Seen it Hate it
We have tried lots of stuff to avoid a burn and turn, but it almost isn't worth the time, that malware is fairly deep in its grasp. I would be curious to hear how effective VIpre is in catching new malware like this. Our Symantec subscription is up in November and that might be enough firepower to get us to switch. Try a system restore point if you have one available and then remove the software folders, that usually works. Otherwise time to make burn like Ed said. -troy -----Original Message----- From: Durf [mailto:[EMAIL PROTECTED] Sent: Thursday, August 14, 2008 11:26 AM To: NT System Admin Issues Subject: "Vista Antivirus 2008" malware removal Hey guys; I was called in to look over another tech's customer who had a system where they had (mostly) removed the "Vista Antivirus 2008" fake AV malware. The only issue still remaining was what we thought at first was a simple browser redirection issue - visting a huge number of security-related sites resulted in a 404. Well, it wasn't a BHO, and it wasn't a redirect, and it's not a HOSTS file. It's something screwed in the TCP/IP stack. NSLOOKUP returns the proper DNS result for a site, but when you send any traffic to it at all - ping, let's say - it's redirected to localhost. Anyone seen this before and fixed it by means other than burning down the system, which is what I'm going to recommend otherwise? -- Durf -- -------------- Give a man a fish, and he'll eat for a day. Give a fish a man, and he'll eat for weeks! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~