Administrators Marcos 5,074 Posted September 13, 2019 Administrators Share Posted September 13, 2019 AV is required to protect you from malware. It cannot 100% substitute installation of critical updates addressing vulnerabilities or prevent attacks. If you know about such AV that can prevent any attacks and substitute carrying out security measures and policies that should be taken care of by security administrators, feel free to tell. Link to comment Share on other sites More sharing options...
itman 1,659 Posted September 13, 2019 Share Posted September 13, 2019 (edited) 27 minutes ago, JigneshC said: say slowly that it has defender, no need AV On that regard, review its performance against exploits and fileless malware on this AV lab test: https://www.mrg-effitas.com/wp-content/uploads/2019/08/MRG_Effitas_2019Q2_360.pdf where it missed 80% of the malware samples while at the same time scoring highest in false positives. Edited September 13, 2019 by itman Link to comment Share on other sites More sharing options...
itman 1,659 Posted September 13, 2019 Share Posted September 13, 2019 (edited) As far as how other AV's handle external network Win RDP, it appears Kaspersky Endpoint doesn't allow it period to its GUI interface as best as I can determine. Refs..: https://support.kaspersky.com/us/9400 https://support.kaspersky.com/us/10947 Edited September 13, 2019 by itman Link to comment Share on other sites More sharing options...
Alex21 1 Posted September 14, 2019 Share Posted September 14, 2019 Try Kasperspy for decrypting the files. About the Ransomware, you need to remove it from Registry or download MalwareBytes to delete it, but you will need to end the task if the ransomware has it's own decrypting program like Wannacry or CryptoLocker. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted September 14, 2019 Administrators Share Posted September 14, 2019 36 minutes ago, Alex21 said: Try Kasperspy for decrypting the files. About the Ransomware, you need to remove it from Registry or download MalwareBytes to delete it, but you will need to end the task if the ransomware has it's own decrypting program like Wannacry or CryptoLocker. As I have already stated, nobody but the attackers can decode files encrypted by Filecoder.Phobos. However, there is a slim chance that the police will seize attackers' servers or the attackers themselves will disclose master decryption keys in the future so that decoders could be created for users, hence it's a good practice to keep important encrypted files even if decoding is not possible now. If the ransomware was running, it would have been detected by ESET, that's not the problem here at all. Link to comment Share on other sites More sharing options...
Recommended Posts