RE: vipre: SVCHOST.EXE virus.

Seinfeld. Neuman was complaing about how much he hates broccoli. Subject: RE: vipre: SVCHOST.EXE virus. Date: Thu, 18 Nov 2010 16:31:50 -0500 From: don.gu...@prufoxroach.com To: ntsysadmin@lyris.sunbelt-software.com No, no and never heard of that show-no. Don GuyerSystems Engineer

RE: vipre: SVCHOST.EXE virus.

is the means by which a lot of our staff keep in contact with their clients. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 4:18 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. So maybe facebo

RE: vipre: SVCHOST.EXE virus.

ssues Subject: RE: vipre: SVCHOST.EXE virus. Yes, that's it. We had one workstation that had the fake Thinkpoint scan running, so apparently VIPRE AP didn't block it from executing on that one. On every affected machine we have seen, looking at the browser history each user

RE: vipre: SVCHOST.EXE virus.

mith [mailto:m...@gatewayindustries.org] Sent: Thursday, November 18, 2010 10:53 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. 1) possibly they have or created an account they used for that purpose but don't use it as a means of communication. 2) we are talking about people with menta

Re: vipre: SVCHOST.EXE virus.

For instance? -- ME2 On Thu, Nov 18, 2010 at 10:40 PM, Alex Eckelberry < al...@sunbelt-software.com> wrote: > If there is a detection issue, it’s generally a configuration thing. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~

RE: vipre: SVCHOST.EXE virus.

ssues Subject: Re: vipre: SVCHOST.EXE virus. So any ideas? is COnficker2 not being stoped by vipre? On Thu, Nov 18, 2010 at 3:33 PM, RS mailto:rich...@gmail.com>> wrote: Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, mailto:richardmccl...@aspca.org>> wrote: Personally, I'd prefe

Re: vipre: SVCHOST.EXE virus.

the only way they > communicate with people? > > > > -- > Mike Gill > > > > *From:* Ralph Smith [mailto:m...@gatewayindustries.org] > *Sent:* Thursday, November 18, 2010 1:37 PM > *To:* NT System Admin Issues > *Subject:* RE: vipre: SVCHOST.EXE virus. > >

RE: vipre: SVCHOST.EXE virus.

2010 5:32 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. How does 1) someone sign up to Facebook without an email account and 2) expect to be taken seriously AT ALL telling someone FB is the only way they communicate with people? -- Mike Gill From: Ralph

Re: vipre: SVCHOST.EXE virus.

unt and 2) >> expect to be taken seriously AT ALL telling someone FB is the only way they >> communicate with people? >> >> >> >> -- >> Mike Gill >> >> >> >> *From:* Ralph Smith [mailto:m...@gatewayindustries.org] >> *Sent:* Thursd

Re: vipre: SVCHOST.EXE virus.

th people? > > > > -- > Mike Gill > > > > *From:* Ralph Smith [mailto:m...@gatewayindustries.org] > *Sent:* Thursday, November 18, 2010 1:37 PM > *To:* NT System Admin Issues > *Subject:* RE: vipre: SVCHOST.EXE virus. > > > > Wouldn't bother me, but the last

RE: vipre: SVCHOST.EXE virus.

System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Wouldn't bother me, but the last time I did it the HR department complained because they use Facebook for recruiting, and a lot of our vocational counselors complained. We are a non-profit that provides various services for people

RE: vipre: SVCHOST.EXE virus.

That's what I'll do. From: Sean Rector [mailto:sean.rec...@vaopera.org] Sent: Thursday, November 18, 2010 4:57 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Set up a firewall rule that allows certain people access - that&#x

RE: vipre: SVCHOST.EXE virus.

y which a lot of our staff keep in contact with their clients. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 4:18 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. So maybe facebook needs to be bloc

RE: vipre: SVCHOST.EXE virus.

ch.com> From: Rod Trent [mailto:rodtr...@myitforum.com] Sent: Thursday, November 18, 2010 4:37 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Seinfeld From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, November 18, 2010 4:32 PM To: NT System Admi

RE: vipre: SVCHOST.EXE virus.

