[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

Anti-Virus Apps

22K

Solutions

23K

Contributors

Anti-virus software was originally developed to detect and remove computer viruses. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious layered service providers (LSPs), dialers, fraud tools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity theft (privacy), online banking attacks, social engineering techniques, Advanced Persistent Threat (APT), botnets and DDoS attacks.

Share tech news, updates, or what's on your mind.

Sign up to Post

a couple of years back, Trendmicro's  .DAT file can be searched using (find or grep command) for
certain malware names.

I'm now using OfficeScan V12.0.1352 & I think the signature file is VsapiNT.sys

I'm trying to track if  globeimposter  ransomware is in our current officescan signature &
the 2 links below seems to say that TM has documented them quite some time ago:
 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-august-4th-2017-globeimposter-notpetya-and-more/
 https://www.trendmicro.com/vinfo/in/security/news/cybercrime-and-digital-threats/ransomware-recap-crypshed-spoofs-amazon-in-ransomware-campaign

but when I searched for "glob"  (I suppose FakeGlobal as it's known to Trendmicro) would have it
listed in the latest VsapiNT.sys signature but it's not there:
appreciate steps on how to list the malwares covered by Officescan's signature file:

C:\foren>find/i "glob" *.sys |more

---------- TMPREFLT.SYS

---------- TMXPFLT.SYS

---------- VSAPINT.SYS
GlobalAddAtomA
GlobalAddAtomW
GlobalAlloc
GlobalCompact
GlobalDeleteAtom
GlobalFindAtomA
GlobalFindAtomW
GlobalFix
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnWire
GlobalUnfix
GlobalUnlock
GlobalWire
MakeCriticalSectionGlobal
JungUm Global
Corel Global Macro(GMS)
GLOBAL:
GLOBALNE:
GLOBALDOTPROMPT
GLOBAL
GLOBAL.DOT:
GLOBAL:
ExecuteGlobal
Global
0
Webinar: Miercom Evaluates Wi-Fi Security
Webinar: Miercom Evaluates Wi-Fi Security

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom how WatchGuard's Wi-Fi security stacks up against the competition in our upcoming webinar!

we have mcafee endpoint enterprise 4.4 running on windows server 2008 r2.

agents installed on 1500 clients

we are now moving to windows 2016 and I need to move my antivirus to the lates version on to a  windows 2016 server.

can I get the migration procedure of mcafee and what is the the upgrade path to the latest version
0
Q1:
Without saving an email's attachment & then manually (ie on-demand) scan the
saved file, is there any AV that could auto-scan (ie in almost real-time or on-access)
an email attachment (even before the user double-click/open the attachment)?

Q2:
Can BitDefender or Trend's Officescan do the above?
0
I've seen an ex-colleague blocking file extensions from being created using a feature in McAfee
(can't recall the name).

Can someone provide the steps to do this in Trendmicro Officescan's management console?
What's this feature called in Officescan?
0
Residential client brought a computer the other day that is interesting.  He has a folder on the desktop named "TOOLS".  Inside the folder are random picture files by extension and misc other extensions.  38,000+ files in fact.  I cannot delete the folder under any OS (Linux, Ubuntu, Windows, Windows PE) connecting it to another system.  I have tested the drive with WD Lifeguard diagnostic and found no problem.  No performance issues with the drive (Seagate 500GB).  SMART shows no concerns.  CHKDSK shows MFT is corrupt and repairs.  Norton and many other virus scanners find every file in the folder to be a virus, ADS, or something unwanted beyond PuP.  I have never failed to remove a folder or file under Ubuntu.  Another note is that it generally takes hours to access the profile folder in order to even see the TOOLS folder.  Running scans took days to get partially through the TOOLS folder and cannot remove anything as of yet.  Most of the scans are performed on a bench PC with this drive attached, and still have problems.  I assume it is a combination of HDD problems (which I cannot determine) and virus infection.  The folder appears to have been created in September 2014.  The user has no recollection of how it came to be or when.  He did state that years ago he got a fake tech scam call and let them into his computer.  He only does e-mail and web browsing, so there wasn't anything exciting to steal from him.  He didn't pay them, and that was the end in his mind.  This is …
1
To protect our corporate users from being compromised when they
connect to outside Wifi (which may be potentially rogue Wifi), is it
feasible if we implement MS Direct Access or Always-On-VPN?

https://technet.microsoft.com/en-us/library/dd759144(v=ws.11).aspx
https://directaccess.richardhicks.com/tag/directaccess-alternatives/

The products above would establish a tunnel so the rogue Wifi can't
steal credentials nor data & with VPN established, I suppose malwares
can't infect the laptops as the rogue Wifi has no connection to the laptop
(tunnel-protected) or did I get this idea wrong ie can still get infected
even with such tunnel??

