Slightly On Topic -- combating the Personal Antivirus virus

I have had a rash of the annoying "personal antivirus" virus here at work and in my personal life (nieces, bless their trusting hearts, click on everything).

Does anyone have an effective way of combating these viruses outside Symantec's NAV system? I am getting a headache from these 2 AM phone calls.

Thanks,

~Obdurate~

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

laidbackfreak

Obdurate wrote: »

Does anyone have an effective way of combating these viruses outside Symantec's NAV system? I am getting a headache from these 2 AM phone calls.

Turn the phone off ?

ok maybe someone will give you a sensible answer shortly...

CompuTron99

I just scan the computer with MalwareBytes in Safe Mode.

Ahriakin

Install an IPS, most have signatures to detect these downloads (and set to block). (Untangle is a decent freebie version that is very easy to setup, the IPS module is a modified version of SNORT).
Also get a better AV if possible, Symantec sucketh.

cnfuzzd

combofix. it is a very involved solution (not running it, but the type of scanning) and is best used in combination with the guides on their website for removing these things. Pay attention to the combofix website though, occasionally a bug will show up in combofix releases. Still a great tool. Also, malwarebytes.

john

Obdurate

Ahriakin wrote: »

Install an IPS, most have signatures to detect these downloads (and set to block). (Untangle is a decent freebie version that is very easy to setup, the IPS module is a modified version of SNORT).
Also get a better AV if possible, Symantec sucketh.

Symantec does stink, but my boss loves it -- probably because he doesn't have to fight with it every day.

I was shot down with installing a IPS at work -- "Symantec Endpoint should protect us!"

The only common denominator I have found is everyone who got this virus was just recently on Facebook or Myspace

Thanks for the help all.

~Obdurate~

UnixGeek

Clean out the system with Malwarebytes in Safe Mode, then tell them to get a Mac.

arwes

Yeah, Symantec Endpoint Protection 11 tends to let this one slip right on through. It's hit our CEO and one of our remote employees (she had to drive 50 miles so I could repair it). I'm using NOD32 at home for myself and my parents, and it does a great job of blocking problem sites. I haven't come across it since I installed the stuff, and neither have my parents (which is amazing).

Hyper-Me

Malwarebytes will remove it. MSE will prevent it from getting there in the first place.