Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.
Course Of The Month
Become a Premium Member and unlock a new, free course in leading technologies each month.
Anti-Virus Apps
22K
Solutions
23K
Contributors
Anti-virus software was originally developed to detect and remove computer viruses. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious layered service providers (LSPs), dialers, fraud tools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity theft (privacy), online banking attacks, social engineering techniques, Advanced Persistent Threat (APT), botnets and DDoS attacks.
Share tech news, updates, or what's on your mind.
"check short URL" is not working for me.
Can I get a recommendation of a site I can check my shortened links.
Can someone tell me about this link?
http://ow.ly/sc5930dP4vs
Can I get a recommendation of a site I can check my shortened links.
Can someone tell me about this link?
http://ow.ly/sc5930dP4vs
6 Comments
Can we create group of endpoints and can we assign policies to that group in trend deep security?
Hi, does anyone use this software before?
Do you know how to calculate the amount of license which need to be covered? And is there any risk if I install both Kaspersky Endpoint Security and Mail Security on the same server?
We have 6 Exchange Mail Servers.
Many thanks!
Do you know how to calculate the amount of license which need to be covered? And is there any risk if I install both Kaspersky Endpoint Security and Mail Security on the same server?
We have 6 Exchange Mail Servers.
Many thanks!
For those who like to keep up..
The latest AV Comparatives Real-World Protection Test February – June 2017 has been released.
The latest AV Comparatives Real-World Protection Test February – June 2017 has been released.
Latest version of Win 10 Pro running on Surface Pro 4.
I did a full OS reset to rule out a virus or some weird OS corruption, but again when I click on an open program on the taskbar instead of opening that active window it opens another instance i.e another Firefox window or Excel sheet. Temp fix is to reboot and it may be good for like 10-15 and the it start happening again. The mouse seems to be erratic but even if my surface does not have any peripherals connected it does the same thing
Any idea what this could be?
I did a full OS reset to rule out a virus or some weird OS corruption, but again when I click on an open program on the taskbar instead of opening that active window it opens another instance i.e another Firefox window or Excel sheet. Temp fix is to reboot and it may be good for like 10-15 and the it start happening again. The mouse seems to be erratic but even if my surface does not have any peripherals connected it does the same thing
Any idea what this could be?
Hi all.
I need guidance/ assistance in if anyone has done a similar project? Rolling out kaspersky and uninstalling sophos..
We have around 900 workstations and 100 servers (VMs)...anyone has done a project plan Project plan ..risks...dependencies plan?
I need guidance/ assistance in if anyone has done a similar project? Rolling out kaspersky and uninstalling sophos..
We have around 900 workstations and 100 servers (VMs)...anyone has done a project plan Project plan ..risks...dependencies plan?
A customer of mine would like to fully license the Symantec Endpoint Protection 14 Trialware once the trial ends.
We would like to install the antivirus software on a Server 2012 R2 Datacenter server and on two Windows 10 64-bit OS computers.
How much will this cost?
Will it be less expensive to license this software through a third party vendor rather than Symantec?
This software has been downloaded and installed from these URLs:
https://resource.elq.symantec.com/campaigns-endpoint-protection?&om_sem_cid=biz_sem_s17674514840211|pcrid|155284187497|pmt|b|plc||pdv|c
https://trial.symantec.com/lp?pid=1-en-us&q=2r.3r.5r.6.7r.9r&cid=70138000001QIkWAAW&inid=us_symc_endpoint-protection_clp_to_leadgen_trialware_PID-1_endpoint-protection
We would like to install the antivirus software on a Server 2012 R2 Datacenter server and on two Windows 10 64-bit OS computers.
How much will this cost?
Will it be less expensive to license this software through a third party vendor rather than Symantec?
This software has been downloaded and installed from these URLs:
https://resource.elq.symantec.com/campaigns-endpoint-protection?&om_sem_cid=biz_sem_s17674514840211|pcrid|155284187497|pmt|b|plc||pdv|c
https://trial.symantec.com/lp?pid=1-en-us&q=2r.3r.5r.6.7r.9r&cid=70138000001QIkWAAW&inid=us_symc_endpoint-protection_clp_to_leadgen_trialware_PID-1_endpoint-protection
I have two Windows 10 Lenovo laptops that are both infected with malware, spyware, adware, and viruses.