We still want the users to be able to access Internet but protect them
in the event they're using a rogue Wifi
0
Symantec Endpoint Protection Manager not getting updates after upgrading to 14.2 build 770

upgraded my symantec server to latest version and no live updates is getting downloaded, i uninstalled live update and reinstalled. also registered with SEPM via command prompt
1.png
0
What is the easiest and most effective way to get rid of the Trojan.JS.Dropper.E?
1
Dear Team, our server 2008R2 has many AVP.exe processes (Kaspersky Endpoint Security) that we could not stop. It showed errors when we tried to end task:

avp.PNG
avp1.PNG
We also tried some commands on CMD/PowerShell but it did not help. Administrator has FuLL-control right but it keep showing "Access is denied"
taskkill /PID "number" /F
Get-Process -Name "avp" | Stop-Process -Force


Could you please suggest? Many thanks!
0
I have a Laptop (Windows 10 Pro 64 bit) that is infected with the virus/malware that displays a Microsoft window/logo claiming that the laptop is infected and I need to call this 1-800 number to reach a Microsoft support technician to resolve the infections/issues on the laptop.  I know it is not a valid 800# and it is an infection.  This is the third time in a year this has popped up on this laptop.  I feel that I am NOT cleaning the laptop properly !!!  Perhaps missing a "Trojan package" or something.  Any suggestions for a proper thorough scanning/cleaning/removal process on this Laptop.  Thank-you
0
Determine the Perfect Price for Your IT Services
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

I am currently running Symantec Endpoint Protection 11.0 on one of our computers.  I am getting an error in the event log that states "The Symantec Eraser Control driver service failed to start due to the following error:  The specified procedure could not be found."  Does anybody know if the Symantec Eraser Control driver is part of the Symantec Endpoint Protection 11.0 package or if it is leftover from a previous version of antivirus installed on this computer.  If it is leftover, what is the proper method to uninstall it?
0
Firefox Browser is being held by this screen
Browser MessageA women's voice tells me something about "invalid version and computer is locked".  Also to "Call Microsoft support at 866-371-0354"

I go this message while trying to play a video on Motrorcycle (RacerX) site I've visited daily for at least he last 10 years.

I shut off and turned back on the computer but every time I open Firefox this appears.  I am not having any trouble with MS Explorer, which is how I got to the EE site to post this question.

I use McAfee Total protection.  When I open McAfee to do a virus scan, the scan button seems to be disabled.  I click it and nothing happens.

What can I do to get rid of this virus?

This is a Windows 7 Pro machine
0
Hi guys,
i'm looking for a decent, preferably free, VPN in the UK for a friend of mine. He says he's not bothered about downloads or porn but is looking to reduce the amount of info Big Brother is collecting about him. All suggestions are much appreciated.
Cheers,
Steve.
0
I have been using Delphi 7 in Windows 10 for quite awhile.

I use ESET Internet Security as my anti-virus/anti-malware protection.

A recent update in ESET has caused problems with D7 - when I run a program from the IDE, the program never starts - it appears as though ESET is blocking the "integrated debugger" from attaching to the process.

I can disable all protection and everything works.

I'm looking for alternate solutions - something I might be able to add as some type of exception rule in the anti-virus to allow the integrated debugger to work.

Is the integrated debugger actually "integrated" in delphi32.exe, or is it called by the IDE?  That is, is there a DLL or exe that can be identified as exception to anti-virus program?

TIA.

EdB
0
User believed that their computer was hacked, and some sort of malware was sending out messages.
They received several phone calls from friends who had gotten blank email messages.

I installed and ran Malwarebytes, which removed 717 components of Potentially Unwanted Programs. McAfee had been previously installed, but that protection didn't notice what Malwarebytes found and quarantined.

I noticed that there was something, possible an extension, that was added onto chrome.  I

Is there anything else that I should run?
What's a good way to check if emails are still being sent out?


Thanks.
0
This is not a tech question but looking for suggestions. I want to send email to non - tech end users to follow some best practices to avoid spam emails / malware / spyware/ viruses on their computers. They are using Office365, Dropbox, internal file server, heavy internet browsing, Outlook.

Watching out for certain type of emails, avoid possible threats by following good practices etc.

If you can send me some links of good articles that I can simply forward to end users for them to read up on to  increase their knowledge that would be great!
I can google few articles myself but wanted to see if anyone have their favorite articles or blog posts already.