Little Shop of Horrors? From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, November 18, 2010 3:32 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Not that kind of weed. Don Guyer Systems Engineer - Information Services Prudential, Fox & R

RE: vipre: SVCHOST.EXE virus.

ff keep in contact with their clients. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 4:18 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. So maybe facebook needs to be blocked, oh how horrible.. O

RE: vipre: SVCHOST.EXE virus.

Seinfield (non)show From: Don Guyer [mailto:don.gu...@prufoxroach.com] Subject: RE: vipre: SVCHOST.EXE virus. I never thought the day would come!!! "Vile weed!" (who can tell me which TV show that line came from?) ~ Finally, powerful endpoint security that ISN'T

RE: vipre: SVCHOST.EXE virus.

Seinfeld From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, November 18, 2010 4:32 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. No, no and never heard of that show-no. Don Guyer Systems Engineer - Information Services Prudential, Fox & R

RE: vipre: SVCHOST.EXE virus.

nger, Paul [mailto:pmaglin...@scvl.com] Sent: Thursday, November 18, 2010 4:31 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Reefer Madness? From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, November 18, 2010 3:30 PM To: NT System Admin Issues S

RE: vipre: SVCHOST.EXE virus.

From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, November 18, 2010 4:30 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Welcome back Kotter? That 70's show? FBI, with Inspector Erskine? From: Don Guyer [mailto:don.gu...@prufoxr

RE: vipre: SVCHOST.EXE virus.

Reefer Madness? From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, November 18, 2010 3:30 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Welcome back Kotter? That 70's show? FBI, with Inspector Erskine? From: Don Guyer [mailto:d

RE: vipre: SVCHOST.EXE virus.

Welcome back Kotter? That 70's show? FBI, with Inspector Erskine? From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, November 18, 2010 3:28 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I never thought the day would come!!! "

Re: vipre: SVCHOST.EXE virus.

[mailto:rich...@gmail.com] >> *Sent:* Thursday, November 18, 2010 3:34 PM >> >> *To:* NT System Admin Issues >> *Subject:* Re: vipre: SVCHOST.EXE virus. >> >> >> >> Oof! (TM -sc) >> >> On Thu, Nov 18, 2010 at 3:22 PM, wrote: >> >>

RE: vipre: SVCHOST.EXE virus.

(610) 650-5306 don.gu...@prufoxroach.com <mailto:don.gu...@prufoxroach.com> From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 4:18 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. So maybe facebook needs to be blocked, oh how hor

Re: vipre: SVCHOST.EXE virus.

09 PM, Steven M. Caesare wrote: > I’ll send you a bill. > > > > -sc > > > > *From:* RS [mailto:rich...@gmail.com] > *Sent:* Thursday, November 18, 2010 3:34 PM > > *To:* NT System Admin Issues > *Subject:* Re: vipre: SVCHOST.EXE virus. > > &g

Re: vipre: SVCHOST.EXE virus.

--- > *From:* Ziots, Edward [mailto:ezi...@lifespan.org] > *Sent:* Thursday, November 18, 2010 3:51 PM > > *To:* NT System Admin Issues > *Subject:* RE: vipre: SVCHOST.EXE virus. > > Yep, that is a driveby malware we have seen accordingly, it’s the > thinkpoint virus.

RE: vipre: SVCHOST.EXE virus.

8, 2010 3:47 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile wit

RE: vipre: SVCHOST.EXE virus.

I’ll send you a bill. -sc From: RS [mailto:rich...@gmail.com] Sent: Thursday, November 18, 2010 3:34 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, wrote: Personally, I'd prefer using AntiVirus 2010 over M

RE: vipre: SVCHOST.EXE virus.

in the future. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:50 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. I guess best is just to reimage / wipe / reimage the system. Ralph what do you use

RE: vipre: SVCHOST.EXE virus.

ystem Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the

Re: vipre: SVCHOST.EXE virus.

