Jump to content

infected by su2.ff.avast.com (IP: 92.242.140.21) - DNS Hijacking


Noujou
 Share

Recommended Posts

Hi, I just created a account just to post here, although I've had MWB Pro for the better part of 1-2 years now

 

I have attached the files required Addition.txt and FRST.txt. Also I have attached my MWB Pro Protection Log, that shows just how many times it's blocked that malicious IP.

 

I ran a threat scan prior to all of this, to see if it could pick anything up, and it came back clean. In truth I'm not sure if my computer is infected or how it could have got infected, as this only started happening today. That being said if there is anything I can help to stop all of this, that would be great.

 

 

Thanks

Addition.txt

FRST.txt

MWB_ProtLog.txt

Link to post
Share on other sites

  • Root Admin

As mentioned elsewhere, this is an Avast issue (at least partially), due to the use of a hostname that does not resolve (and hasn't done for months), consequently, and depending on ISPs, configs etc, this results in the resolution and subsequent redirection, to content on a Barefruit IP that has no relation to Avast.

One of two things that can be done in the meantime;

1. Add the following to the HOSTS file and either wait for or hope, Avast updates the DNS record or updates the software;

77.234.41.65 su2.ff.avast.com
2. Change your DNS provider as mentioned by TwinHeadedEagle (e.g. to Google (8.8.8.8, 8.8.4.4), OpenDNS (208.67.220.220, 208.67.222.222))
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.