Internet Explorer hijacked by Russian bank

Discussion in 'other firewalls' started by philipmorgan, Oct 10, 2004.

Thread Status:
Not open for further replies.
  1. philipmorgan

    philipmorgan Registered Member

    Joined:
    Oct 10, 2004
    Posts:
    1
    I have installed the Sygate firewall which monitors all outward and inward traffic. About every 15 minutes it gives this warning:

    Internet Exlorer is trying to make a remote connection to the domain, "tat-neftbank.ru".

    Sygate then gives futher details:

    File Version : 6.00.2800.1106 (xpsp1.020828-1920)
    File Description : Internet Explorer (iexplore.exe)
    File Path : C:\Program Files\Internet Explorer\iexplore.exe
    Process ID : 0x270 (Heximal) 624 (Decimal)

    Connection origin : local initiated
    Protocol : TCP
    Local Address : 213.233.146.139
    Local Port : 3036
    Remote Name : tat-neftbank.ru
    Remote Address : 218.30.21.236
    Remote Port : 80 (HTTP - World Wide Web)

    Spy Doctor and AVG are also installed, but they have failed to track the source of the entity activating the browser.

    Thanks for your help

    Philip
     
    philipmorgan, Oct 10, 2004
    #1
  2. controler

    controler Guest

    Hi Plilip

    It would be best if you posted your hijackthis log to one of the forums that still help with it.
    It became too overwhelming here and so none look at those ijackthis logs here at Wilders anymore.


    Bruce
     
    controler, Oct 10, 2004
    #2
  3. TheSnowGuy

    TheSnowGuy Guest

    TheSnowGuy, Oct 10, 2004
    #3
  4. TheSnowGuy

    TheSnowGuy Guest

    TheSnowGuy, Oct 10, 2004
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...