New
#21
Your boss is correct. Symantec Endpoint Protection does not even try to keep up with these types of programs.
I suggest that you start using Process Explorer and Autoruns for situations like these.
Drag the target from Process Explorer onto the popup window and it should highlight the process that created it. Open the properties for that process and copy the file name of the exe that created the window. Open Autoruns. After it populates, electronically search for the EXE that created the popup. (Ctrl + F and paste in the EXE). In this case, the EXE should show up in the scheduled task section.
You might also be interested in this: Process Explorer + VirusTotal (to check all processes with 50+ AV's)
@shlack123,
Thanks for posting your findings.
Wow. On-site support. That has got to cost a pretty penny.
You might ask your boss about purchasing some remote control software. TeamViewer is very expensive, but at least you only pay once. There are several other remote control options out there. UltraVNC is free, but requires some work to use it in a secure fashion. i would not use the server mode for unattended remote access.
I wonder what the price of TV will be after today
I was having the same problem. I back tracked to the last apps I downloaded. I deleted icloud I installed by Apple and I haven't seen the annoyance since.
Have you looked in the Action Center (in Control Pane)? This should list the AV programs that are active. You may be able to disable it there and then find out where the offending program resides, then uninstall/delete it. CCleaner (Free) may be of help. I also use Revo Uninstaller Pro (not free) and find it very helpful in these cases. Sysinternals Process Explorer may help, but it's primarily for advanced users. Autostart Program Viewer may be of some help too.
Last edited by vet74; 16 Jul 2015 at 17:16. Reason: oops