Jump to content

babi2002

Members
  • Content Count

    7
  • Joined

  • Last visited

About babi2002

  • Rank
    Candidate
  1. Hi Konstantin, we don't know which is the infected file... The report doesn't show it... We only know that the infected object is in "System Memory" and the user is the NT-Authority\System, maybe is some OS process or logon script... If I can do anything for to provide you more information, let me know how and I provide you it... Thanks!! David.
  2. Hi Dmitry/Ivan, sorry for my late answer... I attach the full event... Thanks!! David.
  3. Hi Ivan, do you mean this??? (see the picture attached) If not, could you tell me how I can see the full event?? Thanks!! David.
  4. Hi Ivan, the report says "System Memory" in the path... I can see this too: The disinfection time is at 3:30am. I think is when the hypervisor deploy the VDI instances... Also, we are having got some troubles with the file "SettingSyncHost.exe" in the windows login, I don't know if the two problems are related.... Thanks!! David
  5. Hi to all, I'm trying to find some information about this trojan, but I haven't found anything... I have got a customer who has got installed KS Light Agent 5 in his network. The machines are VDI with win2016, this instances are reformated every night and every day, in the reports, he find this trojan disinfected in all instances with LA5... He has more instances with LA4 and he hasn't any issue about this. Somebody could provide some info about this trojan??? Could maybe be a some win2016's process?? Thanks!! David
  6. Hi Ivan, it's disabled too... Is it possible that these modules are affecting to this software even when are disabled??? Thanks!! David
  7. Hi to all, we have got installed the KSV Light Agent 5 and we have an anti ramsonware software which is started when windows starts. The KSV is blocking this application starts, but the application startup control is disabled... Is it possible??? How could allowing this software??? Thanks a lot!! David
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.