I second Malwarebyes. Malwarebyes = Minty Fresh On Fri, Aug 15, 2008 at 11:32 AM, Cliff Partlow <[EMAIL PROTECTED]> wrote:
> Malwarebytes will clean this. > > > > > > "From The Sunny Side Of The Street !" > > Cliff P. > > > > " .....and if you ever sell out and there's a Heaven > > from which you can be haunted, I'll haunt you,".....Delmore Schwartz > > > > *From:* James Kerr [mailto:[EMAIL PROTECTED] > *Sent:* Friday, August 15, 2008 8:28 AM > *To:* NT System Admin Issues > *Subject:* Re: "Vista Antivirus 2008" malware removal > > > > I just had the third user report that he ended up at one of those antivirus > 2008 sites. It was my boss and he said he clicked on a link in MSN news. We > tried to duplicate but this time the link went to the right place. Trend > isnt reporting any issues so far. I am going to run a manual scan anyway > just to be sure. > > ----- Original Message ----- > > *From:* Benjamin Zachary - Lists <[EMAIL PROTECTED]> > > *To:* NT System Admin Issues <[email protected]> > > *Sent:* Friday, August 15, 2008 11:17 AM > > *Subject:* RE: "Vista Antivirus 2008" malware removal > > > > Yeah, I think I ran the same thing, where it had VIRUS ALERT! listed in the > systray next to the clock, ran AVG/Spybot and they cleaned most of it, but I > had to goto safe mode run that little dos app and then I ended up also > wiping the profile just in case and making a new one, problem appears gone. > > > ------------------------------ > > *From:* Mike Gill [mailto:[EMAIL PROTECTED] > *Sent:* Thursday, August 14, 2008 6:17 PM > *To:* NT System Admin Issues > *Subject:* RE: "Vista Antivirus 2008" malware removal > > > > Malwarebytes program seemed to help out the person who call me last night > about this. He said it's off his computer now. > > > > -- > Mike Gill > > > > *From:* Roger Wright [mailto:[EMAIL PROTECTED] > *Sent:* Thursday, August 14, 2008 1:39 PM > *To:* NT System Admin Issues > *Subject:* RE: "Vista Antivirus 2008" malware removal > > > > Don't know if the Vista version is the same or not, but I just cleaned up > XP Antivirus 2008 on a machine. Nasty piece of crap to eradicate, though. > > > > Had to stop some weird file from auto-starting, manually delete a folder of > the same name from C:\Program Files\ and used Malwarebytes to remove the > Registry entries. Then manually combed through the Registry and found a > couple remains. > > > > > > Roger Wright > > Network Administrator > > Evatone, Inc. > > 727.572.7076 x388 > > _____ > > > > > > *From:* Durf [mailto:[EMAIL PROTECTED] > *Sent:* Thursday, August 14, 2008 2:26 PM > *To:* NT System Admin Issues > *Subject:* "Vista Antivirus 2008" malware removal > > > > Hey guys; > > I was called in to look over another tech's customer who had a system where > they had (mostly) removed the "Vista Antivirus 2008" fake AV malware. The > only issue still remaining was what we thought at first was a simple browser > redirection issue - visting a huge number of security-related sites resulted > in a 404. > > Well, it wasn't a BHO, and it wasn't a redirect, and it's not a HOSTS > file. It's something screwed in the TCP/IP stack. NSLOOKUP returns the > proper DNS result for a site, but when you send any traffic to it at all - > ping, let's say - it's redirected to localhost. > > Anyone seen this before and fixed it by means other than burning down the > system, which is what I'm going to recommend otherwise? > > -- Durf > > -- > -------------- > Give a man a fish, and he'll eat for a day. > Give a fish a man, and he'll eat for weeks! > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
