Re: Major Bank On-line Security Problem?

On Tue, 22 Jul 2008 19:34:42 +0100, "\(used to be\) Fat Sam"
<samandjanet@xxxxxxxxxxxxxxxxxxxxx> wrote:

judith wrote:
On Tue, 22 Jul 2008 12:49:23 +0100, "\(used to be\) Fat Sam"
<samandjanet@xxxxxxxxxxxxxxxxxxxxx> wrote:

judith wrote:
On Mon, 21 Jul 2008 18:43:21 +0100, "\(used to be\) Fat Sam"
<samandjanet@xxxxxxxxxxxxxxxxxxxxx> wrote:

<snip>


Will be interesting to see what turns up when he checks the hosts
file. Good to know that the problem has been resolved. It's a very
graphic illustration of the importance of constant vigilance when
visiting secure sites.


The problem still exists.

Here is summary of what has been done - at either request of bank,
me, or someone here.


1) No problems with Firefox
2) Panda Anti-Rootkit 1.08 - in depth scan
3) Panda Active Scan 2.0
4) Trend Micro Anti-rootkit
5) F-secure Anti-rootkit
6) Are these files on your machine?:
ed47fa.$
fa56d7ec.$$$
bca4e2da.$$$
Answer: NO
7) Look in Hosts and IMhosts - they are both normal
8) Run DNS check http://www.doxpara.com/
Result : 195.188.152.62 appears to be safe
He is on VirginMedia - it appears to be an old telewest DNS
9) fsecureblacklight
10) highhjackthis
11) The bank have said that there are a "number of Virgin media
customers affected - but it is not limited to that ISP"


(I am not expecting it to be solved by these groups - I will
continue with updates for interest)

But thanks for suggestions.

Out of interest, does he know how to set up a proxy to connect
through? Would be interesting to see if the problem persists when
using a proxy server.

No - and to be honest he seems happy now that he is using Firefox -
and the problem is definitely not there - as he wants to crack on with
his work. I may ask him if I can do a remote access to his machine
and try some things - but he uses it most of the time.

Fair play.
The new Firefox is a fantastic browser. Far better than IE, so he'll no
doubt enjoy his online eperience more now.

Did you say that the problem doesn't exist when using Firefox?
If so, has he tried uninstalling and re-installing IE to see if that
has any effect?

It doesn't - and he hasn't - I may try that.

Presumably he has reported the issue to Virgin and they're looking
into their DNS configuration?

Yes - they said that he had a virus!!

LOL. The last resort suggestion of technical helpdesks all around the world.

I thought that was reinstall Windows? Or is that the first resort for
all "helpdesks"?

--
(\__/) M.
(='.'=) Owing to the amount of spam posted via googlegroups and
(")_(") their inaction to the problem. I am blocking most articles
posted from there. If you wish your postings to be seen by
everyone you will need use a different method of posting.
See http://improve-usenet.org

.

Quantcast