Trend micro 2016

Trellix (previously McAfee) McAfee LiveSafe 2016 (32-bit and 64-bit) McAfee SaaS Endpoint Protection 6.x, 5.x Trellix Endpoint Security v10.7 (previously called McAfee Endpoint Protection 10.x, 32-bit and 64-bit) - Agent not removed McAfee VirusScan Enterprise 8.8, 8.7i, 8.5i, 8.0i, 7.1.0 McAfee Internet Security Suite 2007 McAfee Total Protection Service 4.7* McAfee Total Protection 2008 * McAfee Total Protection Services 4.7. The uninstaller does not run correctly if the UAC is enabled. On 32-bit platforms, user intervention is required. Trend Micro Trend Micro Worry-Free Business Security 9.x (32-bit edition) Trend Micro Worry-Free Business Security 9.x (64-bit edition) Trend Micro Worry-Free Business Security 8.x (32-bit edition) Trend Micro Worry-Free Business Security 8.x (64-bit edition) Trend Micro Worry-Free Business Security 7.x (32-bit edition) Trend Micro Worry-Free Business Security 7.x (64-bit edition) Trend Micro Worry-Free Business Security 6.x (32-bit edition) Trend Micro Worry-Free Business Security 6.x (64-bit edition) Trend Micro Worry-Free Business Security 5.x PC-Cillin Internet Security 2006 PC-Cillin Internet Security 2007* PC-Cillin Internet Security 2008* Trend Micro OfficeScan Antivirus 8.0 Trend Micro OfficeScan 7.x Trend Micro OfficeScan 8.x Trend Micro OfficeScan 10.x Trend Micro OfficeScan 11.x Trend Micro OfficeScan 12.x 32/64 bit * Trend Micro PC-Cillin Internet Security 2007 and 2008 cannot be uninstalled automatically with Windows Vista x64. * Trend Micro PC-Cillin Internet Security 2007 and 2008 cannot be uninstalled automatically with Windows Vista x86 with UAC enabled. Webroot Webroot SecureAnywhere 9

1 13/12/ 2016 , 22)42 Using the Trend Micro Ransomware File Decryptor ToolPage 1 of 6 #Downloading and Using the Trend Micro Ransomware File Decryptor Product/Version: Antivirus+ Security , ! Platform: Windows 10 32-bit, !Updated:""28 Nov 2016 SUMMARYThis guide provides the instructions and location for downloading and Using the latest Trend Micro RansomwareFile Decryptor tool to attempt to decrypt files encrypted by certain Ransomware an important reminder, the best protection against Ransomware is preventing it from ever reaching yoursystem. While Trend Micro is constantly working to update our tools, Ransomware writers are also constantlychanging their methods and tactics, which can make previous versions of tools such as this one obsolete are strongly encouraged to continue practicing safe security habits:1.2 Make sure you have regular offline or cloud backups of your most important and critical Ensure that you are always applying the latest critical updates and patches to your system OS and otherkey software ( browsers).3. Install the latest versions of and apply best practice configurations of security solutions such as TrendMicro to provide mutli-layered Micro customers are encouraged to visit the following sites for more information on Ransomware andprevention best practices:Consumer (Home) customers may visit the following site: Consumer (Home) Customers' Guide on Ransomware :Introduction, Prevention and Trend Micro Security Solutions ( )Corporate (Business) customers may find additional information and guides here: Corporate (Business)Customers' Guide on Ransomware .3 Solutions, Best Practice Configuration and Prevention Using Trend Microproducts ( )DETAILSS upported Ransomware FamiliesThe following list describes the known Ransomware -encrypted files

