Corey

New spyware out today that comes in through your Comcast connection via the DNS server. If you get a webpage that says it is from supportcomcast or something like that wherever you attempt to surf, you are infected, but it is not an actual file on your PC. They want you to put in your private info on the website, do not. Also the phone # they list is bogus, it is a busy signal, thus tricking you to use your browser to give them your info. I ran my spyware apps many times this morning, with no fix. Comcast told me on the tele a bit ago how to fix it. Go to your start button and find the run command. Once there type in cmd, hit enter. In the text box type in ipconfig /release hit enter, and all commands after typing in ipconfig have a space after that word and before the / symbol. Now type in ipconfig /flushdns hit enter Now type in ipconfig /renew hit enter Go to your Control Panel on your start button. Choose Internet Options, and delete cookie and temp. internet files. Then go below and clear your history. This is new today, someone took over the dns somehow and it redirecting you to that spyware page. Hopefully Comcast will add this info to their website soon.

This ad is not displayed to registered members. Register your free account today and become a member on Yotatech!

__________________
Corey 2007 FJ Cruiser
Built for 4wheelin', expedition, camping, and overlanding use
PNW FJ Cruisers ☺ Detailing 101 ☺ Join Topsites ☺ Muffler Comparisons ☺ Maggiolinas In The Wild
FJ Cruiser Buildup ☺ New Roof Top Tent ☺ Video Of My Penthouse Part II ☺ Rehinge Your ARB/Engel Fridge
Blog About Roof Top Tents ☺ FJC Magazines Online Review Of My Tent ☺ 2009 Specialized Rockhopper Pro

Corey

PS, it just happened to me again as soon as I posted this.
I had to go through all the above steps and do them all over again.

Whoever created this dns spyware thing needs to be shot.

I am sure it will effect me again very soon.

Here is some info member Drew found over on DLS Reports site.
http://www.dslreports.com/forum/remark,18480900

__________________
Corey 2007 FJ Cruiser
Built for 4wheelin', expedition, camping, and overlanding use
PNW FJ Cruisers ☺ Detailing 101 ☺ Join Topsites ☺ Muffler Comparisons ☺ Maggiolinas In The Wild
FJ Cruiser Buildup ☺ New Roof Top Tent ☺ Video Of My Penthouse Part II ☺ Rehinge Your ARB/Engel Fridge
Blog About Roof Top Tents ☺ FJC Magazines Online Review Of My Tent ☺ 2009 Specialized Rockhopper Pro

Corey

If anyone has problems, try getting rid of your Comcast DNS numbers and use the Open DNS ones as detailed in the URL I posted above.

I have been attacked about 5 times this morning, but since switching over to the new DNS #s, it seems to be working OK.

I bet Comcast is having a major blowout on with this issue.
Pretty scary when someone can take control of your surfing like that.

__________________
Corey 2007 FJ Cruiser
Built for 4wheelin', expedition, camping, and overlanding use
PNW FJ Cruisers ☺ Detailing 101 ☺ Join Topsites ☺ Muffler Comparisons ☺ Maggiolinas In The Wild
FJ Cruiser Buildup ☺ New Roof Top Tent ☺ Video Of My Penthouse Part II ☺ Rehinge Your ARB/Engel Fridge
Blog About Roof Top Tents ☺ FJC Magazines Online Review Of My Tent ☺ 2009 Specialized Rockhopper Pro

arjan

Hey corey about the opendns thing, all you should have to do is change the dns settings in your network properties page for your network adapter. I downloaded the image with the settings:

Attached Thumbnails

 

__________________
2006 4Runner V8 Sports Edition
Red 1997 4Runner 3.4L Bushwacker Flares, 5spd, E locker

91TPU

i have comcast and havent gotten anything...

__________________
87' 4runner...22re...31" Bridgestone Dueler AT-New project rig and winter dd.
91' 3vze...190k...31" BFG All Terrain's...K&N FIPK-SOLD
07' Civic Si-The Daily Driver.

Corey

Thanks Arjan, I inputted as I described over on DSL's forum in both places.
All is working well, the problem has not come back.

From what I read over there, the speculation is somehow the dns servers for Comcast in WA., OR., ID., and CO. were taken over by some perp who started the attack.

91, it should not effect you since you are on the Eastern side of things.

What was frustrating earlier today was that I thought I actually had the spyware on my PC, but the repeated tests did not reveal anything thing out of the ordinary.

And I bet a lot of people will fall for that fake page and enter their info, I almost did, and I never fall for Internet scams.
Calling that 800 # on the page will get you nowhere, that is how they they trap you into getting into the chat session which is bogus, but you have already entered your info to get into the chat.

What I think they would then do with your info is setup multiple email accounts and then start mass spamming via your hi-jacked email accounts.

And here is a screenshot of the page that I and many others were seeing earlier.
It did not matter what you typed in your URL bar or what bookmark you clicked on, this screen would come up in your browser.

Whoever created it did a lot of planning on this one.

