This brand, for lack of a better word seems to be the most pernicious stuff I've seen.
On Wed, Sep 15, 2010 at 12:20 PM, John Hornbuckle < john.hornbuc...@taylor.k12.fl.us> wrote: > The “Security Tools” malware is about to drive me insane. My users keep > managing to infect themselves with it, and we’re having trouble stopping it. > > > > They don’t run with admin rights, so there’s no real damage done to their > systems and we can clean it up in about two minutes. But the time adds up, > and I’m tired of my technicians having to waste time on it. > > > > Our antimalware software is Microsoft’s Forefront Client Security, and it’s > having a tough time catching this. Every time I get infected, I send the EXE > to Microsoft and they update their definitions—but the EXE’s used by the > malware apparently change rapidly, and seem to constantly be a step ahead of > FCS’s definitions. > > > > I can think of a couple of options that I know would stop it, like blocking > all EXE’s at our web filter or using group policy to limit the running of > EXE’s—but this would also prevent users from doing things like installing > safe plug-ins from websites, so it’s not a first resort. > > > > Suggestions? > > > > > > > > John Hornbuckle > > MIS Department > > Taylor County School District > > www.taylor.k12.fl.us > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > NOTICE: Florida has a broad public records law. Most written communications > to or from this entity are public records that will be disclosed to the > public and the media upon request. E-mail communications may be subject to > public disclosure. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin