Dear all,

My laptop (Microsoft Windows 10,  Enterprise 2016 LTSB, Build 14393). It's a Dell Latitude and a bit old but was working OK. Lately, it has been slow and displays erratic behaviors (strange processes, pop ups, power Shell down based on Event viewer, will come back to this in a second). Besides the Falcon Sensor Free trial and a paid version of Symantec End point protection, I've run different scans such as ESET  Online Scan, Restoro, I have done that for days with no luck so I think it could be a bad Windows 10 version.

Today when I checked the USERS folder in C, there was a new user! and there were traces of strange events on the event  viewer including the log on of this user (DAU1-2106).

On the other hand, I was installing Visual studio yesterday when the "log on" happened, can Visual Studio create a new user during installation?

I also tried identifying the username of the SID by using the wmic command in cmd and it was not found to be in the domain.



Please let me know if it's safe to attach the files on here as they can contain sensitive information of my network and user names, etc.


Thank you very much and I will check back in a few minutes.

Kind Regards,
D

Hi Experts,

I am trying to install the Windows 10 version 1903 update.

25% of the way I get a message:

What needs your attention:

Avast Antivirus
Uninstall this app because it isn't compatible with Windows 10

But Avast Antivirus is not installed.

Also I downloaded it (from Microsoft Store), installed it, then uninstalled it.

I still get the message:
Avast Antivirus
Uninstall this app because it isn't compatible with Windows 10

I cannot breakthrough this issue.

Regards,
Leigh

Hello, I have purchased a new Laptop with Windows 10 Pro.
This version of Windows has its own built-in AntiVirus Software. (Windows Security).
I am wondering if I need to install AVG or Trend or similar for full anti-virus protection or is Windows Security enough?
Thanks.

Hi. I am getting the following error trying to run an exe file. Is there an easy way to let Norton antivirus know that the file is safe to run

Hello

Can I install Windows Defender Antivirus on Windows Server 2012R2?

if yes, how can I do this?.. where can I download  Windows Defender for Windows Server 2012R2?

Thank you for your help

Is there an Anti-virus add-in for PowerPoint?
I need to be able to scan a PowerPoint file for malware, and was thinking of using an add-in, does anyone know of an add-in that has this functionality?
I was thinking the best way to scan a PowerPoint file for malware is to first renamed the file to have a zip extension, and scan those files for malware.

https://www.ubuntupit.com/best-linux-antivirus-top-10-reviewed-compared/

Referring to above URL, I'm looking for a realtime (ie on-access) AV for
Linux (RHEL, Ubuntu, Debian, CentOS) :
ClamAV requires something additional to be able to do on-access can.

Q1:
is Comodo free of charge?

Q2:
Can it run on RHEL, Ubuntu, Debian & container OS
& offer on-access scan without additional package?


Q3:
Can point me to where to download it & its install/user guide?

Q4:
Can we add hashes to it (when we get threat intel) so that
it can scan the extra IOCs besides virus signatures from Comodo?

Hello,

Please I need to Compare Microsoft Windows Defender vs. Symantec Endpoint Protection (SEP)
I need your advise to choose between Microsoft Windows Defender and Symantec Endpoint Protection (SEP)

Best regards,

Over the last 20-30 years I have gone from Norton Corporate to Trend Micro and now Webroot SecureAnywhere. Now Webroot has followed the others. They have gone to hell. I need a console that will differentiate my Customers from each other. Need a good virus/malware package. Want to keep it simple. Are there any clear cut winners out there today?

We're trying to update our McAfee Agent from 5.0.5.658 to 5.6.1.  We don't use ePO, we're in an isolated network, & have no access to McAfee downloads.  I tried creating an account to login, but it wanted a Grant Number which we didn't have.

OMG: This is driving me crazy!!!!

A user keeps getting his AD account locked every 20 minutes.

I've googled this to death, and even reached out to our ManageEngine AD Audit techs.

In a nutshell, Microsoft isn't capturing the source machine name or IP if the logon request is not from the MS platform (linux/mac) or the authentication request isn't Kerberos.

How in the world am I supposed to figure out the offending machine?

Using this command, then stopping and starting the logon service:
nltest /dbflag:0x2080ffff

The widows\debug log reveals:
07/09 14:38:14 [LOGON] [4304] ECPHFD: SamLogon: Transitive Network logon of (null)\victim_user@ourdomain.com from (none) (via DC-2008-01) Entered
07/09 14:38:14 [LOGON] [4304] ECPHFD: SamLogon: Transitive Network logon of (null)\victim_user@ourdomain.com from (none) (via DC-2008-01) Returns 0xC000006A

"(NONE)" is NOT HELPFUL Microsoft !!!

I've ruled out that these are coming from the outside world so I'm left thinking this is a malicious internal brute force attack or a forgotten app using the user's old password.  We've shut down all of his devices and the problem persists.

#HELP!

Any ideas would be very much appreciated!

Helplessly yours,
Mike

BitDefender is deleting my computer ID.  Thus every time I log into various sites, I have to do two factor authentication.  Not sure what setting is called or what to look for to disable or not have it run every single night.   My computer is locked down and doesn't have any passwords remembered etc. so I feel comfortable turning this off.

Any ideas what I look for?

We had a none critical server get infected with the Cheetah virus.  I have run Sophos and Malwarebytes and neither has fixed it.  I can change the extensions manually but that will take forever.

There must be a simple solution that one of you have tried.   HELP!