+2, either at home or at the office. Combofix (be careful where you get it -- the BleepingComputer site is the most reliable), Malwarebytes, and Vipre. Vipre seems to take the longest to run.
David On Fri, Jun 3, 2011 at 10:23 AM, Maglinger, Paul <[email protected]>wrote: > +1 for combofix at home. > > -----Original Message----- > From: Gene Giannamore [mailto:[email protected]] > Sent: Friday, June 03, 2011 12:05 PM > To: NT System Admin Issues > Subject: RE: Fake antivirus > > Had very good luck so far using combofix, Malwarebytes, and viper. > Although 1 computer running XPsp3 is now very slow and the user does not > want a wipe. I found combofix > http://www.bleepingcomputer.com/combofix/how-to-use-combofix here. > I do not follow the directions completely; I don't post the log file to > any forum. I do, disable AV, run updated combofix, enable AV, run > malwarebytes. If there is anything still going on, I'll do a quick scan > with superantispyware then investigate manually (registry, running > processes, files). > > Gene Giannamore > > > -----Original Message----- > From: John Aldrich [mailto:[email protected]] > Sent: Friday, June 03, 2011 7:26 AM > To: NT System Admin Issues > Subject: Fake antivirus > > I'm going to go to a former co-worker's this afternoon to clean his > system > (again) from another fake antivirus infestation. I've already got Vipre > Rescue and Malware Bytes on a memory stick. I've also got RKILL. I > haven't > had to deal with any fake antivirus in a few weeks. Just wondering if > they > have developed any new tricks recently that I should be aware of? > > Oh, this user had Vipre Home on his PC, and got infested anyway. Should > I > submit samples to Sunbelt (assuming I can find where they're > quarantined)??? > > Thanks! > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > -- David _____________________ *"The right to be let alone – the most comprehensive of rights and the right most valued by civilized men."* – Supreme Court Justice Louis Brandeis, Olmstead v. U.S., 277 U.S. 438 (1928) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
