ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. antivirus
    Log in to post
    • All categories
    • WrCombs

      When Anti-Virus Companies Get Hacked: Symantec, Trend Micro, and Intel McAfee
      IT Discussion • antivirus hacked breach symantec av trend micro mcafee intel • • WrCombs

      10
      0
      Votes
      10
      Posts
      308
      Views

      scottalanmiller

      @Dashrender said in When Anti-Virus Companies Get Hacked: Symantec, Trend Micro, and Intel McAfee:

      I can't recall if the bad ccleaner was signed or not?

      Even if it was, that would be a Microsoft compromise. This is about the AV vendors getting hacked.

    • Ambarishrh

      ScreenConnect/Connectwise control client exe (marked as malicious)
      IT Discussion • connectwise screenconnect antivirus • • Ambarishrh

      27
      0
      Votes
      27
      Posts
      1381
      Views

      scottalanmiller

      @dbeato said in ScreenConnect/Connectwise control client exe (marked as malicious):

      @JaredBusch said in ScreenConnect/Connectwise control client exe (marked as malicious):

      @dbeato said in ScreenConnect/Connectwise control client exe (marked as malicious):

      @scottalanmiller said in ScreenConnect/Connectwise control client exe (marked as malicious):

      @dbeato no, just an online file by file virus scanner?

      No, (although it should be for another thread) it gives you information about the file, file hash. or URL in question. Example below is the Itarian Remote Control application Executable:
      2019-04-23_0039.png

      It compares the has of the file to multiple AV and Technology companies to see if the hash has been flagged as malicious or not or if it is questionable.

      How is that useful? The executable is rebuilt on every install for every group that it auto links to. that makes a hash useless.

      That might be true for ConnectWise but not all Executables create a new hash everytime.

      And in those unrelated cases, lots of things flagging the would be more meaningful.

    • scottalanmiller

      Windows Server 2019 Need to Download and Run without AV Deleting Files
      IT Discussion • windows windows server windows server 2019 windows defender av antivirus cli command line • • scottalanmiller

      11
      0
      Votes
      11
      Posts
      552
      Views

      scottalanmiller

      @black3dynamite said in Windows Server 2019 Need to Download and Run without AV Deleting Files:

      https://www.thomasmaurer.ch/2016/07/how-to-disable-and-configure-windows-defender-on-windows-server-2016-using-powershell/

      For now, just temporary disable Real-Time Protection via PowerShell
      Set-MpPreference -DisableRealtimeMonitoring $true

      Download the executable and scan it manually before you install
      Start-MpScan -ScanPath C:\datastore\file.exe -ScanType QuickScan

      Enable Real-Time Protection after the install
      Set-MpPreference -DisableRealtimeMonitoring $false

      Excellent, now THAT did it.

    • WrCombs

      Microsoft Security Essentials - Script?
      Water Closet • windows 7 pro windows microsoft security essentials antivirus • • WrCombs

      6
      0
      Votes
      6
      Posts
      174
      Views

      WrCombs

      @Dashrender said in Microsoft Security Essentials - Script?:

      Do you have a remote access solution for these machines?

      If not, Mesh Central might be a real life saver - then you could remote in and run these commands. No driving required.

      What do you meant "Remote access solution"?
      if the question is "DO i have remote access" ?
      then the answer is yes .

    • wrx7m

      Webroot SecureAnywhere Business Replacement?
      IT Discussion • webroot antivirus intune defender ninite pdq depoy secureanywhere • • wrx7m

      45
      1
      Votes
      45
      Posts
      1755
      Views

      dbeato

      @wrx7m said in Webroot SecureAnywhere Business Replacement?:

      @momurda said in Webroot SecureAnywhere Business Replacement?:

      This task Manager behavior is from Webroot?
      I see it occasionally; one developer in particular says it is always a problem.

      https://community.webroot.com/t5/Webroot-SecureAnywhere-Complete/Task-Manager/td-p/309032

      According to the most recent post in that thread (edit - the most recent post is currently 2 weeks old), a beta release fixes this issue. Being that the thread started in December of 2017, it goes to show how long it takes them to fix things.

      yes, that is also what we found out, especially in Windows 10.

    • mlnews

      New Attack Vector for your Computer - AV Itself.
      News • ars technica security antivirus • • mlnews

      1
      4
      Votes
      1
      Posts
      398
      Views

      No one has replied

    • wrx7m

      Webroot - Limiting Access to Shutdown Protection to Admins
      IT Discussion • webroot av antivirus • • wrx7m

      21
      2
      Votes
      21
      Posts
      1713
      Views

      coliver

      @wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:

      Thanks, everyone. Policies are the way to handle it.

      Has anyone needed to exclude services/files/directories from being scanned by webroot? For instance, Exchange, SQL, IIS, etc?

      Not really. It was recommended by some software vendors but we ignored it and everything kept humming along without issue.

    • wrx7m

      Trend Micro OfficeScan Renewal Coming Up - Replacements?
      IT Discussion • av antivirus antimalware • • wrx7m

      35
      0
      Votes
      35
      Posts
      2921
      Views

      wrx7m

      @momurda - I will have to keep an eye on the last seen. So far, those reports are accurate on mine, as they are newly-imaged computers that have not been deployed.