1 13/12/2016, 22)42 Using the Trend Micro Ransomware File Decryptor ToolPage 1 of 6 #Downloading and Using the Trend Micro Ransomware File Decryptor Product/Version: Antivirus+ Security , ! Platform: Windows 10 32-bit, !Updated:""28 Nov 2016 SUMMARYThis guide provides the instructions and location for downloading and Using the latest Trend Micro RansomwareFile Decryptor tool to attempt to decrypt files encrypted by certain Ransomware an important reminder, the best protection against Ransomware is preventing it from ever reaching yoursystem. While Trend Micro is constantly working to update our tools, Ransomware writers are also constantlychanging their methods and tactics, which can make previous versions of tools such as this one obsolete are strongly encouraged to continue practicing safe security habits:1.2 Make sure you have regular offline or cloud backups of your most important and critical Ensure that you are always applying the latest critical updates and patches to your system OS and otherkey software ( browsers).3. Install the latest versions of and apply best practice configurations of security solutions such as TrendMicro to provide mutli-layered Micro customers are encouraged to visit the following sites for more information on Ransomware andprevention best practices:Consumer (Home) customers may visit the following site: Consumer (Home) Customers' Guide on Ransomware :Introduction, Prevention and Trend Micro Security Solutions ( )Corporate (Business) customers may find additional information and guides here: Corporate (Business)Customers' Guide on Ransomware .3 Solutions, Best Practice Configuration and Prevention Using Trend Microproducts ( )DETAILSS upported Ransomware FamiliesThe following list describes the known Ransomware -encrypted files types can be handled by the latest version ofthe name and extensionCryptXXX V1, V2, V3*{original file name}.crypt, cryp1, crypz, or 5 hexadecimal charactersCryptXXX V4, V5{MD5 Hash}.5 hexadecimal charactersCrysis.{id}.{email address}.xtbl, cryptTeslaCrypt V1**{original file name}.ECCT eslaCrypt V2**{original file name}.VVV, CCC, ZZZ, AAA, ABC, XYZT eslaCrypt V3{original file name}.XXX or TTT or MP3 or MICROT eslaCrypt V4 File name and extension are unchangedRating:485 found this helpfulCategory:TroubleshootSolution Id:111422113/12/2016, 22)42 Using the Trend Micro Ransomware File Decryptor ToolPage 2 of 6 ## TeslaCrypt V4 File name and extension are unchangedSNSL ocker{Original file name}.4 RSNSL ockedAutoLocky{Original file name}.lockyBadBlock{Original file name}777{Original file name}.777 XORIST{Original file name}.xorist or random extensionXORBAT{Original file name}.cryptedCERBER V1{10 random characters}.cerberStampado{Original file name}.lockedNemucod{Original file name}.cryptedChimera{Original file name}.cryptLECHIFFRE{Original file name}.LeChiffreMirCopLock.{Original file name}Jigsaw{Original file name}.random extensionGlobe/PurgeV1: {Original file name}.purgeV2: {Original file name}.{email address + random characters}V3: Extension not fixed or file name encryptedDXXDV1: {Original file name}.{Original extension}dxxdTeamxrat/XpanV2: {Original filename}.5 __xratteamLuckedCrysis.{id}.{email address}.xtbl, crypt* - CryptXXX V3 decryption may not recover the entire file (partial data decryption). Please see thesection titled Important Note about Decrypting CryptXXX V3 below.** - Users will need to contact Trend Micro technical Support to request the separate toolTeslacryptDecryptor MUI for TeslaCrypt V1 and V2 files. Both tools support V3 and V4. Obtaining and Executing the Tool(s)1. Click the Download button below to obtain the latest version of the Trend Micro Ransomware FileDecryptor tool. Decompress (unzip) and then launch either the included RansomwareFileDecryptor exefile.6 $Download RansomwareFileDecryptor ( )2. Upon launch, users will be required to accept the End User License Agreement (EULA) to After accepting the

X El Capitan v10.11 to v10.11.3Impact: A remote attacker may be able to execute arbitrary codeDescription: Multiple vulnerabilities existed in nghttp2 versions prior to 1.6.0, the most serious of which may have led to remote code execution. These were addressed by updating nghttp2 to version 1.6.0.CVE-IDCVE-2015-8659 Intel Graphics DriverAvailable for: OS X El Capitan v10.11 to v10.11.3Impact: An application may be able to execute arbitrary code with kernel privilegesDescription: Multiple memory corruption issues were addressed through improved memory handling.CVE-IDCVE-2016-1743 : Piotr Bania of Cisco TalosCVE-2016-1744 : Ian Beer of Google Project Zero IOFireWireFamilyAvailable for: OS X El Capitan v10.11 to v10.11.3Impact: A local user may be able to cause a denial of serviceDescription: A null pointer dereference was addressed through improved validation.CVE-IDCVE-2016-1745 : sweetchip of Grayhash IOGraphicsAvailable for: OS X El Capitan v10.11 to v10.11.3Impact: An application may be able to execute arbitrary code with kernel privilegesDescription: A memory corruption issue was addressed through improved input validation.CVE-IDCVE-2016-1746 : Peter Pi of Trend Micro working with Trend Micro's Zero Day Initiative (ZDI)CVE-2016-1747 : Juwei Lin of Trend Micro working with Trend Micro's Zero Day Initiative (ZDI) IOHIDFamilyAvailable for: OS X El Capitan v10.11 to v10.11.3Impact: An application may be able to determine kernel memory layoutDescription: A memory corruption issue was addressed through improved memory handling.CVE-IDCVE-2016-1748 : Brandon Azad IOUSBFamilyAvailable for: OS X El Capitan v10.11 to v10.11.3Impact: An application may be able to execute arbitrary code with kernel privilegesDescription: Multiple memory corruption issues were addressed through improved memory handling.CVE-IDCVE-2016-1749 : Ian Beer of Google Project Zero and Juwei Lin of Trend Micro working with Trend Micro's Zero Day Initiative (ZDI) KernelAvailable for: OS X El Capitan v10.11 to v10.11.3Impact: An application may be able to execute arbitrary code with kernel privilegesDescription: A use after free issue was addressed through improved memory management.CVE-IDCVE-2016-1750 : CESG KernelAvailable for: OS X El Capitan v10.11 to v10.11.3Impact: An application may be able to execute arbitrary code with kernel privilegesDescription: A race condition existed during the creation of new processes. This was addressed through improved state handling.CVE-IDCVE-2016-1757 : Ian Beer of Google Project Zero and Pedro Vilaça KernelAvailable for: OS X El Capitan v10.11 to v10.11.3Impact: An application may be able to execute arbitrary code with kernel privilegesDescription: A null pointer dereference was addressed through improved input validation.CVE-IDCVE-2016-1756 : Lufeng Li of Qihoo 360 Vulcan Team KernelAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3Impact: An application may be able to execute arbitrary code with kernel privilegesDescription: Multiple memory corruption issues were addressed through improved memory handling.CVE-IDCVE-2016-1754 : Lufeng Li of Qihoo 360 Vulcan TeamCVE-2016-1755 : Ian Beer of Google Project ZeroCVE-2016-1759 : lokihardt KernelAvailable for: OS