Windows 10 Defender Won't Start After Malware or Ransomware
-
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating. . . lol.
Also I highly recommend Cybereason RansomFree
-
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
-
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
-
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
-
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
-
@Dashrender said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
Or Sophos did. Hard to tell. We saw the same disablement where there was no infection.
-
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
Also I highly recommend Cybereason RansomFree
Product is no longer developed or supported.
-
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@Dashrender said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
Or Sophos did. Hard to tell. We saw the same disablement where there was no infection.
What version of Sophos? and did it have Intercept X?
-
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@Dashrender said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
Or Sophos did. Hard to tell. We saw the same disablement where there was no infection.
What version of Sophos? and did it have Intercept X?
Didn't check, but probably older. We were just removing it.
-
@Danp said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
Also I highly recommend Cybereason RansomFree
Product is no longer developed or supported.
My installs keep getting updates... Got any confirmation of this?
-
@RojoLoco said in Windows 10 Defender Won't Start After Malware or Ransomware:
@Danp said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
Also I highly recommend Cybereason RansomFree
Product is no longer developed or supported.
My installs keep getting updates... Got any confirmation of this?
-
@RojoLoco Click the link and read for yourself. Also this -- https://www.cybereason.com/hubfs/ransomfree-EOL-message.pdf
-
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@Dashrender said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
Or Sophos did. Hard to tell. We saw the same disablement where there was no infection.
What version of Sophos? and did it have Intercept X?
Didn't check, but probably older. We were just removing it.
I was just asking as we use Sophos and we have seen advert some ransomware or other infections pretty much all the time. So it would be cool to know which ransomware variant was causing this.
-
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@Dashrender said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
Or Sophos did. Hard to tell. We saw the same disablement where there was no infection.
What version of Sophos? and did it have Intercept X?
Didn't check, but probably older. We were just removing it.
I was just asking as we use Sophos and we have seen advert some ransomware or other infections pretty much all the time. So it would be cool to know which ransomware variant was causing this.
Sophos is the primary thing causing this issue for us. It crippled Windows so that even if you removed it, other AV would keep breaking. Really makes me wary of Sophos.
-
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@Dashrender said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
Or Sophos did. Hard to tell. We saw the same disablement where there was no infection.
What version of Sophos? and did it have Intercept X?
Didn't check, but probably older. We were just removing it.
I was just asking as we use Sophos and we have seen advert some ransomware or other infections pretty much all the time. So it would be cool to know which ransomware variant was causing this.
Sophos is the primary thing causing this issue for us. It crippled Windows so that even if you removed it, other AV would keep breaking. Really makes me wary of Sophos.
There is a removal tool for this... AV are meant to not be tampered with which is probably what Sophos did. That is one thing that Sophos does, there is no way to properly uninstall it without a tamper protection password or removal.
-
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@Dashrender said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
Or Sophos did. Hard to tell. We saw the same disablement where there was no infection.
What version of Sophos? and did it have Intercept X?
Didn't check, but probably older. We were just removing it.
I was just asking as we use Sophos and we have seen advert some ransomware or other infections pretty much all the time. So it would be cool to know which ransomware variant was causing this.
Sophos is the primary thing causing this issue for us. It crippled Windows so that even if you removed it, other AV would keep breaking. Really makes me wary of Sophos.
There is a removal tool for this... AV are meant to not be tampered with which is probably what Sophos did. That is one thing that Sophos does, there is no way to properly uninstall it without a tamper protection password or removal.
That's how we describe ransomware!
Getting Sophos to stop scanning isn't an issue, it's getting Sophos to allow legitimate scanning is the issue!
-
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@Dashrender said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
Or Sophos did. Hard to tell. We saw the same disablement where there was no infection.
What version of Sophos? and did it have Intercept X?
Didn't check, but probably older. We were just removing it.
I was just asking as we use Sophos and we have seen advert some ransomware or other infections pretty much all the time. So it would be cool to know which ransomware variant was causing this.
Sophos is the primary thing causing this issue for us. It crippled Windows so that even if you removed it, other AV would keep breaking. Really makes me wary of Sophos.
There is a removal tool for this... AV are meant to not be tampered with which is probably what Sophos did. That is one thing that Sophos does, there is no way to properly uninstall it without a tamper protection password or removal.
That's how we describe ransomware!
Getting Sophos to stop scanning isn't an issue, it's getting Sophos to allow legitimate scanning is the issue!
I can see where it resembles the behavior of a ransomware, same will be for Webroot, they are extremely hard to remove unless you go to SafeMode to remove them. That is one of the ways the combat said ransomware or Malware.
