Anti-Spyware Help

Question by

Tiras25

2019-01-03SolvedPrivate

Windows defender pegged 100% CPU on server 2016

Windows Defender Service pegged 100% CPU. Any way to fix it? Do I need to reboot the VM?
This is win 2016 server std edition. Single CPU 8GB ram

5 Comments

Microsoft Azure 2017

LVL 12

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Question by

Dan

2018-12-27Solved

Which AV solution? Sophos or Webroot

I’m trying to compare the two solutions, between Webroot anywhere secure with DNS protection or Sophos interecptX advanced with EDR.
I do have a Sophos Firewall, but I’ve been using Webroot for now and just tested InterceptX and I have to decide which route to take.

Does anyone have any recommendations?

6 Comments

The client complains about the expense on antivirus software. What solution are you using for a company running over 150 computers?
This client has been using Trend Micro for over a decade, which is installed on servers and PCs. Every year when renewing the software, the client always questions
- Is there anything cheaper but doing the job?
- Can we disable internet access on certain computers and save the license on them?

I am so fxxking annoyed.

25 Comments

Question by

feck1

2018-12-18

BIT Defender VPN option for a one PC

Hi

Using bit defender

Prompting for me to use its VPN

Is there an extra fee ?

Will I just run with home router on a PC

Thanks

Anti-Spyware

1 Comment

https://thehackernews.com/2018/12/china-ransomware-wechat.html?m=1

referring to above link, it did not give the hash for the malware but I need to check if signature has been released by Trendmicro.

Once I have the hash value, can enter into virustotal to check

3 Comments

Microtech scam/ransomware was on a computer at a remote location. Said they needed to call a 1800 number to get virus removed. This user did that and paid $300 dollars to have fake company remove virus. Got a text from him and said they are in there right now controlling computer and "trying" to remove virus. Should he power off right away or should he let them do their thing so he can use his pc again since he paid the money? I told him to immediatley power off computer and wait for them to call again.

12 Comments

LVL 1

Question by

Jonathan Duane

2018-11-25

My site is blacklisted by Google

Hi, my website got hacked a few days ago which has let to my site being blacklisted by Google http://medicaladvocates.ie i have cleaned it on Thursday last and have requested Google to delist and have outlined the reasons why it needed it be delisted and the actions i have taken but it is still blacklisted, i read somewhere that it could take up to 6 hours for them to delist it.

As you can imagine this is really really damaging for my business, does anyone know of anyway of speeding up the process? i have submitted a couple of times in Google Search Console.

3 Comments

We have 3 apps that a user runs on his computer every other day: 'SUPERAntiSpyware', 'Spy-Bot Search and Destroy' and 'Comodo Antivirus'. The user runs the 3 apps at that same time whenever cleaning up is desired. The user would leave theses tools running overnight.

The app 'Comodo Antivirus' never finds a virus. The apps 'SUPERAntiSpyware' and 'Spy-Bot Search and Destroy' always finds spyware. In the morning the user would first click 'SUPERAntiSpyware' to delete or isolate the threats reported and then do the same to 'Spy-Bot Search and Destroy'. Finally restart the computer. Note, prior running the apps, the user would run cCleaner to cleanup any junk in his drive.

To-Date, there is no problem we have identified and all seems to be ok. Our question is more directed to know EE opinion on:

Why 'SUPERAntiSpyware' and 'Spy-Bot Search and Destroy' display different results?

(Spy-bot would show registry entries and superantispyware would show files)

Any negative effect by running these 3 apps simultaneously?

Finally, is it necessary to run cCleaner prior running the apps?

6 Comments

Q1:
If I use a Solaris server as repository server to get from Internet
ClamAV updates, can it be used by other platform 'satellite'
ClamAV such as Windows, Linux? Ie can freshclam on
Windows/Linux pull signature updates from a Solaris ?

Q2:
Are the 3 cvd files (main, daily, bytecode) inter-useable
between Solaris x86, RHEL & Windows ?

7 Comments

Question by

Robert Ehinger

2018-10-22

Tablet Antivirus

What is a good, legitimate antivirus for a Samsung Tab E? I am getting lots of pop ups and the performance is slow.

Thank you.

Robert

2 Comments

PMI ACP® Project Management

LVL 12

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.

LVL 5

Question by

Jason Johanknecht

2018-10-19Solved

Hacked Office 365 account

Hacked e-mail account help required.

Last night a client received an e-mail that starts out:
My nickname in darknet is konstantine23.
I hacked this mailbox more than six months ago, through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

They then list the actual password correctly to her account. It is an Office 365 account. She does access her account on her personal laptop, which I will have this afternoon in my possession. I am currently scanning her work computer, and having everyone else check for the same e-mail in their SPAM folder (Where she found hers). We are in process of changing password to all of her online accounts (Including e-mail) on another computer, not part of their network. The business does have a UTM router in place, and logs will be looked at next. TDSS Killer did not find any rootkits, but more scanning will be done.

Looking for information on this possible.

5 Comments

LVL 25

Post by

Andrew Leniart

2018-10-15Edited

September 2018 AV Comparison Results are now available.

Real-World Protection Test September 2018 – Factsheet
Malware Protection Test September 2018

Some surprising stats this issue. See how your preferred AV fared in the tests...

