Anybody Come Across A Weird Redirect?
in [Windows Viruses]
|
Prev: antivirus
Next: Security Tool Virus (spyware)
From: Virus Guy on 23 Feb 2010 21:58 David Kaye wrote: > > Check your HOSTS file. On XP (and vista and 7 also I think) > > it's located in /system32/drivers/etc/ > > As I previously mentioned, the hosts file is clean. The only > entry is for local host. I bet you have zbot. check the permissions on the hosts file. Also, can you bring up the task manager (control-alt-delete)? I'm betting no.
From: David Kaye on 23 Feb 2010 22:07 Virus Guy <Virus(a)Guy.com> wrote: >I bet you have zbot. > >check the permissions on the hosts file. I set the hosts file to read-only. Task Manager comes up fine. I'll find out more about zbot though.
From: David H. Lipman on 23 Feb 2010 22:19 From: "David Kaye" <sfdavidkaye2(a)yahoo.com> | Virus Guy <Virus(a)Guy.com> wrote: >>I bet you have zbot. >>check the permissions on the hosts file. | I set the hosts file to read-only. Task Manager comes up fine. | I'll find out more about zbot though. Setting the etc/hosts file to a Read-Only atrribute is a waste of time. Any malware can change the attaribute at-will in WinXP and below. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Virus Guy on 24 Feb 2010 00:17 "David H. Lipman" wrote: > >>check the permissions on the hosts file. > Setting the etc/hosts file to a Read-Only atrribute is a waste > of time. It's not that I wanted him to set the attributes - I just wanted to know if they had been set to something wierd, like hidden, or accessible only to the system or admin account.
From: Virus Guy on 24 Feb 2010 00:22
David Kaye wrote: > > Are you behind a Router ? > > The customer does not use a router (unfortunately). Hmmm. You have a customer that does not have a router? Meaning that he has only 1 PC on his lan (if you can call it a lan). ?? Not having a router is ok, so long as the modem's NAT functionality has been enabled. If the modem doesn't have NAT, then it's time to get a new modem. > He sent me a MalwareBytes log but it showed absolutely nothing > of use. The drive needs to be removed and scanned for malware on another system. |