I think that's a variant of winfixer .... verify via IPCONFIG -all that ONLY your preferred DNS is in play... and I'd boot from a secondary instance of the OS (or a boot CD) and *then* scan for malware and rootkits
_____ From: Durf [mailto:[EMAIL PROTECTED] Sent: Thursday, August 14, 2008 2:26 PM To: NT System Admin Issues Subject: "Vista Antivirus 2008" malware removal Hey guys; I was called in to look over another tech's customer who had a system where they had (mostly) removed the "Vista Antivirus 2008" fake AV malware. The only issue still remaining was what we thought at first was a simple browser redirection issue - visting a huge number of security-related sites resulted in a 404. Well, it wasn't a BHO, and it wasn't a redirect, and it's not a HOSTS file. It's something screwed in the TCP/IP stack. NSLOOKUP returns the proper DNS result for a site, but when you send any traffic to it at all - ping, let's say - it's redirected to localhost. Anyone seen this before and fixed it by means other than burning down the system, which is what I'm going to recommend otherwise? -- Durf -- -------------- Give a man a fish, and he'll eat for a day. Give a fish a man, and he'll eat for weeks! No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.6.3/1611 - Release Date: 8/14/2008 6:20 AM ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~