I have removed these hard drives and have connected them as secondary hard drives to another Windows 10 desktop.
Currently I'm scanning the infected drives with Malwarebytes, Symantec Antivirus, and Windows Defender.
What other scans or repairs can I run on these infected hard drives to hopefully remove all malware, spyware, and viruses?
For example what other utilities or programs can be run and what Windows utilities or tools such as SFC and DISM can be used?
I have removed these hard drives and have connected them as secondary hard drives to another Windows 10 desktop.
Currently I'm scanning the infected drives with Malwarebytes, Symantec Antivirus, and Windows Defender.
What other scans or repairs can I run on these infected hard drives to hopefully remove all malware, spyware, and viruses?
For example what other utilities or programs can be run and what Windows utilities or tools such as SFC and DISM can be used?
Hi Guys,
does anyone know how i put an IP exception in our Symantec Endpoint Protection Manager?
i can see guides on the support site for SEP but nothing that specifically relates to an IP address exception. I cant see any obvious options for it and i have no prior experience with the console.
does it go under Policies > Firewall?
the reason for the request is we have Spiceworks on the LAN and it is causing warning messages to pop up on users PC's as SEP keeps blocking it. need to put an exception in for the spiceworks server.
does anyone know how i put an IP exception in our Symantec Endpoint Protection Manager?
i can see guides on the support site for SEP but nothing that specifically relates to an IP address exception. I cant see any obvious options for it and i have no prior experience with the console.
does it go under Policies > Firewall?
the reason for the request is we have Spiceworks on the LAN and it is causing warning messages to pop up on users PC's as SEP keeps blocking it. need to put an exception in for the spiceworks server.
Dear Team, we have Server 2008 R2 acting as VPN server with Routing and Remote Access role. However, we suffered a reliability problem when we always have to restart service in order to run VPN smoothly. Sometimes, we even have to restart the Server, so that remote users can log in with their username/password.
We only have MSE antivirus, no any other special.
Can anyone explain please?
We only have MSE antivirus, no any other special.
Can anyone explain please?
Free Tool: Subnet Calculator
The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.
One of a set of tools we're offering as a way of saying thank you for being a part of the community.
I have the yara rule shown below from Kaspersky. I've put it in my Linux system running clamav-milter. I'd like to test this rule by sending a message. I've sent a message contaning string $a3, but it was not caught.
To test yara generally, I have created a simple rule with a single string and sent a message containing that string and it was caught, so yara rule checking is enabled.
Perhaps just sending string $a3 is insufficient? What does "uint16(0)" mean? That appears to be an "and" condition.
To test yara generally, I have created a simple rule with a single string and sent a message containing that string and it was caught, so yara rule checking is enabled.
Perhaps just sending string $a3 is insufficient? What does "uint16(0)" mean? That appears to be an "and" condition.
rule ransomware_exPetr {
meta:
copyright = "Kaspersky Lab"
description = "Rule to detect PetrWrap ransomware samples"
last_modified = "2017-06-27"
author = "Kaspersky Lab"
hash = "71B6A493388E7D0B40C83CE903BC6B04"
version = "1.0"
strings:
$a1 = "MIIBCgKCAQEAxP/VqKc0yLe9JhVqFMQGwUITO6WpXWnKSNQAYT0O65Cr8PjIQInTeHkXEjfO2n2JmURWV/uHB0ZrlQ/wcYJBwLhQ9EqJ3iDqmN19Oo7NtyEUmbYmopcq+YLIBZzQ2ZTK0A2DtX4GRKxEEFLCy7vP12EYOPXknVy/+mf0JFWixz29QiTf5oLu15wVLONCuEibGaNNpgq+CXsPwfITDbDDmdrRIiUEUw6o3pt5pNOskfOJbMan2TZu" fullword wide
$a2 = ".3ds.7z.accdb.ai.asp.aspx.avhd.back.bak.c.cfg.conf.cpp.cs.ctl.dbf.disk.djvu.doc.docx.dwg.eml.fdb.gz.h.hdd.kdbx.mail.mdb.msg.nrg.ora.ost.ova.ovf.pdf.php.pmf.ppt.pptx.pst.pvi.py.pyc.rar.rtf.sln.sql.tar.vbox.vbs.vcb.vdi.vfd.vmc.vmdk.vmsd.vmx.vsdx.vsv.work.xls" fullword wide
$a3 = "DESTROY ALL OF YOUR DATA! PLEASE ENSURE THAT YOUR POWER CABLE IS PLUGGED" fullword ascii
$a4 = "1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX"
This question may not make sense at all but would like to still give it a go:
what are the risks our EMC VMAX SAN to ransomwares & how are the attacks/
infections likely to occur?
