Steve, et al: I was concerned that Vipre Home and Vipre Rescue didn't catch it. I should point out that I'm aware that *nothing* catches everything, which is why I like to use multiple tools to scan a computer when I suspect a malware outbreak. I was just surprised that Vipre, which seems to be one of the best (if not THE best) anti-malware products didn't catch it, even using the Rescue version.
-----Original Message----- From: Steve Ens [mailto:stevey...@gmail.com] Sent: Tuesday, December 14, 2010 10:47 PM To: NT System Admin Issues Subject: Re: System Tool 2011 malware Hey John Are you asking how to fix it, or why Vipre didn't catch it? If you're trying to fix it, then logon as the administrator (or something other than what the infected profile) and then run the tools...full scans. Steve On Tuesday, December 14, 2010, John Aldrich <jaldr...@blueridgecarpet.com> wrote: > I had a home user who called me to come work on his computer because it > kept coming up with the "system tool 2011" malware (very similar to the > fake antivirus malware.) > The system is Windows XP Media Edition, and had Vipre Home installed. I ran > Vipre Rescue yesterday and it supposedly cleaned some of it up, but as soon > as the user rebooted into normal mode, it was back. Today, I went back and > ran MalwareBytes and SpyBot S&D. Neither apparently caught it, but looking > at the startup entries in SpyBot, I saw a random jumble of letters under c: > \documents and settings\all users\application data\ which, when I entered > the directory in Windows Explorer, showed the icon for the System Tool 2011 > malware. > Anyone got any clue why Vipre Rescue and Vipre Home didn't catch it? I > tried to submit a zip of it to the CW Sandbox, but got a response that it > couldn't be analyzed... > -- > Thanks, > John Aldrich > Blueridge Industries > IT Manager > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