't remove > them. I've been wiping and re-imaging them. > > -- > *From:* justino garcia [mailto:jgarciaitl...@gmail.com] > *Sent:* Thursday, November 18, 2010 3:32 PM > > *To:* NT System Admin Issues > *Subject:* Re: vipre: SVCHOST.EXE virus. > &g

RE: vipre: SVCHOST.EXE virus.

no garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted t

Re: vipre: SVCHOST.EXE virus.

The funny thing is, mcafee did catch it (I had to uninstall vipre, and use mcafee). On Thu, Nov 18, 2010 at 3:41 PM, justino garcia wrote: > I am on hold with vipre tech... > > > On Thu, Nov 18, 2010 at 3:39 PM, justino garcia > wrote: > >> So any ideas? is COnficker2 not being stoped by vipre?

Re: vipre: SVCHOST.EXE virus.

I am on hold with vipre tech... On Thu, Nov 18, 2010 at 3:39 PM, justino garcia wrote: > So any ideas? is COnficker2 not being stoped by vipre? > > On Thu, Nov 18, 2010 at 3:33 PM, RS wrote: > >> Oof! (TM -sc) >> >> On Thu, Nov 18, 2010 at 3:22 PM, wrote: >> >>> >>> Personally, I'd prefer usi

Re: vipre: SVCHOST.EXE virus.

Contact Support. It could be that you have a new variant that isn't picked up yet, and won't be until the A/V companies see it. -Jeff Steward On Thu, Nov 18, 2010 at 3:39 PM, justino garcia wrote: > So any ideas? is COnficker2 not being stoped by vipre? > > > On Thu, Nov 18, 2010 at 3:33 PM, RS

Re: vipre: SVCHOST.EXE virus.

So any ideas? is COnficker2 not being stoped by vipre? On Thu, Nov 18, 2010 at 3:33 PM, RS wrote: > Oof! (TM -sc) > > On Thu, Nov 18, 2010 at 3:22 PM, wrote: > >> >> Personally, I'd prefer using AntiVirus 2010 over McAfee. >> >> When you get things under control, could you please share with us

Re: vipre: SVCHOST.EXE virus.

Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, wrote: > > Personally, I'd prefer using AntiVirus 2010 over McAfee. > > When you get things under control, could you please share with us what it > was which tipped you off, what it was doing, etc? I think many of us are > curious now. > -- > Rich

Re: vipre: SVCHOST.EXE virus.

dward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:ezi...@lifespan.org > > Cell:401-639-3505 > > > > *From:* justino garcia [mailto:jgarciaitl...@gmail.com] > *Sent:* Thursday, November 18, 2010 3:

RE: vipre: SVCHOST.EXE virus.

@lifespan.org] Sent: Thursday, November 18, 2010 3:23 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E.

RE: vipre: SVCHOST.EXE virus.

-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling

Re: vipre: SVCHOST.EXE virus.

Personally, I'd prefer using AntiVirus 2010 over McAfee. When you get things under control, could you please share with us what it was which tipped you off, what it was doing, etc? I think many of us are curious now. -- Richard D. McClary Systems Administrator, Information Technology Group ASP

RE: vipre: SVCHOST.EXE virus.

I had one today Win32.Autorun.gen (v) Vipre detected it, but could not clean it. Malwarebytes (free) took care of it. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus

Re: vipre: SVCHOST.EXE virus.

.524.8573 (direct) > > 443-506.2400 (cell) > > www.xlhealth.com > > > > > > > > *From:* justino garcia [mailto:jgarciaitl...@gmail.com] > *Sent:* Thursday, November 18, 2010 3:10 PM > *To:* NT System Admin Issues > *Subject:* vipre: SVCHOST.EXE virus. > > &

RE: vipre: SVCHOST.EXE virus.

From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I

vipre: SVCHOST.EXE virus.

Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee o