I believe one of our networked computers is infected with a rogue antivirus program. The symptoms included pop-up boxes warning of multiple viruses, and the browser was pointing to the folowing url:
malwareurl.com hassafe-your-pc008.com listed as Fast Flux Rogue Antivirus, however I can't find anything else about this anywhere.
I had to force the browser closed with task manager to close all the pop-up wndows.
This machine is running windows 2000 sp4.
Malwarebytes found nothing. I ran superantispyware and it deleted lots of tracking cookies.
I'm now running kapersky's viruse removal tool to see if it finds anything.
What I really want to know is if anyone has had experience with fast flux or any other browser redirector?
Also, is there anyway to possibly tell what site it came from? It looks like browser history has been deleted and the only record I have are the cookies and the index.dat fiiles under history.ie5. Anyone know a good way to view those index files?