Re: "Vista Antivirus 2008" malware removal

Fri, 15 Aug 2008 13:08:07 -0700 

I'll second that.

I've recently added Malwarebytes to my arsenal, they are pretty good at 
removing these rouge anti virus packages.  These malware packages get there 
hooks in your system baaaad.

Anthony
  ----- Original Message ----- 
  From: Mike Gill 
  Sent: Thursday, August 14, 2008 4:17 PM
  Subject: RE: "Vista Antivirus 2008" malware removal


  Malwarebytes program seemed to help out the person who call me last night 
about this. He said it's off his computer now.

   

  -- 
  Mike Gill

   

  From: Roger Wright [mailto:[EMAIL PROTECTED] 
  Sent: Thursday, August 14, 2008 1:39 PM
  To: NT System Admin Issues
  Subject: RE: "Vista Antivirus 2008" malware removal

   

  Don't know if the Vista version is the same or not, but I just cleaned up XP 
Antivirus 2008 on a machine.  Nasty piece of crap to eradicate, though.

   

  Had to stop some weird file from auto-starting, manually delete a folder of 
the same name from C:\Program Files\ and used Malwarebytes to remove the 
Registry entries.  Then manually combed through the Registry and found a couple 
remains.

     

   

  Roger Wright

  Network Administrator

  Evatone, Inc.

  727.572.7076  x388

  _____

       

   

  From: Durf [mailto:[EMAIL PROTECTED] 
  Sent: Thursday, August 14, 2008 2:26 PM
  To: NT System Admin Issues
  Subject: "Vista Antivirus 2008" malware removal

   

  Hey guys;

  I was called in to look over another tech's customer who had a system where 
they had (mostly) removed the "Vista Antivirus 2008" fake AV malware.   The 
only issue still remaining was what we thought at first was a simple browser 
redirection issue - visting a huge number of security-related sites resulted in 
a 404.

  Well, it wasn't a BHO, and it wasn't a redirect, and it's not a HOSTS file.  
It's something screwed in the TCP/IP stack.  NSLOOKUP returns the proper DNS 
result for a site, but when you send any traffic to it at all - ping, let's say 
- it's redirected to localhost.  

  Anyone seen this before and fixed it by means other than burning down the 
system, which is what I'm going to recommend otherwise? 

  -- Durf

  -- 
  --------------
  Give a man a fish, and he'll eat for a day. 
  Give a fish a man, and he'll eat for weeks!

   

  

   

 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Reply via email to