Jump to content

JeffIT

Honorary Members
  • Posts

    40
  • Joined

  • Last visited

Everything posted by JeffIT

  1. Hi, I am on GMT so sorry for delayed response. I have readded the AD OU and I am still having many laptops show as unregistered even though they are online now and up to date. What can I try next?
  2. Hi, I have just realised that when I rename a computer the Management Console is showing the computer as unregistered. The computer is up to date and seems fine but the console is not able to see it. What do I need to do to rectify this?
  3. Hi Nasdaq I will run it and post here but I cannot do so until tomorrow morning my apologies.
  4. Log files FRST.txt mbam-log-2019-03-07 (17-07-01).txt Addition.txt
  5. Hi guys, I have a potentially infected computer that came up almost all clear from Malwarebytes AntiMalware, AdwCleaner and FRST scans. AdwCleaner found 1 PUP.optional.legacy and it was cleaned but mbam-log came up clear. Not so sure what to check in the text files from FRST. Would somebody be able to help put my mind at ease by helping me make sure I have done all I can?
  6. Thanks Rbuck117. Quick question, are you looking for logs of this issue or was that text directly from support to you?
  7. OK so only disabled the memory patch hijack selection. I better re-enable the others that I had disabled yesterday. Thanks Rbuck117.
  8. Hi, Today I had a user have an issue with using Office 365 applications and accessing Windows Explorer. The issue was noticed when the end user was trying to insert an image to a Word document. As soon as the folder was selected from Windows Explorer the program would shut down and the Anti Exploit would popup with a warning of an exploit attack. I ran a full scan on Malwarebytes AntiMalware 1.80.2.1012 and also on Microsoft Security Essentials. Both came up clean. After looking for possible causes I noticed the computer updated to the new versions of .Net framework while off the premises yesterday. How do I confirm the computer is clean and also get the end user back operational. I know I can turn off Anti Exploit for particular programs but is this safe to do in this situation?
  9. Thanks Aura this is good to hear. Also I love that hybrid analysis sites breakdown of what is in the virus, it is incredibly detailed and I will spend quite a bit of time have a good read through it. Once again thanks for all your swift responses and help. When I uploaded the attachment initially to VirusTotal.com it came up as if we were the first to come across this particular piece of Malware and naturally we in the IT department got very concerned. We had isolated the machine and immediately ran scans and updated user login details, on another machine, as we were not sure what we were dealing with. In future I will be certain to get on here first as the response was very timely and thorough. Cheers!!
  10. She opened the attachment and all that opened was a document and not a website. I have double checked her laptop, in case she remembered incorrectly, and I can't find anything that was downloaded today. Does this mean we dodged one as it freaked us out when we saw it but no scans seemed to catch it.
  11. Here is the zip of the MB-Check results. Let me know what you need from me next. mb-check-results.zip
  12. Hi Aura, I am in the process of running FRST and MB-Check and will zip and PM you the actual attachments now in a couple of minutes.
  13. Hi, This morning we had an employee open a phishing email and subsequently open one of the two attachments that came with it. When they opened it nothing appeared to happen, so far as they could tell, but they got in touch with us here in the IT department as it seemed odd to them. As soon as we saw the email we could see that it had flags all over it. Anyway we have ran scans and been in touch with our email spam filter guys and they came back to us saying that it was phishing for credentials and possibly more. The laptop is now disconnected from any network and all logins have been changed that the end user would have used. What can we do now in this situation as we ran it through virustotal.com and it showed as not being caught by anything and also only appearing today? Any help you can bring to us here would be very much appreciated.
  14. Hi, Fairly new to using this system and I am trying to get it to a state where everything is in order. I have pushed out the client installs and there were almost no issues. Each PC or laptop accepted it and installed correctly, barring one or two niggles. What has occurred is that a lot of the client devices now show up as "Unregistered", even my own, although they have both Anti Malware and Anti Exploit installed. Initially my laptop showed up correctly, the same as quite a few that have now become unregsitered. How can I get the console to show that each device, that has already got both protections, is online and has whatever it needs? Thanks in advance.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.