This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Auto restart of AV services.

As you may know there are many viruses out there that attempt to shut down the AV service in the backgroud without user knowledge. I have figured out a way using our LEM (Solarwinds Log and Event Manager) to restart any AV service as soon as it's shut down. I've been running it for a while with Sophos AV and another AV without any issues. It looks for "Service Stop" events.

If you have the LEM or similar and are interested let me know.

Mark.

This thread was automatically locked due to age.

Parents

0 QC over 10 years ago

Hello Mark,

during updates (actual updates, not just checks) the SAV service is restarted. Apparently LEM doesn't cause issues but be warned.
Now, malware which shuts down AV might monitor its "success" the same way LEM does, so ... And why should malware stop at AV and not also target monitors?

Christian
:56500
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 QC over 10 years ago

Hello Mark,

during updates (actual updates, not just checks) the SAV service is restarted. Apparently LEM doesn't cause issues but be warned.
Now, malware which shuts down AV might monitor its "success" the same way LEM does, so ... And why should malware stop at AV and not also target monitors?

Christian
:56500
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data