Jump to content

JeffIT

Honorary Members
  • Posts

    32
  • Joined

  • Last visited

Everything posted by JeffIT

  1. Hi, Today I had a user have an issue with using Office 365 applications and accessing Windows Explorer. The issue was noticed when the end user was trying to insert an image to a Word document. As soon as the folder was selected from Windows Explorer the program would shut down and the Anti Exploit would popup with a warning of an exploit attack. I ran a full scan on Malwarebytes AntiMalware 1.80.2.1012 and also on Microsoft Security Essentials. Both came up clean. After looking for possible causes I noticed the computer updated to the new versions of .Net framework while off the premises yesterday. How do I confirm the computer is clean and also get the end user back operational. I know I can turn off Anti Exploit for particular programs but is this safe to do in this situation?
  2. Thanks Aura this is good to hear. Also I love that hybrid analysis sites breakdown of what is in the virus, it is incredibly detailed and I will spend quite a bit of time have a good read through it. Once again thanks for all your swift responses and help. When I uploaded the attachment initially to VirusTotal.com it came up as if we were the first to come across this particular piece of Malware and naturally we in the IT department got very concerned. We had isolated the machine and immediately ran scans and updated user login details, on another machine, as we were not sure what we were dealing with. In future I will be certain to get on here first as the response was very timely and thorough. Cheers!!
  3. She opened the attachment and all that opened was a document and not a website. I have double checked her laptop, in case she remembered incorrectly, and I can't find anything that was downloaded today. Does this mean we dodged one as it freaked us out when we saw it but no scans seemed to catch it.
  4. Here is the zip of the MB-Check results. Let me know what you need from me next. mb-check-results.zip
  5. Hi Aura, I am in the process of running FRST and MB-Check and will zip and PM you the actual attachments now in a couple of minutes.
  6. Hi, This morning we had an employee open a phishing email and subsequently open one of the two attachments that came with it. When they opened it nothing appeared to happen, so far as they could tell, but they got in touch with us here in the IT department as it seemed odd to them. As soon as we saw the email we could see that it had flags all over it. Anyway we have ran scans and been in touch with our email spam filter guys and they came back to us saying that it was phishing for credentials and possibly more. The laptop is now disconnected from any network and all logins have been changed that the end user would have used. What can we do now in this situation as we ran it through virustotal.com and it showed as not being caught by anything and also only appearing today? Any help you can bring to us here would be very much appreciated.
  7. Hi, Fairly new to using this system and I am trying to get it to a state where everything is in order. I have pushed out the client installs and there were almost no issues. Each PC or laptop accepted it and installed correctly, barring one or two niggles. What has occurred is that a lot of the client devices now show up as "Unregistered", even my own, although they have both Anti Malware and Anti Exploit installed. Initially my laptop showed up correctly, the same as quite a few that have now become unregsitered. How can I get the console to show that each device, that has already got both protections, is online and has whatever it needs? Thanks in advance.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.