Thanks!

Nick
0
Hello I can't seem to remember how to update my client's McAfee on my closed loop test network.  It's been a little bit so let me explain what i can remember, I would update the definitions / versions on laptop, then copy those files into a repository on share which all client are pointed to for their updates.  That's all i remember & having a hard time getting it working again.  I can't remember which files need to be copied & where there at..

Thx
0
Hi,
Is there any better Anti-virus tool in Windows server? In the attached screenshot, would Clamwin further totally remove the virus or not?
0
I run AVG Anti-virus, Hitman Pro and Anti-malwarebytes on one of my computers.  Over the last several weeks I am running into a whole lot of system problems.  I tried to install avg tuneup today and it would not install.  I called AVG and they stated that it appears that I have a network worm.  So I booted up in safe mode, ran avg scan and anti-malwarebytes.  

I also ran hijackthis, to attempt to get rid of the nastiness but one entry will not delete.   It has been a long time since I have cleaned pcs.  Anyone here like to direct me on how to get rid of this thing and clean up my computer so it runs right?

Thanks,
0
Redefine Your Security with AI & Machine Learning
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

We have been hit with ransomware.  Please see the attached screenshot.

The file extensions have been changed to STG.

They hacked into the network, created admin users and made them part of the Admin group, created shares etc.
0
A new client was infected with Cryto virus. The office has 3 winodws server running on vmware and about 10 desktop computers running windows 7 and 10.  As described by them they got infected last week but since they had backup the office manager proceeded to run malwarebytes on all computers, removed the malware and wiped out the a client pc that was infected.  They told me today that the cryptovirus reappeared and and some folders in the server were encrypted but they shut everything down.

Now is my job to make sure I remove the virus. What i'm thinking:
purchased a managed antivirus solution, i'm considering kapersky.
install a real business firewall solution.

My question is this;
will the AV solution really remove the virus and anything that's dormant or i need to wipe our the servers and reinstall?
the windows servers are hosted no vmware 5.5, is there a way for me to scan the "windows servers" before they boot up into windows, something like booting from a USB drive
Besides the obvious of AV, is there anything else i should keep in mind to make sure the virus is gone once for all?

thanks.
0
Hi All,
we have a need to have developers to upload files to azure blob storage, since we can't control what machine they use when they upload the files, I wonder if there is any way we can implement so we can do virus/malware scan on azure blob storage?

I googled around and doesn't seem that Microsoft currently offer native solution.

Please advise. thank you
0
We currently use iSheriff to control all of our users' Internet activity, web browsing and Anti-Virus.  I am very pleased with their services, however, they will no longer be around after the end of this year.

I am looking for recommendations on other companies offering these types of services.  I would prefer advice from EE users that have actually used the product they recommend.

We are The Society for Prevention of Cruelty to Animals Los Angeles, non-profit, so cost is a factor.  My budget is around $3500, per year.   We have 80 employees.
0
Since AVG upgraded to version 18.4.3056 we have been having issues on certain computers, especially Windows 10 pcs.   We are also running Malwarebytes.   Windows 10 machines have a tendency to get the blue screen of death and restart.   Also, these are multiple confirm certificate requests for those programs that require certificates to access.

Friday, a major problem occurred when I was installing Safenet on a Windows 7 machine.   The program did not install correctly and I received an error 1719 Windows Installer error.  I closed the error, the program was not installed.  Since then, any application or process that requires with use of an .exe file does not work.  I receive an Oxc0000142 Application unable to start correctly error.   An older version of Safenet had previously been installed on this particular machine and we were simply upgrading the program.

In an attempt to get the user a computer to use, I was setting up another PC.  All went well until I attempted to do a fresh install of Safenet.  Same errors occurred.  Now two machines are not operational.  

I have been unable to find a way to fix this error.   Federal Reserve (their program requires safenet) says it is not their software.  AVG told me that we should not be running Malwarebytes with their new version because it can cause conflicts.   I am wondering if it was the AV program that caused the installation error, especially since it happened on two Windows 7 PCs.

Does anyone know of a way to fix…
0
Hi all,

we are searching for the best endpoint protection available for SMB. I am looking for the top 3. Currently we are working with Kaspersky Endpoint Security.

Anyone any suggestions?

Thank you,
0

Anti-Virus Apps

22K

Solutions

23K

Contributors

Anti-virus software was originally developed to detect and remove computer viruses. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious layered service providers (LSPs), dialers, fraud tools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity theft (privacy), online banking attacks, social engineering techniques, Advanced Persistent Threat (APT), botnets and DDoS attacks.