Strange behaviour
From: Me2 (nospam_at_nospam.not)
Date: 10/04/03
- Next message: Me2: "A 6% fix from Microsoft Security Bulletin MS03-040 - 828750"
- Previous message: Jupiter Jones [MVP]: "Re: Microsoft Security Bulletin MS03-040 - 828750"
- In reply to: hansh: "Strange behaviour"
- Next in thread: ahl: "Re: Strange behaviour"
- Reply: ahl: "Re: Strange behaviour"
- Reply: hansh: "Strange behaviour"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 4 Oct 2003 00:47:41 -0700
Hansh,
Sorry, I forgot - M$ does not even acknowledge this Trojan
as a problem on their security pages. That's why you need
to visit the Symantec website. It's in all of the news
media, but M$ for some reason does not acknowlege it.
Likely because there are 29 other vulrabilities in IE that
need fixing...
Also, it is unknown if the latest update MS03-040 from M$
blocks Trojan.Qhosts. MS03-040 has lots to say but what
exactly it is blocking is hard to decipher...
>-----Original Message-----
>Found it! There was another hosts file in
>c:\windows\system32\drivers\etc . Deleted the offending
>entries in notepad and saved the result. Reinstalling IP
>probably wouldn't have worked.
>
>Still wondering who or what did this and why. I'm sure I
>didn't. Perhaps another searchmachine?
>
>>-----Original Message-----
>>I went a bit further. It is probably not a virus.
>>
>>The ip-address 207.44.194.56 shows up in the dns cache:
>>ipconfig /displaydns. Practically every searchmachine
>has
>>an entry with this address.
>>
>>ipconfig /flushdns should remedy this, but it doesn't.
>>Deleting the host-file doesn't help either.
>>Any bright ideas (apart from de/reinstalling IP)??
>>
>>
>>>-----Original Message-----
>>>I went to www.google.com as I often do and landed on a
>>>page from Cpanel. I did some tests and these are the
>>>results:
>>>nslookup www.google.com gives 216.239.59.99 (correct)
>>>tracert www.google.com finds 207.44.194.56 (wrong)
>>>ping www.google.com finds 207.44.194.56 (wrong)
>>>
>>>The same error occurs with www.altavista.com. All other
>>>sites I tried give the correct result.
>>>
>>>I tried a system recovery (Windows XP) to a state three
>>>weeks ago, that didn't help. Reapplying servicepack 1a
>>>didn't help.
>>>
>>>I have done a complete virusscan (updated McAfee
>first) -
>>
>>>nothing.
>>>
>>>Could this be a virus? Any help appreciated greatly -
>am
>>>at wits end...
>>>
>>>.
>>>
>>.
>>
>.
>
- Next message: Me2: "A 6% fix from Microsoft Security Bulletin MS03-040 - 828750"
- Previous message: Jupiter Jones [MVP]: "Re: Microsoft Security Bulletin MS03-040 - 828750"
- In reply to: hansh: "Strange behaviour"
- Next in thread: ahl: "Re: Strange behaviour"
- Reply: ahl: "Re: Strange behaviour"
- Reply: hansh: "Strange behaviour"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