-
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@Dashrender said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
Or Sophos did. Hard to tell. We saw the same disablement where there was no infection.
What version of Sophos? and did it have Intercept X?
Didn't check, but probably older. We were just removing it.
I was just asking as we use Sophos and we have seen advert some ransomware or other infections pretty much all the time. So it would be cool to know which ransomware variant was causing this.
Sophos is the primary thing causing this issue for us. It crippled Windows so that even if you removed it, other AV would keep breaking. Really makes me wary of Sophos.
There is a removal tool for this... AV are meant to not be tampered with which is probably what Sophos did. That is one thing that Sophos does, there is no way to properly uninstall it without a tamper protection password or removal.
That's how we describe ransomware!
Getting Sophos to stop scanning isn't an issue, it's getting Sophos to allow legitimate scanning is the issue!
I can see where it resembles the behavior of a ransomware, same will be for Webroot, they are extremely hard to remove unless you go to SafeMode to remove them. That is one of the ways the combat said ransomware or Malware.
Yeah, except the Sophos got infected as one of our "ground zero" machines, and it looks like Sophos' behaviour might have been a contributing factor to the broader spread of it.
-
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@Dashrender said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
Or Sophos did. Hard to tell. We saw the same disablement where there was no infection.
What version of Sophos? and did it have Intercept X?
Didn't check, but probably older. We were just removing it.
I was just asking as we use Sophos and we have seen advert some ransomware or other infections pretty much all the time. So it would be cool to know which ransomware variant was causing this.
Sophos is the primary thing causing this issue for us. It crippled Windows so that even if you removed it, other AV would keep breaking. Really makes me wary of Sophos.
There is a removal tool for this... AV are meant to not be tampered with which is probably what Sophos did. That is one thing that Sophos does, there is no way to properly uninstall it without a tamper protection password or removal.
That's how we describe ransomware!
Getting Sophos to stop scanning isn't an issue, it's getting Sophos to allow legitimate scanning is the issue!
I can see where it resembles the behavior of a ransomware, same will be for Webroot, they are extremely hard to remove unless you go to SafeMode to remove them. That is one of the ways the combat said ransomware or Malware.
Yeah, except the Sophos got infected as one of our "ground zero" machines, and it looks like Sophos' behaviour might have been a contributing factor to the broader spread of it.
Okay, again this your scenario in which I don't know what is going on. It is hard to see Sophos spreading this. but maybe you mean it allowed the ransomware to be spread because it did not do anything, correct?
-
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@dbeato said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@Dashrender said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
@scottalanmiller said in Windows 10 Defender Won't Start After Malware or Ransomware:
@DustinB3403 said in Windows 10 Defender Won't Start After Malware or Ransomware:
I would think that Windows 10 Defender should continue working during and after malware or ransomware. Rather than just giving up and not operating.
No application keeps working once it has been disabled.
Nothing on the computer works if Defender is disabled? I've not seen that before.
"Application" is the antecedent. Not "Defender."
i.e. the ransomware disabled Defender
Or Sophos did. Hard to tell. We saw the same disablement where there was no infection.
What version of Sophos? and did it have Intercept X?
Didn't check, but probably older. We were just removing it.
I was just asking as we use Sophos and we have seen advert some ransomware or other infections pretty much all the time. So it would be cool to know which ransomware variant was causing this.
Sophos is the primary thing causing this issue for us. It crippled Windows so that even if you removed it, other AV would keep breaking. Really makes me wary of Sophos.
There is a removal tool for this... AV are meant to not be tampered with which is probably what Sophos did. That is one thing that Sophos does, there is no way to properly uninstall it without a tamper protection password or removal.
That's how we describe ransomware!
Getting Sophos to stop scanning isn't an issue, it's getting Sophos to allow legitimate scanning is the issue!
I can see where it resembles the behavior of a ransomware, same will be for Webroot, they are extremely hard to remove unless you go to SafeMode to remove them. That is one of the ways the combat said ransomware or Malware.
Yeah, except the Sophos got infected as one of our "ground zero" machines, and it looks like Sophos' behaviour might have been a contributing factor to the broader spread of it.
Okay, again this your scenario in which I don't know what is going on. It is hard to see Sophos spreading this. but maybe you mean allowed it to be spread because it did not do anything, correct?
Right. It looks like because Sophos appears to have caused the legitimate antivirus to turn on, then immediately disable when the admin looked away, they thought that they were protected, but Sophos was regularly disabling the AV putting them at risk.
