Anti-Virus Apps

22K

Solutions

23K

Contributors

Anti-virus software was originally developed to detect and remove computer viruses. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious layered service providers (LSPs), dialers, fraud tools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity theft (privacy), online banking attacks, social engineering techniques, Advanced Persistent Threat (APT), botnets and DDoS attacks.

Share tech news, updates, or what's on your mind.

Sign up to Post

I want to provide a way of excluding a file from some anti-virus software's scanning routine for all my users.

Entering the file path in the AV software for exclusion for a single user works for me. see below:

X:\Users\johns\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\                   [this works for the user johns]

How can I describe this generically so that the exclusion will work for all users
0
Bringing Advanced Authentication to the SMB Market
Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Please provide me with the URL address to download the Mac Symantec antivirus evaluation product.
0
I am assigned to bring the best end point solution .what parameters should i consider for choosing the solution with respect to cost and features to protect 4000 Users.
if there is any comparison available between different endpoint solution specially comparison with paloalto TRAP ll be really appreciated.
0
What is a good anti virus software

Something that may combat ransomware
on windows 10
1
I noticed there were 2 entries called LogMeIn Rescue RC followed by a string of letters and numbers in my my c drive program files x86. I do not know what that is? is it necessary to keep or can I delete that?
0
hi team
we require a script to pull McAfee dat version on our multiple servers as part of health check report. we require to give the list of servers in text file and need a report showing dat version of each server. could anybody please help
0
"check short URL" is not working for me.
Can I get a recommendation of a site I can check my shortened links.
Can someone tell me about this link?
http://ow.ly/sc5930dP4vs
0
Can we create group of endpoints and can we assign policies to that group in trend deep security?
0
Hi, does anyone use this software before?

Do you know how to calculate the amount of license which need to be covered? And is there any risk if I install both Kaspersky Endpoint Security and Mail Security on the same server?

We have 6 Exchange Mail Servers.

Many thanks!
0
Latest version of Win 10 Pro running on Surface Pro 4.

I did a full OS reset to rule out a virus or some weird OS corruption, but again when I click on an open program on the taskbar instead of opening that active window it opens another instance i.e another Firefox window or Excel sheet. Temp fix is to reboot and it may be good for like 10-15 and the it start happening again. The mouse seems to be erratic but even if my surface does not have any peripherals connected it does the same thing

Any idea what this could be?
0
On Demand Webinar: Networking for the Cloud Era
LVL 9
On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Hi all.
I need guidance/ assistance in if anyone has done a similar project? Rolling out kaspersky and uninstalling sophos..
We have around 900 workstations and 100 servers (VMs)...anyone has done a project plan Project plan ..risks...dependencies plan?
0
A customer of mine would like to fully license the Symantec Endpoint Protection 14 Trialware once the trial ends.

We would like to install the antivirus software on a Server 2012 R2 Datacenter server and on two Windows 10 64-bit OS computers.

How much will this cost?

Will it be less expensive to license this software through a third party vendor rather than Symantec?

This software has been downloaded and installed from these URLs:

https://resource.elq.symantec.com/campaigns-endpoint-protection?&om_sem_cid=biz_sem_s17674514840211|pcrid|155284187497|pmt|b|plc||pdv|c

https://trial.symantec.com/lp?pid=1-en-us&q=2r.3r.5r.6.7r.9r&cid=70138000001QIkWAAW&inid=us_symc_endpoint-protection_clp_to_leadgen_trialware_PID-1_endpoint-protection
0
I have two Windows 10 Lenovo laptops that are both infected with malware, spyware, adware, and viruses.

I have removed these hard drives and have connected them as secondary hard drives to another Windows 10 desktop.

Currently I'm scanning the infected drives with Malwarebytes, Symantec Antivirus, and Windows Defender.

What other scans or repairs can I run on these infected hard drives to hopefully remove all malware, spyware, and viruses?

For example what other utilities or programs can be run and what Windows utilities or tools such as SFC and DISM can be used?
0
Hi Guys,

does anyone know how i put an IP exception in our Symantec Endpoint Protection Manager?

i can see guides on the support site for SEP but nothing that specifically relates to an IP address exception. I cant see any obvious options for it and i have no prior experience with the console.

does it go under Policies > Firewall?

the reason for the request is we have Spiceworks on the LAN and it is causing warning messages to pop up on users PC's as SEP keeps blocking it. need to put an exception in for the spiceworks server.
0
I have the yara rule shown below from Kaspersky. I've put it in my Linux system running clamav-milter. I'd like to test this rule by sending a message. I've sent a message contaning string $a3, but it was not caught.

To test yara generally, I have created a simple rule with a single string and sent a message containing that string and it was caught, so yara rule checking is enabled.

