Internet Explorer hijacked by Russian bank

Discussion in 'other firewalls' started by philipmorgan, Oct 10, 2004.

Thread Status:
Not open for further replies.
  1. philipmorgan

    philipmorgan Registered Member

    Joined:
    Oct 10, 2004
    Posts:
    1
    I have installed the Sygate firewall which monitors all outward and inward traffic. About every 15 minutes it gives this warning:

    Internet Exlorer is trying to make a remote connection to the domain, "tat-neftbank.ru".

    Sygate then gives futher details:

    File Version : 6.00.2800.1106 (xpsp1.020828-1920)
    File Description : Internet Explorer (iexplore.exe)
    File Path : C:\Program Files\Internet Explorer\iexplore.exe
    Process ID : 0x270 (Heximal) 624 (Decimal)

    Connection origin : local initiated
    Protocol : TCP
    Local Address : 213.233.146.139
    Local Port : 3036
    Remote Name : tat-neftbank.ru
    Remote Address : 218.30.21.236
    Remote Port : 80 (HTTP - World Wide Web)

    Spy Doctor and AVG are also installed, but they have failed to track the source of the entity activating the browser.

    Thanks for your help

    Philip
     
  2. controler

    controler Guest

    Hi Plilip

    It would be best if you posted your hijackthis log to one of the forums that still help with it.
    It became too overwhelming here and so none look at those ijackthis logs here at Wilders anymore.


    Bruce
     
  3. TheSnowGuy

    TheSnowGuy Guest

  4. TheSnowGuy

    TheSnowGuy Guest

Loading...
Thread Status:
Not open for further replies.