[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

Anti-Spyware

Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.

Share tech news, updates, or what's on your mind.

Sign up to Post

We have 3 apps that a user runs on his computer every other day: 'SUPERAntiSpyware', 'Spy-Bot Search and Destroy' and 'Comodo Antivirus'.  The user runs the 3 apps at that same time whenever cleaning up is desired.  The user would leave theses tools running overnight.

The app 'Comodo Antivirus' never finds a virus.  The apps 'SUPERAntiSpyware' and 'Spy-Bot Search and Destroy' always finds spyware.  In  the morning the user would first click 'SUPERAntiSpyware' to delete or isolate the threats reported and then do the same to 'Spy-Bot Search and Destroy'.  Finally restart the computer.   Note, prior running the apps, the user would run cCleaner to cleanup any junk in his drive.

To-Date, there is no problem we have identified and all seems to be ok.  Our question is more directed to know EE opinion on:

  • Why 'SUPERAntiSpyware' and 'Spy-Bot Search and Destroy' display different results?
(Spy-bot would show registry entries and superantispyware would show files)
  • Any negative effect by running these 3 apps simultaneously?
  • Finally, is it necessary to run cCleaner prior running the apps?
0
Introduction to Web Design
LVL 12
Introduction to Web Design

Develop a strong foundation and understanding of web design by learning HTML, CSS, and additional tools to help you develop your own website.

Q1:
If I use a Solaris server as repository server to get from Internet
ClamAV updates, can it be used by other platform 'satellite'
ClamAV such as Windows, Linux?   Ie can freshclam on
Windows/Linux pull signature updates from a Solaris ?


Q2:
Are the 3 cvd files (main, daily, bytecode) inter-useable
between Solaris x86, RHEL & Windows ?
0
Hacked e-mail account help required.

Last night a client received an e-mail that starts out:
My nickname in darknet is konstantine23.
I hacked this mailbox more than six months ago, through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

They then list the actual password correctly to her account.  It is an Office 365 account.  She does access her account on her personal laptop, which I will have this afternoon in my possession.   I am currently scanning her work computer, and having everyone else check for the same e-mail in their SPAM folder (Where she found hers).  We are in process of changing password to all of her online accounts (Including e-mail) on another computer, not part of their network.  The business does have a UTM router in place, and logs will be looked at next.  TDSS Killer did not find any rootkits, but more scanning will be done.

Looking for information on this possible.
0
Q1:
I'm trying to establish if my Officescan  has Officescan's Ransomware protection below :

Ransomware Protection Enhancements in OfficeScan 11.0 SP1 Critical Patch 6054
Detection details of the OSCE 11.0 SP1 Critical Patch 6054 Ransomware Prevention Summary widget

Above 2 lines are extracted from link below:
https://success.trendmicro.com/solution/1111377-enabling-the-ransomware-protection-feature-in-officescan-osce


Q2:
Last screen in the attached shows  Scheduled Scan is disabled : is it a good idea to enable it
& I thought to have it enabled either during lunch hours (for users who bring home their
laptops) or in the night (for users who leave their PCs/laptops powered on in the office at night):
I've heard many recommendations that on-demand scheduled scan is quite essential too.
Just that it's hard to determine which laptops are being brought home

attachment is what's shown on my laptop
TMofficescanver.docx
0
a couple of years back, Trendmicro's  .DAT file can be searched using (find or grep command) for
certain malware names.

I'm now using OfficeScan V12.0.1352 & I think the signature file is VsapiNT.sys

I'm trying to track if  globeimposter  ransomware is in our current officescan signature &
the 2 links below seems to say that TM has documented them quite some time ago:
 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-august-4th-2017-globeimposter-notpetya-and-more/
 https://www.trendmicro.com/vinfo/in/security/news/cybercrime-and-digital-threats/ransomware-recap-crypshed-spoofs-amazon-in-ransomware-campaign

but when I searched for "glob"  (I suppose FakeGlobal as it's known to Trendmicro) would have it
listed in the latest VsapiNT.sys signature but it's not there:
appreciate steps on how to list the malwares covered by Officescan's signature file:

C:\foren>find/i "glob" *.sys |more

---------- TMPREFLT.SYS

---------- TMXPFLT.SYS

---------- VSAPINT.SYS
GlobalAddAtomA
GlobalAddAtomW
GlobalAlloc
GlobalCompact
GlobalDeleteAtom
GlobalFindAtomA
GlobalFindAtomW
GlobalFix
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnWire
GlobalUnfix
GlobalUnlock
GlobalWire
MakeCriticalSectionGlobal
JungUm Global
Corel Global Macro(GMS)
GLOBAL:
GLOBALNE:
GLOBALDOTPROMPT
GLOBAL
GLOBAL.DOT:
GLOBAL:
ExecuteGlobal
Global
0
Q1:
Without saving an email's attachment & then manually (ie on-demand) scan the
saved file, is there any AV that could auto-scan (ie in almost real-time or on-access)
an email attachment (even before the user double-click/open the attachment)?

Q2:
Can BitDefender or Trend's Officescan do the above?
0
I've seen an ex-colleague blocking file extensions from being created using a feature in McAfee
(can't recall the name).

Can someone provide the steps to do this in Trendmicro Officescan's management console?
What's this feature called in Officescan?
0
Symantec Endpoint Protection Manager not getting updates after upgrading to 14.2 build 770

upgraded my symantec server to latest version and no live updates is getting downloaded, i uninstalled live update and reinstalled. also registered with SEPM via command prompt
1.png
0
What is the easiest and most effective way to get rid of the Trojan.JS.Dropper.E?
1
I have a Windows 10 Desktop PC.

