I think, though I am not sure, that the users are getting this crap through email. I even got one that was supposedly an MSNBC news alert that lead me to a site that was already down. No PC has been infected as of yet. I ran malwarebytes on a couple and they are clean. ----- Original Message ----- From: Alex Eckelberry To: NT System Admin Issues Sent: Friday, August 15, 2008 4:31 PM Subject: RE: "Vista Antivirus 2008" malware removal
Get the free Vipre trial, it both scans and removes at no charge. http://www.sunbeltsoftware.com/Home-Home-Office/VIPRE/ If you really have trouble, call us and we have specialists who can get rid of it. Alex Alex Eckelberry, CEO Sunbelt Software, Inc. 33 N. Garden Avenue, Clearwater, FL 33755 727.562.0101 x220 [EMAIL PROTECTED] www.sunbeltsoftware.com www.sunbeltblog.com ------------------------------------------------------------------------------ From: Anthony [mailto:[EMAIL PROTECTED] Sent: Friday, August 15, 2008 4:08 PM To: NT System Admin Issues Subject: Re: "Vista Antivirus 2008" malware removal I'll second that. I've recently added Malwarebytes to my arsenal, they are pretty good at removing these rouge anti virus packages. These malware packages get there hooks in your system baaaad. Anthony ----- Original Message ----- From: Mike Gill Sent: Thursday, August 14, 2008 4:17 PM Subject: RE: "Vista Antivirus 2008" malware removal Malwarebytes program seemed to help out the person who call me last night about this. He said it's off his computer now. -- Mike Gill From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Thursday, August 14, 2008 1:39 PM To: NT System Admin Issues Subject: RE: "Vista Antivirus 2008" malware removal Don't know if the Vista version is the same or not, but I just cleaned up XP Antivirus 2008 on a machine. Nasty piece of crap to eradicate, though. Had to stop some weird file from auto-starting, manually delete a folder of the same name from C:\Program Files\ and used Malwarebytes to remove the Registry entries. Then manually combed through the Registry and found a couple remains. Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _____ From: Durf [mailto:[EMAIL PROTECTED] Sent: Thursday, August 14, 2008 2:26 PM To: NT System Admin Issues Subject: "Vista Antivirus 2008" malware removal Hey guys; I was called in to look over another tech's customer who had a system where they had (mostly) removed the "Vista Antivirus 2008" fake AV malware. The only issue still remaining was what we thought at first was a simple browser redirection issue - visting a huge number of security-related sites resulted in a 404. Well, it wasn't a BHO, and it wasn't a redirect, and it's not a HOSTS file. It's something screwed in the TCP/IP stack. NSLOOKUP returns the proper DNS result for a site, but when you send any traffic to it at all - ping, let's say - it's redirected to localhost. Anyone seen this before and fixed it by means other than burning down the system, which is what I'm going to recommend otherwise? -- Durf -- -------------- Give a man a fish, and he'll eat for a day. Give a fish a man, and he'll eat for weeks! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
