True....But on another note... THAT my friend, is one AWESOME disclaimer!
JR On Thu, Jun 16, 2011 at 10:14 AM, James Rankin <kz2...@googlemail.com>wrote: > Application whitelisting saves me from annoyances like this, generally > > > On 16 June 2011 15:11, Mike Sullivan <neog...@gmail.com> wrote: > >> I ran into this on Monday, at least I have my users locked down and they >> only saw the message that the hard drive was failing and their shortcuts >> disappeared. I followed Tammy's instructions and had it cleaned up pronto! >> >> >> On Thu, Jun 16, 2011 at 6:53 AM, Jonathan <ncm...@gmail.com> wrote: >> >>> I've run into a nice variant of this just this morning....the window is >>> titled, "Windows Vista Restore" and the caption at the top of the window >>> says, "PC Performance & Stability analysis report". It is telling me hat the >>> hard drive is failing and that private data is at risk. >>> >>> When I went into the root of C:. it only showed one file, named >>> bootsect.bak. After I chose to display all hidden and os files, >>> viola,everything in C: and on the desktop appeared. >>> >>> What a way to start a Thursday - at least it isn't Monday! >>> >>> JR >>> >>> On Mon, Jun 6, 2011 at 11:56 AM, Roger Wright <rhw...@gmail.com> wrote: >>> >>>> Try setting him up with ClearCloudDNS - might help prevent future >>>> infections. >>>> >>>> >>>> Roger Wright >>>> ___ >>>> >>>> "Formula for success: rise early, work hard, strike oil." - J. Paul >>>> Getty >>>> >>>> >>>> >>>> >>>> >>>> On Fri, Jun 3, 2011 at 10:34 AM, John Aldrich >>>> <jaldr...@blueridgecarpet.com> wrote: >>>> > Thanks... This particular user is unlucky enough to have teenagers who >>>> use >>>> > his computer. My guess is they are visiting infected/hostile/0wned >>>> sites and >>>> > that's how he's getting infected. Never really had a problem when he >>>> was >>>> > working here, so I'm suspecting it's some of his grandkids that are >>>> causing >>>> > the problem. >>>> > >>>> > As I have not yet seen the problem, I don't know if it's going to be >>>> easy or >>>> > difficult. Hopefully MBAM and Vipre won't have any problem with it. :D >>>> > >>>> > Thanks again! >>>> > >>>> > >>>> > >>>> > From: James Rankin [mailto:kz2...@googlemail.com] >>>> > Sent: Friday, June 03, 2011 10:31 AM >>>> > To: NT System Admin Issues >>>> > Subject: Re: Fake antivirus >>>> > >>>> > May be time to invest in some UAT (user awareness training). Continual >>>> > re-infestation either means he is unlucky, or gung-ho in his browsing. >>>> > >>>> > I've had some fake AVs recently which were ridiculously easy to get >>>> rid of >>>> > (kill process, delete files, remove autorun entry). Others have been >>>> more >>>> > stealthy - such as killing targeted windows like Task Manager. Booting >>>> into >>>> > safe mode usually prevents these extra "features" from bothering you. >>>> > >>>> > But as with everything - a reimage may be the only way to be sure. >>>> > On 3 June 2011 15:26, John Aldrich <jaldr...@blueridgecarpet.com> >>>> wrote: >>>> > I'm going to go to a former co-worker's this afternoon to clean his >>>> system >>>> > (again) from another fake antivirus infestation. I've already got >>>> Vipre >>>> > Rescue and Malware Bytes on a memory stick. I've also got RKILL. I >>>> haven't >>>> > had to deal with any fake antivirus in a few weeks. Just wondering if >>>> they >>>> > have developed any new tricks recently that I should be aware of? >>>> > >>>> > Oh, this user had Vipre Home on his PC, and got infested anyway. >>>> Should I >>>> > submit samples to Sunbelt (assuming I can find where they're >>>> quarantined)??? >>>> > >>>> > Thanks! >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> > >>>> > --- >>>> > To manage subscriptions click here: >>>> > http://lyris.sunbelt-software.com/read/my_forums/ >>>> > or send an email to listmana...