Virus Help Notes

To prevent virus on server from using port 3389 for Remote Desktop follow link in next column. Search for "I should have been more clear" Prevent Remote Desktop

To start Task Scheduler in Windows 10:

Start Run taskschd.msc

Steps to remove virus from WMI

Read page 17

or try Batch File FixIGG.bat

Webroot Windows Files False Positive      

End Point Monitoring:

  1. Monitor for non-typical open files.
  2. Look for which processes that have certain files open to assist in determining what the processes are doing.
  3. Profile individual processes running by default on a system to ascertain which binaries need to be investigated for vulnerabilities.
  4. Verify if any processes are monitoring keystrokes.
  5. Install new images on an endpoint test machine before deploying it on the AD network.
  6. Also, known good images used for developing specific new images for target hardware should have their unique aspects analyzed with a dynamic or runtime application security tool to determine if any common vulnerabilities are present.