MegaSack DRAW - This year's winner is user - rgwb
We will be in touch
There's been a few of these fake anti virus trojans appearing in our office over the last couple of weeks. I'm pretty sure it's users clicking dodgy links although of course they claim ignorance.
Firstly, why isn't our regular anti-virus (Trend Micro) picking these up when they first run, or finding them when a full scan is done? Probably because it doesn't look for Malware, yes? So I need a preventative measure - can anyone recommend something?
Secondly, once their on I need to get them removed. Malwarebytes seems to appear often in a google search. I'm about to try it on the current casualty but again, if you have other recommendations please let me know.
Removal http://www.bleepingcomputer.com/virus-removal/remove-antivirus-2010
Prevention, educate the staff I know no mean achievement.
Cheers
{Mods - any chance of moving this to the correct forum? I'll wear the dunce hat and go stand in the corner for ten minutes}
If you can you could change your office routers dns server to OpenDNS then that blocks a lot of malware sites by default. You can then also block phishing sites as well as a whole bunch of other categories.
Not bomb proof but free, relatively easy and prevents a fair amount of idiocy
[i]Prevention, educate the staff I know no mean achievement. [/i]
Take their admin rights off them as well. This is the biggest single move forwards you can make in protecting the computer estate. They'll bitch like mad about it and you'll end up running around a bit more installing the business software they need but it means you have control of all software within the estate. You can use power user accounts and AD GP's if you have them to allow admin access to specific areas like Java updates and driver installs.
edit: duplicate removed