Our MS Exchange's huge partitions are on SAN as well as our servers' database
& applications partitions. Our PCs/laptops don't use SAN.
I can see the largest malwares & ransomwares being blocked is via our emails
(in thousands or tens of thousands monthly) compared to only a hundred or
less being blocked by endpoint AV & proxy : so how is this translated to our SAN?
A very unique question from our management.
So how do we mitigate ransomwares risks to SAN? Just by endpoint AV & our
email filtering (which we use Proofpoint which reported tons of ransomwares
& ransomware downloaders being blocked monthly)
what are the risks our EMC VMAX SAN to ransomwares & how are the attacks/
infections likely to occur?
Our MS Exchange's huge partitions are on SAN as well as our servers' database
& applications partitions. Our PCs/laptops don't use SAN.
I can see the largest malwares & ransomwares being blocked is via our emails
(in thousands or tens of thousands monthly) compared to only a hundred or
less being blocked by endpoint AV & proxy : so how is this translated to our SAN?
A very unique question from our management.
So how do we mitigate ransomwares risks to SAN? Just by endpoint AV & our
email filtering (which we use Proofpoint which reported tons of ransomwares
& ransomware downloaders being blocked monthly)
"Prohibits the DOD from using software platforms developed by Kaspersky Lab due to
reports that the Moscow-based company might be vulnerable to Russian government
influence."
https://www.armed-services.senate.gov/imo/media/doc/FY18%20NDAA%20summary2.pdf
https://www.bleepingcomputer.com/news/government/senate-gets-ready-to-ban-kaspersky-products-as-fbi-interviews-companys-us-employees/
reports that the Moscow-based company might be vulnerable to Russian government
influence."
https://www.armed-services.senate.gov/imo/media/doc/FY18%20NDAA%20summary2.pdf
https://www.bleepingcomputer.com/news/government/senate-gets-ready-to-ban-kaspersky-products-as-fbi-interviews-companys-us-employees/
Pics to follow - on smart phone now
Anyone recognise these menus from win xp ?
Trying to get data from xp pc, it's like a slug
Any poss this is an encryption virus ?
Menus look so dated though
Anyone recognise these menus from win xp ?
Trying to get data from xp pc, it's like a slug
Any poss this is an encryption virus ?
Menus look so dated though
Curious about the latest ransomware attack? Check out our timeline of events surrounding the spread of this new virus along with tips on how to mitigate the damage.
Active 2 days ago
But...was it ransomware...
https://www.engadget.com/2017/06/29/petya-not-ransomware-attacks/
https://www.engadget.com/2017/06/29/petya-not-ransomware-attacks/
Infected pc hdd
Remove hdd from pc
Attach usb caddy and connect to my laptop
Remove files I need
Is it very unusual for a virus to jump from a "slaved" usb hdd to my attached laptop?
Is it way way safer to boot from a Linux DVD ?
Safest / best practice to get files back recovered ?
Remove hdd from pc
Attach usb caddy and connect to my laptop
Remove files I need
Is it very unusual for a virus to jump from a "slaved" usb hdd to my attached laptop?
Is it way way safer to boot from a Linux DVD ?
Safest / best practice to get files back recovered ?
