Sounds like possibly a new variant. If you have any samples please upload them to our submit site.
http://www.sunbeltsecurity.com/threat If you are also having the issue where all the files/folders are hidden & start menu icons, desktop icons missing - this page should help: (unless the unhide.exe tool has been updated at bleeping page I have seen issues with it restoring shortcut files on Windows 7 & Vista) http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=76 <http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=76&threadid =7944&enterthread=y> &threadid=7944&enterthread=y Regards, Tammy _____ From: John Cook [mailto:[email protected]] Sent: Thursday, June 09, 2011 3:19 PM To: NT System Admin Issues Subject: Re: Win 7 recovery virus 3 computers today John W. Cook Systems Administrator Partnership for Strong Families _____ From: Tom Miller <[email protected]> To: NT System Admin Issues <[email protected]> Sent: Thu Jun 09 15:17:05 2011 Subject: Win 7 recovery virus Anyone getting a lot of these. One of my techs just reported to me: We have been getting hit by the "Win 7 recovery" virus today? Just as heads up http://www.bleepingcomputer.com/virus-removal/remove-windows-7-recovery We use Vipre here. Vipre can see it but obviously not stop it. Way to go. Tom Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin _____ CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