    • Emad R

      Really Panda AV?
      IT Discussion • panda av antivirus • • Emad R

      46
      2
      Votes
      46
      Posts
      3085
      Views

      dbeato

      @stacksofplates Yeah, I work mostly in WIndows 10 but my laptop is based on Ubuntu right now.

    • nadnerB

      Home Anti-virus
      IT Discussion • antivirus • • nadnerB

      68
      1
      Votes
      68
      Posts
      5488
      Views

      Obsolesce

      Please don't reference bad links.

    • mlnews

      Webroot in Massive Failure with Monday Update
      News • webroot ars technica antivirus • • mlnews

      9
      2
      Votes
      9
      Posts
      968
      Views

      scottalanmiller

      Rough week, first Webroot, now Netgear.

    • Deleted74295

      Webroot - Malicious autorun scripts on USBs
      IT Discussion • webroot avast security antivirus • • Deleted74295

      17
      3
      Votes
      17
      Posts
      1238
      Views

      Reid Cooper

      And a lot of people set it to "always do" something bad, then it doesn't ask again.

    • mlnews

      Cylance Unbelievable Tour Lives Up to Name, Can Cylance Be Trusted?
      News • cylance antivirus antimalware security ars technica • • mlnews

      46
      3
      Votes
      46
      Posts
      3290
      Views

      dbeato

      @RojoLoco Today on this too:
      https://community.spiceworks.com/topic/1985267-av-conspiracy-theory-or-reality

    • mlnews

      Installing Linux Malware Detect and ClamAV on CentOS 7
      News • linux linux malware detect clamav antivirus antimalware centos centos 7 rhel rhel 7 howtoforge • • mlnews

      4
      4
      Votes
      4
      Posts
      1324
      Views

      travisdh1

      @scottalanmiller said in Installing Linux Malware Detect and ClamAV on CentOS 7:

      @travisdh1 said in Installing Linux Malware Detect and ClamAV on CentOS 7:

      Any reason to use LMD instead of or in addition to rkhunter?

      Doesn't rkhunter focus only on root kits?

      Mostly, but this was the first time I remember hearing about LMD.

    • steve

      Nic Tolstoshev: Webroot on Security 2016
      MangoCon • webroot nic tolstoshev security antivirus malware youtube • • steve

      1
      2
      Votes
      1
      Posts
      702
      Views

      No one has replied

    • thwr

      What's your favorite AV for home use?
      IT Discussion • antivirus soho • • thwr

      22
      1
      Votes
      22
      Posts
      1392
      Views

      coliver

      Windows Defender... works well enough and is included with the operating system.

    • IRJ

      Sophos Intercept X
      IT Discussion • sophos ransomware antivirus • • IRJ

      3
      2
      Votes
      3
      Posts
      803
      Views

      scottalanmiller

      https://vimeo.com/182707041

    • nadnerB

      Sophos False Positive with WinLogon.EXE
      News • sophos security antivirus • • nadnerB

      15
      3
      Votes
      15
      Posts
      2856
      Views

      StrongBad

      @Dashrender said in Sophos False Positive with WinLogon.EXE:

      @StrongBad said in Sophos False Positive with WinLogon.EXE:

      @Dashrender said in Sophos False Positive with WinLogon.EXE:

      other than webroot, who's had more false positives at my one client who uses them than panda that I have been running for 10+ years.

      I'm not understanding your statement. This feels like only part of a sentence. Is this a question?

      It's a statement - I'll re-word.

      Webroot has had more false positives in the 3 years a client of mine has been using Webroot, than I have had in the 10+ years another client has been using Panda AV.

      So while I love Webroot (primarily the journaling), it does require more support than other options I have/do use.

      I see, thanks for the clarification. That's not what I had read you to mean at all. That makes more sense.

    • Deleted74295

      Cylance Questions
      IT Discussion • cylance security antivirus • • Deleted74295

      49
      3
      Votes
      49
      Posts
      7136
      Views

      BRRABill

      @Richard_Cylance said in Cylance Questions:

      FTFY - Sold = Lost. Exec = guru

      This reminded me of the following Simpsons clip:
      Youtube Video

    • RojoLoco

      Torch malware / browser?
      IT Discussion • antivirus malware • • RojoLoco

      7
      2
      Votes
      7
      Posts
      1151
      Views

      RojoLoco

      @BBigford said in Torch malware / browser?:

      If we're talking about the same Torch, it's not malware. It has a torrent client embedded in it so that might be throwing up a flag.

      Not to say it might be a phishing variant, or be compromised in another way. But the browser itself is fine (based on Chrome). Used it for a couple years before moving on.

      I saw that there is a split on whether or not it is technically "malware", but that's not as much my concern. I just need to be able to positively tell the customer that it didn't come from our side (and I'm feeling pretty confident in that it did not).

      And to my eyes, @BBigford, its behavior absolutely qualifies it as malware. Too much sneaky stuff going on when you use it, pop up ads all over the place, the use of the word "toolbar", etc, but I digress.