Hello
One Of our servers which has Kaspersky End Point Security ver 10 Product show the following message from Kaspersky:
Application: Unknown
User: NT AUTHORITY\SYSTEM (System user)
Component: Network Attack Blocker
Result: Blocked: Bruteforce.Generic.RDP
Object: TCP from x.x.x.x to local port 3389
We have 4 Servers and this is the only server showing this message,the server behind UTM with IPS enabled and no rules are configured for port 3389.
Also Windows Event Viewer show lot of messages as below :
Remote session from client name a exceeded the maximum allowed failed logon attempts. The session was forcibly terminated.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
What I am missing here and hot prevent this ?
Thank You
One Of our servers which has Kaspersky End Point Security ver 10 Product show the following message from Kaspersky:
Application: Unknown
User: NT AUTHORITY\SYSTEM (System user)
Component: Network Attack Blocker
Result: Blocked: Bruteforce.Generic.RDP
Object: TCP from x.x.x.x to local port 3389
We have 4 Servers and this is the only server showing this message,the server behind UTM with IPS enabled and no rules are configured for port 3389.
Also Windows Event Viewer show lot of messages as below :
Remote session from client name a exceeded the maximum allowed failed logon attempts. The session was forcibly terminated.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
What I am missing here and hot prevent this ?
Thank You
What does it mean to be "Always On"?
Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.
Hello Experts,
Would it be possible for someone to explain to me how a satellite server for updates work, whether it is patching or definitions? Here's what I'm trying to understand:
The use case applies to remote users who don't connect via a VPN on a regular basis. Is there a way to push the patch or new virus definition out if the user is not on the VPN? I don't think it matters what application is being used, for example, Altiris for patching, TrendMicro/Sophos, etc. for virus definition, etc.
I have heard of using a satellite server for this use case and need to understand how it works.
Thank you,
Steph M
Would it be possible for someone to explain to me how a satellite server for updates work, whether it is patching or definitions? Here's what I'm trying to understand:
The use case applies to remote users who don't connect via a VPN on a regular basis. Is there a way to push the patch or new virus definition out if the user is not on the VPN? I don't think it matters what application is being used, for example, Altiris for patching, TrendMicro/Sophos, etc. for virus definition, etc.
I have heard of using a satellite server for this use case and need to understand how it works.
Thank you,
Steph M
I hear there is a bad virus spreading. Is this a Windows virus like wanna cry?
Is there anything in need to do with Mac El Capitan?
Thanks
Is there anything in need to do with Mac El Capitan?
Thanks
Customer has his but says not all files are encrypted
What the best thing to do now
Thanks
What the best thing to do now
Thanks
i want to generate USB enable report in the doamin
My spouse had installed web watcher in my PC. I want to uninstall it. How do I do it
I got hit with Amnesia Ransomeware...
Any help to decrypt?
Any help to decrypt?
Anti-Virus Apps
22K
Solutions
23K
Contributors
Anti-virus software was originally developed to detect and remove computer viruses. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious layered service providers (LSPs), dialers, fraud tools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity theft (privacy), online banking attacks, social engineering techniques, Advanced Persistent Threat (APT), botnets and DDoS attacks.
Top Experts In
Anti-Virus Apps
-
1
btan8,200 points -
2
Experienced Member5,908 points -
3
Scott C2,000 points -
4
dfke2,000 points -
5
PRADIIP SINGH2,000 points -
6
Andrew Leniart1,644 points -
7
Thomas Zucker-Scharff1,286 points -
8
McKnife1,248 points -
9
Shaun Vermaak1,248 points -
10
arnold1,220 points -
11
Experts Exchange1,009 points -
12
Qlemo1,000 points -
13
Mal Osborne1,000 points -
14
fred hakim1,000 points -
15
nobus832 points -
16
Jackie Man832 points -
17
dbrunton600 points -
18
Lee W, MVP500 points -
19
andyalder480 points -
20
masnrock400 points
-
21
Chris Swinney332 points -
22
NVIT248 points -
23
Ramin248 points -
24
rpggamergirl204 points -
25
jmlamb124 points