The user in question did NOT have admin rights. Trust me on this... I couldn't even update Java as that user. I had to log that user out and log in as myself to update Java.
From: Jonathan Link [mailto:[email protected]] Sent: Friday, October 29, 2010 12:53 PM To: NT System Admin Issues Subject: Re: "System Defragmenter" malware <cough> Admin rights </cough> Seriously, if you can't give up giving admin rights for political reasons consider creating an account which has local admin rights that users can use and move users standar accounts to nonadmin rights. In my environment, we were running with admin rights, but we afford our employees enough freedom to install software to do their jobs as necessary. Creating an account with admin rights was the best way for us to move forward. Employees are still bound to AUPs which stipulate that software not interfere with business use of applications. I don't care for the common local admin account myself, but I don't chase malware nearly as often. It's been once in the two years since the change. On Fri, Oct 29, 2010 at 12:46 PM, Alex Eckelberry <[email protected]> wrote: It is highly polymorphic and quite nasty. If you find it and VIPRE doesn't detect it, please let us know asap. Alex -----Original Message----- From: John Aldrich [mailto:[email protected]] Sent: Friday, October 29, 2010 12:04 PM To: NT System Admin Issues Subject: "System Defragmenter" malware I just had to go clean one of my systems, because the user was infected with System Defragmenter and it wasn't letting anything run, claiming the hard drive had bad sectors. I managed to get rid of it, but I thought I'd warn you guys. it got in even with Vipre Enterprise being up-to-date and a deep scan last night. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
