Don't know if the Vista version is the same or not, but I just cleaned
up XP Antivirus 2008 on a machine. Nasty piece of crap to eradicate,
though.
Had to stop some weird file from auto-starting, manually delete a folder
of the same name from C:\Program Files\ and used Malwarebytes to remove
the Registry entries. Then manually combed through the Registry and
found a couple remains.
Roger Wright
Network Administrator
Evatone, Inc.
727.572.7076 x388
_____
From: Durf [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 14, 2008 2:26 PM
To: NT System Admin Issues
Subject: "Vista Antivirus 2008" malware removal
Hey guys;
I was called in to look over another tech's customer who had a system
where they had (mostly) removed the "Vista Antivirus 2008" fake AV
malware. The only issue still remaining was what we thought at first
was a simple browser redirection issue - visting a huge number of
security-related sites resulted in a 404.
Well, it wasn't a BHO, and it wasn't a redirect, and it's not a HOSTS
file. It's something screwed in the TCP/IP stack. NSLOOKUP returns the
proper DNS result for a site, but when you send any traffic to it at all
- ping, let's say - it's redirected to localhost.
Anyone seen this before and fixed it by means other than burning down
the system, which is what I'm going to recommend otherwise?
-- Durf
--
--------------
Give a man a fish, and he'll eat for a day.
Give a fish a man, and he'll eat for weeks!
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
