Prev: antivirus
Next: Security Tool Virus (spyware)
From: MEB on 23 Feb 2010 15:58
On 02/23/2010 03:17 PM, David Kaye wrote:
> ~BD~ <BoaterDave(a)NOSPAMhotmail.co.uk> wrote:
>
>>
>> Did you try posting your HJT log into this site? http://hijackthis.de/
>>
>> Worth a try!
>
> No, because the HJT log is short and clear to me. There is nothing
> suspicious. I also looked inside of all likely processes with PrcView to see
> which DLLs were being called for each process and still nothing.
>
> I'm coming to wonder if the Comcast modem itself is carrying something.
>

Could be, there were several write-ups and warnings regarding some
hacks being used, a short time ago, on routers/modems [cable and DSL]
using a web interface [ah yeah, which ones don't]. They supposedly
received firmware updates [via the ISPs], but who knows for sure whether
that hasn't also been circumvented.

I think you can find the specific models on CERT in the data base or
via a search if you're interested.

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---
From: David H. Lipman on 23 Feb 2010 16:14
From: "David Kaye" <sfdavidkaye2(a)yahoo.com>

| Virus Guy <Virus(a)Guy.com> wrote:

>>Check your HOSTS file. On XP (and vista and 7 also I think) it's
>>located in /system32/drivers/etc/

| As I previously mentioned, the hosts file is clean. The only entry is for
| local host.


Are you behind a Router ?

Do you continue to see this wierdness ?

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


From: David Kaye on 23 Feb 2010 16:20
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:

>
>Are you behind a Router ?
>
>Do you continue to see this wierdness ?
>

The customer does not use a router (unfortunately). As of late last night he
was still seeing the problem. He sent me a MalwareBytes log but it showed
absolutely nothing of use.

From: David H. Lipman on 23 Feb 2010 17:15
From: "David Kaye" <sfdavidkaye2(a)yahoo.com>

| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:


>>Are you behind a Router ?

>>Do you continue to see this wierdness ?


| The customer does not use a router (unfortunately). As of late last night he
| was still seeing the problem. He sent me a MalwareBytes log but it showed
| absolutely nothing of use.


What WAN IP address ?

What are the IP addresses of the DNS servers used ?

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


From: David Kaye on 23 Feb 2010 21:10
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:

>What are the IP addresses of the DNS servers used ?
>

They did resolve to Comcast, but then I redirected to OpenDNS with the same
result.

First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4
Prev: antivirus
Next: Security Tool Virus (spyware)