Page 1 of 1

Security Tool - How to Catch and Remove?

PostPosted: Wed Mar 31, 2010 8:56 pm
by ccsoftware
Hi,

I'm running into more and more systems being infected with the Security Tool Rogue AV software.

Two questions:
1. How can we prevent users from becoming infected?
2. Once infected how to clean system? I've tried the usual recommendations...turn off system restore, clears ie temp files, reboot into safe mode and run full mwav scan. But when I reboot the spyware is still there.

Thanks.,

Joan
C&C Software Solutions Inc.

PostPosted: Thu Apr 01, 2010 4:44 pm
by Shrinivas
Hi Joan,

You can ask the user to mail the generated pinfect.zip file after scanning with Quick scan engine.
Mail across the file to samples@escanav.com
It seems new variant of the spyware is there.
Also you can mail across the complete quick scan log file i.e. MWAV.log in zip file to qa@escanav.com
So that we can have a look on the suspicious files if any.