Hi,

Please suggest any Anti virus SW for android phone like Hauwei. Mate 20x?

What alternative would you recommend either open source or paid to replace Symantec Endpoint Protection for a network,
or Malwarebytes Endpoint Protection which runs on a network.
Thank you.

Hi Experts!

Being overly cautious here and wanted your opinion.  I received the following (ransom) email below and thought it was suspicious. From what I can find on the web this looks like a phishing attempt (somehow gotten a hold of my email and old password from somewhere). On my desktops and laptops we have the paid versions of Avast Premium Security and MalwareBytes. Both are scheduled to run daily, and Windows Update is always on. We primarily use Google and that self-update. My email account has MFA enabled for awhile; so I know this person cannot access my email?

 After getting the email I manually scanned the desktops and laptops with Avast and MalwareBytes. Nothing found. Downloaded and ran Spybot seach and destroy and nothing bad found.

My thought that this is a phishing attempt is because if you have control over my computer when don't you lock it and demand payment instead of this email?

Here's the email:

Recorded You <recordedyouXXXX@XXXXX.com>
To:
myEmail@yahoo.com

Nov 18 at 1:30 AM

Hey, I know your password is: HeknowsMyPassword

Your computer was infected with my malware, RAT (Remote Administration Tool), your browser wasn't updated / patched, in such case it's enough to just visit some website where my iframe is placed to get automatically infected, if you want to find out more - Google: "Drive-by exploit".

My malware gave me

…

We had a none critical server get infected with the Cheetah virus.  I have run Sophos and Malwarebytes and neither has fixed it.  I can change the extensions manually but that will take forever.

There must be a simple solution that one of you have tried.   HELP!

Mysterious Z: drive in Windows 7.  Client called today with Excel files missing from documents and instead all of the files he had deleted some time ago returned.  I have removed the unwanted files, no problem there.  The missing files were in the apps\roaming\Microsoft\network folder.  This is a stand alone PC, what would move them?  Next I noticed a Z: drive???  The drive has the same physical space used and capacity of C:, but doesn't have the same contents.  The Z: drive doesn't appear in the registry or Disk Management.  There is not 2 physical drives in the machine.  Norton is the AV and failed to detect (Full scan) Poweliks.  Roguekiller, ADWcleaner and virustotal.com website detected the virus.  I believe things are cleaned up now, but still suspicious of this Z: drive.  It only contains log files and copy of PDF files (From documents).  The logs are were updating as of this morning.  They don't appear to be updating this afternoon yet (Post removal of virus).

Google hijacked by https://www.searchencrypt.com/search?eq=7buN3wW%2BTmjyobKDgBD8X643alvLjHyhwe8LPxbEnaE%3D

Every time I search using Google in Firefox I get this crap.

In Chrome, it works fine.

How do I get rid of this & prevent it in the future?

Thanks

Hallo Experts
       
I would like to collect the following Threat Artifacts from a compromised Windows System:
     

• CPU

• Routing-, ARP- & Process tables

• Memory

• Temporary files

• Relevant data from storage media

   
What would you collect? Is there any best practice from NIST or anyware?
 
Thanks a lot

It's not uncommon to go to a website that gives you a frowny face and guilt tripping you that "We see you have an ad blocker. But that's how we make our money." So then if you really want the site you can white list them. And then typically you forget about it. Is there any way to tell in what ways the sites have taken advantage of your white listing? If they gave you spyware or something else malicious can you trace the malware to the site that gave it to you?

Hi guys

I've installed an anti-theft application on my laptop, in case some thieves break into my home and take it (there's been burglaries in the area). I'm trying to think further down the line. The issue I have with these applications is that if someone takes my laptop, they may be cunning enough to take out the disk inside at which point, I can kiss goodbye the anti-theft application I installed.

Are there any tracking devices out there that I could plant into my laptop, to locate it in the event of an unfortunate event?

Thanks for helping
Yashy

Windows Defender Service pegged 100% CPU.  Any way to fix it?  Do I need to reboot the VM?
This is win 2016 server std edition.  Single CPU 8GB ram

The client complains about the expense on antivirus software. What solution are you using for a company running over 150 computers?
This client has been using Trend Micro for over a decade, which is installed on servers and PCs. Every year when renewing the software, the client always questions
- Is there anything cheaper but doing the job?
- Can we disable internet access on certain computers and save the license on them?

I am so fxxking annoyed.

Microtech scam/ransomware was on a computer at a remote location.  Said they needed to call a 1800 number to get virus removed.  This user did that and paid $300 dollars to have fake company remove virus.  Got a text from him and said they are in there right now controlling computer and "trying" to remove  virus.  Should he power off right away or should he let them do their thing so he can use his pc again since he paid the money?  I told him to immediatley power off computer and wait for them to call again.