Best AV for Anti-virus viruses?

F-secure or Trend Office

The AV2011 is a vicious sucker. I have seen probably around 20 different variations of names, some of which cause different issues. As far as what to use to stop it and if you have it how to get rid of it...well that is very situational based. A lot of consumers get that virus by pressing on some download link of some sort. And truth of the matter is most AVs won't stop a virus from getting in if you say "yes" to the download as it bypasses the AV software.

If you do in fact get it I have used Malwarebytes to remove a lot of it, HitmanPro is good too. HiJackThis is almost always necessary as some pieces of the more vicious versions just will not go away. TDSSkiller and GMER as a lot of times it creates a rootkit to re-implement itself and definitely Rkill.exe because usually when AV2011 is executed it disables everything else and you cant run really anything, not even task manager.

Keep in mind a lot of times it likes to break the .exe file extension within the registry. In the exe folder within the registry it changes the data to a direct link to the virus itself. Fortunately there are easy fixes for that as long as you just keep a RegFix which is a small one line script to replace the exact key with the correct/default data.

After doing all of the above (if exe is broken then fix that first to do the rest) you should be good to go. AV2011 really is a nasty one.

leew: How does VIPRE® "3 or more PC" license works? How about VIPRE® Premium?

Actually, I have only one home user client on it (I don't work with home users much and when I do, they've usually purchased something awful like Norton).  The one client is using a 3 year home license on 4 machines.  Seems to work great (it's the premium edition).

Most of my clients are using the business class VIPRE Enterprise and only one (though a large one) is on Enterprise Premium.  So far, I rarely (if ever) hear anything negative about it.

GFI/Sunbelt offers a 30 day moneyback guarantee - which I used once for another client that had trouble installing the 3.x client (they are on 4.0 now which doesn't seem to have any install problems).  

If you buy the 3 or more license, you get one license key you can use with all your installs.

Just keep in mind, for as good as it is, the product, like all antivirus products, generally needs to have seen the malicious software first before it can clean it (meaning Sunbelt would have to have seen that variant before you can expect them to clean it - it's POSSIBLE it gets it anyway, but MOST things are cleaned by virus definition, not heuristics.

"...keeping PCs free from current versions of the Anti-Virus Virus. ..!

Once you are infected, there are a number of tools you can use.
To prevent infection, user education is the most powerful defence. If users are downloading from random pop-ups, or clicking on links haphazardly then the pc will get infected no matter WHAT av is being run.

I try to tell users to treat the internet like a city at night: there are areas which you wouldn't wander around in looking lost; you would pay attention and be careful.  A lot of rogue av programs originate from a pop-up which says something like "Warning!!! Virus detected.  Scan now?" .  Close the window by pressing alt+f4 and you don't click on anything inside the window.  Users like the idea of using a keyboard shortcut and will be keen to try it out.

I used the Vipre Enterprise it did work good for most part.  But lately the issues we had with Outlook 2007 it would lock up on numerous workstations and some trojans would infect some workstations.  Even with numerous deep scans could not get rid of them.  So I had to re-image those workstations.

I have done research and am going to try Kaspersky Enterprise Space Security.  This is a total suite package that will cover File Servers, Email Servers and workstations.  No need to get separate licenses for email and workstations like other vendors.  Kaspersky will give you 1.5x the amount of mailboxes to help cover email aliases too.  The auto delpoy will perform a network discovery and automatically determine which OS the workstation / server has and remove the previous vendor software and installs the new one.

Forgot the links:

http://www.microsoft.com/security_essentials/
http://technet.microsoft.com/en-us/evalcenter/ff182914.aspx
http://www.malwarebytes.org/

@phototropic - love that analogy:
"...treat the internet like a city at night...

Sopho Endpoint Security works quite well.  We've had great results with it.  If you want to test it against your current AV vendor, they have an option to download their scanner to compare results.  They also have some great additional options..... acceptable use policy (i.e. controlling USB media, privacy data), web content scanner, heuristics, host firewall).  With an infection from a rogue AV like 2011 Antivirus, you need something that can monitor the any hijacked API calls, Sophos has shown to alert on suspicious activity of known .exes like svchost.exe which is a favorite of malware to inject code into.  Good luck!