have a UTM router in place, and logs will be looked at next.  TDSS Killer did not find any rootkits, but more scanning will be done.

Looking for information on this possible.
0
September 2018 AV Comparison Results are now available.

Real-World Protection Test September 2018 – Factsheet
Malware Protection Test September 2018

Some surprising stats this issue. See how your preferred AV fared in the tests...

0
Q1:
I'm trying to establish if my Officescan  has Officescan's Ransomware protection below :

Ransomware Protection Enhancements in OfficeScan 11.0 SP1 Critical Patch 6054
Detection details of the OSCE 11.0 SP1 Critical Patch 6054 Ransomware Prevention Summary widget

Above 2 lines are extracted from link below:
https://success.trendmicro.com/solution/1111377-enabling-the-ransomware-protection-feature-in-officescan-osce


Q2:
Last screen in the attached shows  Scheduled Scan is disabled : is it a good idea to enable it
& I thought to have it enabled either during lunch hours (for users who bring home their
laptops) or in the night (for users who leave their PCs/laptops powered on in the office at night):
I've heard many recommendations that on-demand scheduled scan is quite essential too.
Just that it's hard to determine which laptops are being brought home

attachment is what's shown on my laptop
TMofficescanver.docx
0
a couple of years back, Trendmicro's  .DAT file can be searched using (find or grep command) for
certain malware names.

I'm now using OfficeScan V12.0.1352 & I think the signature file is VsapiNT.sys

I'm trying to track if  globeimposter  ransomware is in our current officescan signature &
the 2 links below seems to say that TM has documented them quite some time ago:
 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-august-4th-2017-globeimposter-notpetya-and-more/
 https://www.trendmicro.com/vinfo/in/security/news/cybercrime-and-digital-threats/ransomware-recap-crypshed-spoofs-amazon-in-ransomware-campaign

but when I searched for "glob"  (I suppose FakeGlobal as it's known to Trendmicro) would have it
listed in the latest VsapiNT.sys signature but it's not there:
appreciate steps on how to list the malwares covered by Officescan's signature file:

C:\foren>find/i "glob" *.sys |more

---------- TMPREFLT.SYS

---------- TMXPFLT.SYS

---------- VSAPINT.SYS
GlobalAddAtomA
GlobalAddAtomW
GlobalAlloc
GlobalCompact
GlobalDeleteAtom
GlobalFindAtomA
GlobalFindAtomW
GlobalFix
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnWire
GlobalUnfix
GlobalUnlock
GlobalWire
MakeCriticalSectionGlobal
JungUm Global
Corel Global Macro(GMS)
GLOBAL:
GLOBALNE:
GLOBALDOTPROMPT
GLOBAL
GLOBAL.DOT:
GLOBAL:
ExecuteGlobal
Global
0
When clicking "Disable these  Cookies" we get a message of 3rd cookies to select (see below).   We noticed that all are SQL.  Can some EE explain why these cookies?  Why SQL have 3rd party cookies? - please shed some light on the topic

Spybot issue
0
Q1:
Without saving an email's attachment & then manually (ie on-demand) scan the
saved file, is there any AV that could auto-scan (ie in almost real-time or on-access)
an email attachment (even before the user double-click/open the attachment)?

Q2:
Can BitDefender or Trend's Officescan do the above?
0
I've seen an ex-colleague blocking file extensions from being created using a feature in McAfee
(can't recall the name).

Can someone provide the steps to do this in Trendmicro Officescan's management console?
What's this feature called in Officescan?
0
Symantec Endpoint Protection Manager not getting updates after upgrading to 14.2 build 770

upgraded my symantec server to latest version and no live updates is getting downloaded, i uninstalled live update and reinstalled. also registered with SEPM via command prompt
1.png
0
What is the easiest and most effective way to get rid of the Trojan.JS.Dropper.E?
1
Exploring SQL Server 2016: Fundamentals
LVL 12
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

I have a Windows 10 Desktop PC.

I turn on my computer and noticed these windows on my desktop as soon as I turned on my computer.

ads on  my desktop pc
I googled it and read that these are scam ads wanting you to click on them.

How do i remove them? Anyone know?

I ran Spybot - Search & Destroy but it didn't find anything.
I ran Windows Defender and it didn't find anything also.
0
Symantec Endpoint Protection (SEP) how can I install the agent with out a SEPM server ?

I want to be able to install a SEP agent on a local machine with out pointing to any master server ,

I want to install just the agent on the windows box and at some time later point to a master server for SEPM

here is a link that is some help but does not fully answer my question
https://support.symantec.com/en_US/article.TECH171767.html

thanks !
0
Hi,
Is there any better Anti-virus tool in Windows server? In the attached screenshot, would Clamwin further totally remove the virus or not?
0
Hi,

I got this message (The file c:\...\.ost cannot be accessed because another workstation has modified it. Close and then restart mail enabled applications. You might need to restart your computer)
is this means somebody spying on my computer ?
I am afraid somebody implanted a key logger in my computer
0
If you have a Sonicwall to protect the network and Anti-Virus on each computer/server, is it safe to turn off Windows Firewall?
0
Are 32 bit computers at a higher risk of Anti-Virus, Malware or Ransomware infections?

We have a few left and I need to know if I should trash them ASAP.
0

Anti-Spyware

Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.