DNS server hijacking undetected

  • Thread starter Thread starter Johan Sandqvist
  • Start date Start date
J

Johan Sandqvist

Tried to submit this report using the tool but it can't connect. Keeps
complaining about checking proxy settings (which isn't the case btw).

"DNS server addresses changed by exploit"

DNS server settings for network connections that the user is allowed to
modify (e.g. VPN connections), were changed to the following servers:
69.50.166.94 and 69.31.80.244. Computer previously had exploit that was
detected and removed.
 
The connection issue is still opaque to me. I worked with a machine which
had around 9 pieces of spyware on it this morning. One of them might have
been a false positive, and I tried to submit a report. I got back an
instantaneous message--no wait at all. This is very different behavior than
I've seen at home where I only run test reports.

It really looked broken at the client end on that machine. I saved the XML,
but of course, there's no obvious way to send a saved XML file later.
 
Back
Top