I turn on my computer and noticed these windows on my desktop as soon as I turned on my computer.

ads on  my desktop pc
I googled it and read that these are scam ads wanting you to click on them.

How do i remove them? Anyone know?

I ran Spybot - Search & Destroy but it didn't find anything.
I ran Windows Defender and it didn't find anything also.
0
Python 3 Fundamentals
LVL 12
Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

Hi,
Is there any better Anti-virus tool in Windows server? In the attached screenshot, would Clamwin further totally remove the virus or not?
0
If you have a Sonicwall to protect the network and Anti-Virus on each computer/server, is it safe to turn off Windows Firewall?
0
Are 32 bit computers at a higher risk of Anti-Virus, Malware or Ransomware infections?

We have a few left and I need to know if I should trash them ASAP.
0
Hi all,

we are searching for the best endpoint protection available for SMB. I am looking for the top 3. Currently we are working with Kaspersky Endpoint Security.

Anyone any suggestions?

Thank you,
0
can an installed .exe file on windows os see all my key strokes
I have a custom made .exe file that appears to me to run correctly
but may have additional secret permissions

by installing any program
could a keylogger be built in

dont just tell me to run virus scan
1
I have an issue where I'm sure someone is hacking our network, specifically four machines.  I have witnessed them going into my home folder and deleting my trash on these machines.  They are also able to change the camera settings.  For example, they're zooming in to locations.  They are doing playback.  This all happens between the hours of 12am-2am.

I'm using:
Windows 10
Palo Alto Networks
Security Camera Milestone software.  https://www.milestonesys.com
The cameras are made by Mobitics.

What I've narrowed it down to is this happens when the security camera milestone software is up and running on the four machines.  When I turn that software off there's no connectivity or suspicious things going on.

What I need to know is how do I find out who is doing this?  How can I get an IP address?  Are they inside my network or outside my network?

I would even appreciate a recommendation of a security company that knows how to track intruders down.

Note:
I've checked the parking lot and areas of the campus to see if someone is psychically here, but I don't see anyone.  I've also contacted Milestone software and they've recommended I change my password and the camera's password, but we are still having an issue.
0
Has anyone implemented a rule on  ESET ERA Admin Portal which blocks USB devices but still allows phones to be charged?
0
AV software best compatible with O365. Any suggestion? Local outlook emails? Thanks
0
A Trickbot Infestation has ravaged my network. It has wormed its way on to all workstations and servers. Does anyone know how to eradicate it and keep it from re-infecting other computers? If not, does anyone know of a company that specializes in removing this particular malware. I've tried different malware software removal tools and they identify and  remove it but it keeps coming back.
0
Become a Microsoft Certified Solutions Expert
LVL 12
Become a Microsoft Certified Solutions Expert

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

A friend is using Windows 10 (which is kept up to date).
He also has AVG Antivirus.
He normally uses Paypal for purchases (without any problems).

This morning, within an hour of using his actual Visa Debit Card on Government
website (motortax.ie) his card number was fraudulently used on some dating website.
(The bank phoned and cancelled the transaction and his card).

I'm going to run some scans tomorrow
- MalwareBytes scan in safe mode
- Hitman pro
- AVG

Any other suggestions?
0
Good evening Experts,
I have just been repairing my computer from a malicious virus. I could not use virus/malware software (MalwareBtyes, Superantispyware, and Spyhunter, on my machine because the malware/virus disabled them, so I used BitDefenders Rescue usb to kill most of the problems. I finished off the rest of the malware/viruses using my regular software (MalwareBtyes, Superantispyware, and Spyhunter). The system stable except for a couple of issues:
1.      My folder indexing does not work and I would like an expert to help me fix it. However I did download a free search program call everything and it is more robust than the Windows 10 index\search. I still need a solution for why the windows indexing\search is not letting me search inside of folders.
2.      This second issue is more critical than the previous one. For some reason when I login to any of my accounts: THANOS, IMRIC , ADMINISTRATOR, the desktop icon for the user profile defaults to (Folders)

Any help the experts can give me will be appreciated.
Regards,
Regis Hyde (BlackTHanos)
0
does norton go after viruses
malware bytes goes after malware

do I need both

windows10
0
How can I remove maleware bytes trial and get another trial


windows 10
0
Here are the pop ups that i am getting, if i click Ok, i am getting like parameter incorrect.:  Here are the pop ups that i am getting, if i click Ok, i am getting like parameter incorrect.Whenever I plug in my charger, a small tap is popping continuously saying php update available, then i click OK, but it's again coming like update available. i am using Lenovo-idea pad-1470 series. can anybody help me please?
IMG_9388.jpg
0
I have a client who had a scareware event with a threatening dialog that offered a number to call to "help him".  I disinfected, as I normally do, with Adwcleaner, Malwarebytes, and Hitmanpro64, which usually does a nice job eradicating the beasts.  Another has appeared that seems familiar, and so I'm concerned that I might have missed something   The dialog, which my client sent me, and I didn't myself experience, is attached.  

My question is how can I find the source of that dialog, or others of that ilk, and know that I've removed it, or not, using the above system or another.

Your insights are appreciated.
IMG_2917.mov
0

Anti-Spyware

Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.