__________________
Corey 2007 FJ Cruiser
Built for 4wheelin', expedition, camping, and overlanding use
PNW FJ Cruisers ☺ Detailing 101 ☺ Join Topsites ☺ Muffler Comparisons ☺ Maggiolinas In The Wild
FJ Cruiser Buildup ☺ New Roof Top Tent ☺ Video Of My Penthouse Part II ☺ Rehinge Your ARB/Engel Fridge
Blog About Roof Top Tents ☺ FJC Magazines Online Review Of My Tent ☺ 2009 Specialized Rockhopper Pro

arjan

I thought I read somewhere that the opendns website wasn't accesable, that's why I posted the dns server addresses.

__________________
2006 4Runner V8 Sports Edition
Red 1997 4Runner 3.4L Bushwacker Flares, 5spd, E locker

Corey

I got on the site just fine, and read through the FAQ over there about them.

Seems now the page I and others were being redirected to may be legit after all, and not a hackers attempt to get our info.

But Comcast still fubared up something bigtime for us to get that page.
I bet they keep it hush hush, but it will leak out to some websites as to how it happened.

__________________
Corey 2007 FJ Cruiser
Built for 4wheelin', expedition, camping, and overlanding use
PNW FJ Cruisers ☺ Detailing 101 ☺ Join Topsites ☺ Muffler Comparisons ☺ Maggiolinas In The Wild
FJ Cruiser Buildup ☺ New Roof Top Tent ☺ Video Of My Penthouse Part II ☺ Rehinge Your ARB/Engel Fridge
Blog About Roof Top Tents ☺ FJC Magazines Online Review Of My Tent ☺ 2009 Specialized Rockhopper Pro

ocdropzone

Stuff like this, plus the never ending price increases is one reason I ditched comcast...though I will admit I miss the speed...

CAM 1

Well..this thing made it to the east coast. I'm having the same problem, I get re-directed to there web page every time I search. I'm trying to work it out right now. McAfee and the newest AVG can't find anything. and cablevision is no help what-so-ever!


Craig.

__________________
2001 Tacoma prerunner Dlb cab TRD Limited
Stuff: Manik brush guard,100 Watt Hella 500's, Extended diff breather, 265/75/16 Bridgestone REVO A/T's.
98% of all Ford Trucks are still on the road......The other 2% made it home.

Corey

Cablevision, that is your ISP?
See is anything comes up here.
http://www.dslreports.com/forums/4

By the way, I am still using Open DNS's numbers, I have not gone back to Comcasts.

The only thing is you have to type in .com .net, ect after an URL, or it will bring up Open DNS's search page.

__________________
Corey 2007 FJ Cruiser
Built for 4wheelin', expedition, camping, and overlanding use
PNW FJ Cruisers ☺ Detailing 101 ☺ Join Topsites ☺ Muffler Comparisons ☺ Maggiolinas In The Wild
FJ Cruiser Buildup ☺ New Roof Top Tent ☺ Video Of My Penthouse Part II ☺ Rehinge Your ARB/Engel Fridge
Blog About Roof Top Tents ☺ FJC Magazines Online Review Of My Tent ☺ 2009 Specialized Rockhopper Pro

isaac338

for the more nerdy amongst us it's relatively simple to run your own nameserver locally and avoid this kind of thing from happening ever again. if you're using unix or mac os x it's easy as pie. you could probably find some kind of strange bind port for windows if you wanted, too.

__________________
1994 Xtracab pickup, 180,000km
1987 4Runner, 510,000km

jasonszion

lol sounds like you have a nice little browser hijack... Try running Malwarebytes... (its a free download) to rid yourself of those nasty little things... I work in a computer repair shop and I see that all the time...
btw watchout for the virus called antivirus2009 its horrible...

__________________
'92 Toy 4x4, 22re. 108k miles

Corey

Nope, it was not spyware on my end.
Many got hit with it as seen at Comcasts forum on DSL Reports.
http://www.dslreports.com/forum/comcast

Comcast was the one that got hijacked actually, they just did not want to fess up to it.
It effected many people that day.

__________________
Corey 2007 FJ Cruiser
Built for 4wheelin', expedition, camping, and overlanding use
PNW FJ Cruisers ☺ Detailing 101 ☺ Join Topsites ☺ Muffler Comparisons ☺ Maggiolinas In The Wild
FJ Cruiser Buildup ☺ New Roof Top Tent ☺ Video Of My Penthouse Part II ☺ Rehinge Your ARB/Engel Fridge
Blog About Roof Top Tents ☺ FJC Magazines Online Review Of My Tent ☺ 2009 Specialized Rockhopper Pro

Windsor

When there are DNS-based attacks like this, you can always just hardcode your DNS server to something away from the hijacked servers.

One I use for network testing is 4.2.2.2, a leftover from Genuity (previously BBN Planet).

__________________
'87 T4R Deluxe, mall crawler
every non-SR5 option installed (sans AT), as well as:
* Cruise Control (dealer installed)
* Michelin LTX A/T2 31s on 1st-gen alloy rims
* SmittyBilt granny step bar
* SR5 Instrument Cluster