@lyris.sunbeltsoftware.com >>>> > with the body: unsubscribe ntsysadmin >>>> > >>>> > >>>> > >>>> > -- >>>> > "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put >>>> into >>>> > the machine wrong figures, will the right answers come out?' I am not >>>> able >>>> > rightly to apprehend the kind of confusion of ideas that could provoke >>>> such >>>> > a question." >>>> > >>>> > IMPORTANT: The information in this email is CONFIDENTIAL. If its >>>> contents >>>> > are disclosed in any way my lawyers will swoop down from black >>>> helicopters >>>> > like Seal Team Six and drag you away with a black bag over your head. >>>> They >>>> > will then take you to a secret prison and make you fight to the death >>>> with >>>> > other people who dared to share this email. You will be given a large >>>> bowie >>>> > knife and a supply of methamphetamines while I watch the said >>>> deathmatch and >>>> > wager vast sums of money on who will be the winner. If the fight >>>> becomes >>>> > boring or there is a stalemate, I will release rabid dogs and my >>>> two-stone >>>> > cat into the arena to liven things up a bit. If these animals become >>>> in any >>>> > way docile, I will squirt them with water pistols until they become a >>>> bit >>>> > more temperamental. >>>> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> > >>>> > --- >>>> > To manage subscriptions click here: >>>> > http://lyris.sunbelt-software.com/read/my_forums/ >>>> > or send an email to listmana...@lyris.sunbeltsoftware.com >>>> > with the body: unsubscribe ntsysadmin >>>> > >>>> > >>>> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> > >>>> > --- >>>> > To manage subscriptions click here: >>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>> > or send an email to listmana...@lyris.sunbeltsoftware.com >>>> > with the body: unsubscribe ntsysadmin >>>> > >>>> > >>>> >>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> >>>> --- >>>> To manage subscriptions click here: >>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>> with the body: unsubscribe ntsysadmin >>>> >>>> >>> >>> >>> -- >>> Jonathan, A+, MCSA, MCSE >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to listmana...@lyris.sunbeltsoftware.com >>> with the body: unsubscribe ntsysadmin >>> >> >> >> >> -- >> Thank you, >> Mike Sullivan >> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> > > > > -- > "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into > the machine wrong figures, will the right answers come out?' I am not able > rightly to apprehend the kind of confusion of ideas that could provoke such > a question." > > ****** IMPORTANT INFORMATION/DISCLAIMER ***** > > This document should be read only by those persons to whom it is addressed. > If you have received this message it was obviously addressed to you and > therefore you can read it, even it we didn't mean to send it to you. > However, if the contents of this email make no sense whatsoever then you > probably were not the intended recipient, or, alternatively, you are a > mindless cretin; either way, you should immediately kill yourself and > destroy your computer (not necessarily in that order). Once you have taken > this action, please contact us.. no, sorry, you can't use your computer, > because you just destroyed it, and possibly also committed suicide > afterwards, but I am starting to digress...... * > > * The originator of this email is not liable for the transmission of the > information contained in this communication. Or are they? Either way it's a > pretty dull legal query and frankly one I'm not going to dwell on. But > should you have nothing better to do, please feel free to ruminate on it, > and please pass on any concrete conclusions should you find them. However, > if you pass them on via email, be sure to include a disclaimer regarding > liability for transmission. > * > > * In the event that the originator did not send this email to you, then > please return it to us and attach a scanned-in picture of your mother's > brother's wife wearing nothing but a kangaroo suit, and we will immediately > refund you exactly half of what you paid for the can of Whiskas you bought > when you went to Pets** ** At Home yesterday. * > > * We take no responsibility for non-receipt of this email because we are > running Exchange 5.5 and everyone knows how glitchy that can be. In the > event that you do get this message then please note that we take no > responsibility for that either. Nor will we accept any liability, tacit or > implied, for any damage you may or may not incur as a result of receiving, > or not, as the case may be, from time to time, notwithstanding all > liabilities implied or otherwise, ummm, hell, where was I...umm, no matter > what happens, it is NOT, and NEVER WILL BE, OUR FAULT! * > > * The comments and opinions expressed herein are my own and NOT those of > my employer, who, if he knew I was sending emails and surfing the seamier > side of the Internet, would cut off my manhood and feed it to me for > afternoon tea. * > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- Jonathan, A+, MCSA, MCSE ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin