Check your host file c:\windows\drivers\etc\hosts or check which IP your connecting to for downloads. You might have had a trojan mess with your dns settings. This could happen in the host file or at a lower level which will be harder to detect.
Thanks, ------------------------------------------ Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com ------------------------------------------ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of FORC5 Sent: Saturday, February 09, 2008 3:06 PM To: [email protected] Subject: [H] Symantec AV went NUTS ? Have narrowed this down to the scheduled update feature in my SAVC file dwhwizrd.exe. When it runs it creates a endless stream of files dwhxxxx.tmp ( where xxxxis random numbers) It detects these as a trojan . So does my Webroot AV. Have I been infected by a really smart V or is this a bug in my SAVC. Wondering if anyone else has seen this.? Getting ready to un install it but meanwhile have disabled scheduled updates. Also FWIW it also is detecting tools I have used for years as bad boys. ( combofix and rockxp to name just two) google has shown this to be a false positive. thanks fp -- Tallyho ! ]:8) Taglines below ! -- I'm on the trailing edge of technology. Protected by Websense Messaging Security -- www.websense.com
