Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Virus
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Adware/Spyware (maybe a virus) that limits connectivity for windows

from [Agustin Mogollon] Network Security [Permanent Link]
Subject: RE: Adware/Spyware (maybe a virus) that limits connectivity for windows network interface
Date: Tue, 2 Nov 2004 16:45:38 +0100 
It's possible that you are dealing with a buggy LSP (Layered Service Provider) 
software, that could be installed by the adware/spyware you have detected. You 
should try to run LSPfix utility (http://cexx.org/lspfix.htm) both in the 
infected computer and in a clean one with same configuration to compare (unless 
you exacly know which are the expeced layers). Read the text document included 
with the program carefully.

Agustín Mogollón Tenani
Panda Labs
mailto:amogollon@pandasoftware.es

Panda Software
Buenos Aires, 12
48001 BILBAO - ESPAÑA
Teléfono: 902 24 365 4
Fax:  94 424 46 97
http://www.pandasoftware.es
Panda Software, una de las principales compañías desarrolladoras de soluciones 
de protección contra virus e intrusos, presenta su nueva familia de soluciones. 
Todos los usuarios de ordenadores, desde las redes más grandes a los 
domésticos, disponen ahora de nuevos productos con excelentes tecnologías de 
seguridad. Más información en: http://www.pandasoftware.es/productos
¡Protéjase ahora contra virus e intrusos! Pruebe gratis nuestros productos en 
http://www.pandasoftware.es/descargas/


-----Mensaje original-----
De: Dan Denton [mailto:ddenton@PAYLESSOFFICE.com]
Enviado el: lunes, 01 de noviembre de 2004 18:09
Para: focus-virus@securityfocus.com
Asunto: Adware/Spyware (maybe a virus) that limits connectivity for
windows network interface


A company who I do consulting for has had 2 machines in the past 2
months who have been infected with adware and spyware who's network
interface shows "Limited or no connectivity". The first was some time
ago, and the only way I could get the machine to talk on the network was
to slick and rebuild it (probably the responsible thing to do anyway).

From what I have read on the internet this means that the computer

cannot connect to it's DHCP server. A repair of the interface results in
an error saying that an address couldn't be obtained from the server.
Reinstalling TCP/IP, Repair installs of WinXP, reinstalls of SP2, Virus
and Ad-aware scans do not fix the problem. Dealing with the 2nd machine
this has happened to, I've found a process called wmiprvse.exe that
didn't look familiar, and according to Symantec it could be a sign of
Trojan.Gletta.A or a Gaobot variant, however neither of these was found
by a scan (Symantec or Trend). I'm looking for a course of action other
than nuke/pave. Any suggestions would be greatly appreciated.

Dan Denton
Information Technology Manager, CCNA
Pay-LESS Office Products
402-891-6210 ext 61
ddenton@paylessoffice.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Strange Spyware or virus or processes, Chris Burton
Next by Date:  Re: Adware/Spyware (maybe a virus) that limits connectivity for windows network interface, Anthony DiPasquale
Previous by Thread:  RE: Adware/Spyware (maybe a virus) that limits connectivity for windows network interface, Mike
Next by Thread:  Re: Adware/Spyware (maybe a virus) that limits connectivity for windows network interface, H Carvey
Indexes:  [Date] [Thread] [Top] [All Lists]