View Full Version : What kind of attack, malware is this?
R2D2
January 26th, 2006, 06:16 AM
I was just curious to what it could've been...
Recently, I was unable to access specific websites such as my yahoo email, CNN, and certain others. This went on for weeks, (until a reformat :P ). I know it wasn't because their servers were down or overloaded because it's a very slim chance that the same specific websites over a long period of time wouldn't be accessible.
Was this a Denial of Service attack? ???
Any ideas?
Jeff
SpikeyB
January 26th, 2006, 06:48 AM
Maybe those websites had been added to your hosts file.
R2D2
January 26th, 2006, 07:31 AM
Thanks SpikeyB!
Good to know.
I'll check that file's contents if it happens again.
Jeff
Notok
January 26th, 2006, 12:14 PM
Malware changing the HOSTS file is a very definite possibility.. there's a lot of worms and other malware out there that are still doing this to make it hard for you to disinfect (hard to disinfect when you can't get to a website to download a disinfection tool).. in addition some of these will attempt to kill security software and other tools used in remvoing malware.
R2D2
January 26th, 2006, 12:27 PM
Hi Notok,
Yes, the HOSTS file is a popular target.:-X
I guess I could make a backup copy of the file so that if it gets infected, just delete the infected file and reinstall the clean one in its place.
I thought my Spyware Doctor would protect the host file from infection.???
Jeff
Notok
January 26th, 2006, 10:36 PM
If you have all the "On-Guard" settings on, it should.. I suppose it's possible that it got it when it was down, though. There are other possibilities, but that's the most common one.
chocolate doodle
January 27th, 2006, 01:35 AM
spyware blaster can be keeping backups of hostfiles, so does spybot also winpatrol and spybot can lock host files from attack, i think..
R2D2
January 27th, 2006, 02:08 AM
{QUOTE-> If you have all the "On-Guard" settings on, it should.. I suppose it's possible that it got it when it was down, though. There are other possibilities, but that's the most common one. <-QUOTE}
Oops, I don't think I had it set right :-X , but fixed it.
Thanks Notok!
{QUOTE-> spyware blaster can be keeping backups of hostfiles, so does spybot also winpatrol and spybot can lock host files from attack, i think.. <-QUOTE}
Thanks chocolate doodle. I didn't have any of those running when it happened but good info to have.
By the way, I just sent you a post to your thread, "What's the best download spot"
Thanks,
Jeff
vBulletin® Copyright ©2000-2009, Jelsoft Enterprises Ltd.