Douglas Ray via luv-main <[email protected]> writes: > We have a PC with firmware malware on - at least - both DVDs.
Er, are you saying the microcontroller on the DVD drive's circuit board is infected? (As opposed to the infected component being on the motherboard, or on a DVD *disc*, or...) How did you determine this? > Booting a DVD live-image of ubuntu, invocations of > firefox are intercepted and come up as "JON recovery system" > or some such. The attack vector may have been the old XP > system on the harddrive, but equally it may have been one > of the ubuntu images. As another poster suggested, "jon recovery system" appears to originate from the httpd in D-Link firmware for router appliances. If you remove all NICs from the "infected PC", do the symptoms go away? _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