Perhaps just sending string $a3 is insufficient? What does "uint16(0)" mean? That appears to be an "and" condition.
rule ransomware_exPetr {
meta:

    copyright = "Kaspersky Lab"
    description = "Rule to detect PetrWrap ransomware samples"
    last_modified = "2017-06-27"
    author = "Kaspersky Lab"
    hash = "71B6A493388E7D0B40C83CE903BC6B04"
    version = "1.0"

strings:

    $a1 = "MIIBCgKCAQEAxP/VqKc0yLe9JhVqFMQGwUITO6WpXWnKSNQAYT0O65Cr8PjIQInTeHkXEjfO2n2JmURWV/uHB0ZrlQ/wcYJBwLhQ9EqJ3iDqmN19Oo7NtyEUmbYmopcq+YLIBZzQ2ZTK0A2DtX4GRKxEEFLCy7vP12EYOPXknVy/+mf0JFWixz29QiTf5oLu15wVLONCuEibGaNNpgq+CXsPwfITDbDDmdrRIiUEUw6o3pt5pNOskfOJbMan2TZu" fullword wide
    $a2 = ".3ds.7z.accdb.ai.asp.aspx.avhd.back.bak.c.cfg.conf.cpp.cs.ctl.dbf.disk.djvu.doc.docx.dwg.eml.fdb.gz.h.hdd.kdbx.mail.mdb.msg.nrg.ora.ost.ova.ovf.pdf.php.pmf.ppt.pptx.pst.pvi.py.pyc.rar.rtf.sln.sql.tar.vbox.vbs.vcb.vdi.vfd.vmc.vmdk.vmsd.vmx.vsdx.vsv.work.xls" fullword wide
    $a3 = "DESTROY ALL OF YOUR DATA! PLEASE ENSURE THAT YOUR POWER CABLE IS PLUGGED" fullword ascii
    $a4 = "1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX" 

Open in new window

0
This question may not make sense at all but would like to still give it a go:

what are the risks our EMC VMAX SAN to ransomwares & how are the attacks/
infections likely to occur?

Our MS Exchange's huge partitions are on SAN as well as our servers' database
& applications partitions.  Our PCs/laptops don't use SAN.

I can see the largest malwares & ransomwares being blocked is via our emails
(in thousands or tens of thousands monthly) compared to only a hundred or
less being blocked by endpoint AV & proxy : so how is this translated to our SAN?

A very unique question from our management.

So how do we mitigate ransomwares risks to SAN?  Just by endpoint AV & our
email filtering (which we use Proofpoint which reported tons of ransomwares
& ransomware downloaders being blocked monthly)
0
Are there any free options?
0
Pics to follow - on smart phone now

Anyone recognise these menus from win xp ?

Trying to get data from xp pc, it's like a slug

Any poss this is an encryption virus ?

Menus look so dated though
0
Infected pc hdd

Remove hdd from pc

Attach usb caddy and connect to my laptop

Remove files I need

Is it very unusual for a virus to jump from a "slaved" usb hdd to my attached laptop?

Is it way way safer to boot from a Linux DVD ?

Safest / best practice to get files back recovered ?
0
Threat Trends for MSPs to Watch
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Hello

One Of our servers which has Kaspersky End Point Security ver 10 Product show the following message from Kaspersky:

Application:     Unknown
User:     NT AUTHORITY\SYSTEM (System user)
Component:     Network Attack Blocker
Result:     Blocked: Bruteforce.Generic.RDP
Object:     TCP from x.x.x.x to local port 3389

We have 4 Servers and this is the only server showing this message,the server behind UTM with IPS enabled and no rules are configured for port 3389.

Also Windows Event Viewer show lot of messages as below :
Remote session from client name a exceeded the maximum allowed failed logon attempts. The session was forcibly terminated.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

What I am missing here and hot prevent this ?

Thank You
0
How to remove this ?

Customer called and Im onsite tomorrow

Thanks
0
Hello Experts,

Would it be possible for someone to explain to me how a satellite server for updates work, whether it is patching or definitions?  Here's what I'm trying to understand:

The use case applies to remote users who don't connect via a VPN on a regular basis.  Is there a way to push the patch or new virus definition out if the user is not on the VPN? I don't think it matters what application is being used, for example, Altiris for patching, TrendMicro/Sophos, etc. for virus definition, etc.

I have heard of using a satellite server for this use case and need to understand how it works.

Thank you,
Steph M
0
I hear there is a bad virus spreading. Is this a Windows virus like wanna cry?

Is there anything in need to do with Mac El Capitan?

Thanks
0
Customer has his but says not all files are encrypted

What the best thing to do now

Thanks
0
My spouse had installed web watcher in my PC. I want to uninstall it. How do I do it
0

Anti-Virus Apps

22K

Solutions

23K

Contributors

Anti-virus software was originally developed to detect and remove computer viruses. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious layered service providers (LSPs), dialers, fraud tools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity theft (privacy), online banking attacks, social engineering techniques, Advanced Persistent Threat (APT), botnets and DDoS attacks.