0 Comments

Q1:
I'm trying to establish if my Officescan has Officescan's Ransomware protection below :

Ransomware Protection Enhancements in OfficeScan 11.0 SP1 Critical Patch 6054
Detection details of the OSCE 11.0 SP1 Critical Patch 6054 Ransomware Prevention Summary widget

Above 2 lines are extracted from link below:
https://success.trendmicro.com/solution/1111377-enabling-the-ransomware-protection-feature-in-officescan-osce

Q2:
Last screen in the attached shows Scheduled Scan is disabled : is it a good idea to enable it
& I thought to have it enabled either during lunch hours (for users who bring home their
laptops) or in the night (for users who leave their PCs/laptops powered on in the office at night):
I've heard many recommendations that on-demand scheduled scan is quite essential too.
Just that it's hard to determine which laptops are being brought home

attachment is what's shown on my laptop
TMofficescanver.docx

12 Comments

a couple of years back, Trendmicro's .DAT file can be searched using (find or grep command) for
certain malware names.

I'm now using OfficeScan V12.0.1352 & I think the signature file is VsapiNT.sys

I'm trying to track if globeimposter ransomware is in our current officescan signature &
the 2 links below seems to say that TM has documented them quite some time ago:
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-august-4th-2017-globeimposter-notpetya-and-more/
https://www.trendmicro.com/vinfo/in/security/news/cybercrime-and-digital-threats/ransomware-recap-crypshed-spoofs-amazon-in-ransomware-campaign

but when I searched for "glob" (I suppose FakeGlobal as it's known to Trendmicro) would have it
listed in the latest VsapiNT.sys signature but it's not there:
appreciate steps on how to list the malwares covered by Officescan's signature file:

C:\foren>find/i "glob" *.sys |more

---------- TMPREFLT.SYS

---------- TMXPFLT.SYS

---------- VSAPINT.SYS
GlobalAddAtomA
GlobalAddAtomW
GlobalAlloc
GlobalCompact
GlobalDeleteAtom
GlobalFindAtomA
GlobalFindAtomW
GlobalFix
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnWire
GlobalUnfix
GlobalUnlock
GlobalWire
MakeCriticalSectionGlobal
JungUm Global
Corel Global Macro(GMS)
GLOBAL:
GLOBALNE:
GLOBALDOTPROMPT
GLOBAL
GLOBAL.DOT:
GLOBAL:
ExecuteGlobal
Global

7 Comments

When clicking "Disable these Cookies" we get a message of 3rd cookies to select (see below). We noticed that all are SQL. Can some EE explain why these cookies? Why SQL have 3rd party cookies? - please shed some light on the topic

18 Comments

Q1:
Without saving an email's attachment & then manually (ie on-demand) scan the
saved file, is there any AV that could auto-scan (ie in almost real-time or on-access)
an email attachment (even before the user double-click/open the attachment)?

Q2:
Can BitDefender or Trend's Officescan do the above?

7 Comments

I've seen an ex-colleague blocking file extensions from being created using a feature in McAfee
(can't recall the name).

Can someone provide the steps to do this in Trendmicro Officescan's management console?
What's this feature called in Officescan?

3 Comments

LVL 2

Question by

IT Guy

2018-09-06Solved

latest updates not working

Symantec Endpoint Protection Manager not getting updates after upgrading to 14.2 build 770

upgraded my symantec server to latest version and no live updates is getting downloaded, i uninstalled live update and reinstalled. also registered with SEPM via command prompt
1.png

9 Comments

LVL 1

Question by

Elton Brown

2018-08-27Solved

Need to get rid of Trojan(s) etc.

What is the easiest and most effective way to get rid of the Trojan.JS.Dropper.E?

7 Comments

Exploring SQL Server 2016: Fundamentals

LVL 12

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

LVL 1

Question by

maqskywalker

2018-08-11Solved

adware on Windows 10 pc

I have a Windows 10 Desktop PC.

I turn on my computer and noticed these windows on my desktop as soon as I turned on my computer.

I googled it and read that these are scam ads wanting you to click on them.

How do i remove them? Anyone know?

I ran Spybot - Search & Destroy but it didn't find anything.
I ran Windows Defender and it didn't find anything also.

9 Comments

Symantec Endpoint Protection (SEP) how can I install the agent with out a SEPM server ?

I want to be able to install a SEP agent on a local machine with out pointing to any master server ,

I want to install just the agent on the windows box and at some time later point to a master server for SEPM

here is a link that is some help but does not fully answer my question
https://support.symantec.com/en_US/article.TECH171767.html

thanks !

5 Comments

LVL 12

Question by

HuaMin Chen

2018-07-17Solved

Problem to Clamwin Application

Hi,
Is there any better Anti-virus tool in Windows server? In the attached screenshot, would Clamwin further totally remove the virus or not?

11 Comments

Question by

SHIHABUDDIN TURKISTANI

2018-07-10

outlook 2012 error

Hi,

I got this message (The file c:\...\.ost cannot be accessed because another workstation has modified it. Close and then restart mail enabled applications. You might need to restart your computer)
is this means somebody spying on my computer ?
I am afraid somebody implanted a key logger in my computer

4 Comments

Question by

J.R. Sitman

2018-06-28Solved

Is it safe to turn off Windows Firewall?

If you have a Sonicwall to protect the network and Anti-Virus on each computer/server, is it safe to turn off Windows Firewall?

8 Comments

Are 32 bit computers at a higher risk of Anti-Virus, Malware or Ransomware infections?

We have a few left and I need to know if I should trash them ASAP.

12 Comments

Anti-Spyware

Related Topics

Anti-Spyware

Related Topics