Teenagers = their own crappy box to screw up + Disc Image of clean install + parental controls, BTDT
John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 -----Original Message----- From: Guyer, Don [mailto:[email protected]] Sent: Friday, June 03, 2011 10:45 AM To: NT System Admin Issues Subject: RE: Fake antivirus Teenage (or young) users = must have parental controls! I can't imagine how many weekends I'd have to spend rebuilding home machines without it. Don Guyer Windows Systems Engineer RIM Operations Engineering Distributed - A Team, Tier 2 Enterprise Technology Group Fiserv [email protected] Office: 1-800-523-7282 x 1673 Fax: 610-233-0404 www.fiserv.com -----Original Message----- From: John Aldrich [mailto:[email protected]] Sent: Friday, June 03, 2011 10:34 AM To: NT System Admin Issues Subject: RE: Fake antivirus Thanks... This particular user is unlucky enough to have teenagers who use his computer. My guess is they are visiting infected/hostile/0wned sites and that's how he's getting infected. Never really had a problem when he was working here, so I'm suspecting it's some of his grandkids that are causing the problem. As I have not yet seen the problem, I don't know if it's going to be easy or difficult. Hopefully MBAM and Vipre won't have any problem with it. :D Thanks again! From: James Rankin [mailto:[email protected]] Sent: Friday, June 03, 2011 10:31 AM To: NT System Admin Issues Subject: Re: Fake antivirus May be time to invest in some UAT (user awareness training). Continual re-infestation either means he is unlucky, or gung-ho in his browsing. I've had some fake AVs recently which were ridiculously easy to get rid of (kill process, delete files, remove autorun entry). Others have been more stealthy - such as killing targeted windows like Task Manager. Booting into safe mode usually prevents these extra "features" from bothering you. But as with everything - a reimage may be the only way to be sure. On 3 June 2011 15:26, John Aldrich <[email protected]> wrote: I'm going to go to a former co-worker's this afternoon to clean his system (again) from another fake antivirus infestation. I've already got Vipre Rescue and Malware Bytes on a memory stick. I've also got RKILL. I haven't had to deal with any fake antivirus in a few weeks. Just wondering if they have developed any new tricks recently that I should be aware of? Oh, this user had Vipre Home on his PC, and got infested anyway. Should I submit samples to Sunbelt (assuming I can find where they're quarantined)??? Thanks! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." IMPORTANT: The information in this email is CONFIDENTIAL. If its contents are disclosed in any way my lawyers will swoop down from black helicopters like Seal Team Six and drag you away with a black bag over your head. They will then take you to a secret prison and make you fight to the death with other people who dared to share this email. You will be given a large bowie knife and a supply of methamphetamines while I watch the said deathmatch and wager vast sums of money on who will be the winner. If the fight becomes boring or there is a stalemate, I will release rabid dogs and my two-stone cat into the arena to liven things up a bit. If these animals become in any way docile, I will squirt them with water pistols until they become a bit more temperamental. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
