|
|
Sabrina Kilian wrote:
> I have seen this behavior with viruses, the annoying Vundo strain in
> particular. It leaves the DNS entries alone, but installs several
> proxies and tries to redirect all traffic through those. DNS appears to
> work fine, as I threw a second computer into the network with a packet
> sniffer. But when you request a page, that traffic gets sent to the
> proxy, which then adds in the pop-up windows and who knows what else.
>
> My best advice to see what is happening is a packet sniffer on a second
> computer. If it is a virus, the computer will send a DNS request, get
> back an address for the website, and then send packets to the proxy at a
> third address. If the packets go to a DNS server that is not the one you
> think it should be, also a virus. If neither of those, then you can sort
> out which DNS is junk; on the computer, the router, the ISP, or worse.
>
> If both the PCs with the problem are running Windows, I would be looking
> at something like the Opachki virus, not DNS poisoning. Specifically
> because your computer has not experienced it, if it is on the same
> network as your wife's.
Neither of those... Virus scanners & Adaware on both computers comes up
empty ... Hmmm.
--
~Mike
Post a reply to this message
|
|