Google error?

This probably has nothing to do with Avast! but I didn’t know where else to ask.

Has anybody seen this error from Google before?

I searched the forum for similar posts and didn’t see any.

Thanks in advance.


http://img221.echo.cx/img221/5535/google6hz.th.jpg

??? ???

I never got this Google error… It’s weird but are you sure that your computer is clean? ::slight_smile:

Well, I thought I was sure …

Are there any quick online checkers for malware?

Thanks for the quick reply by the way, Technical , appreciate it.

TrendMicro’s: http://housecall.trendmicro.com/
Bit Defender: http://www.bitdefender.com/scan/index.html
F-Secure: http://support.f-secure.com/enu/home/ols.shtml (ActiveX required)
But better is checking RejZor’s Website: http://www.security-ops.tk

Fast? You’ve seing nothing ;D :wink: Stay tunned with avast and enjoy the trip 8)

Thanks again, Technical, I will give those a try. It will give me something to do for the rest of the day ::slight_smile:

Your kind of people is what I like about Avast! :slight_smile:

I will check back later.

Well, TrendMicro didn’t find anything, but while it was running, I was able to get to Google using the raw IP address - on someone else’s suggestion, I might add. I already knew I could get to Google with a proxy but it never occurred to me to try the raw IP.

Now, it started to look more and more like a DNS problem so I flushed my DNS cache - after restarting DNS Client service which was disabled.

And lo and behold - no more Google errors!

Now I need to find out how my DNS cache got “poisoned” in the first place to prevent it from happening again.

The hunt is on, gentlemen. Any further pointers would be much appreciated.

Thanks again, Technical.

This script could flush DNS cache automatically. It’s written with AutoIt (the best Windows macro maker).
I run it when I get connected. NetRun automatically detects my on-line status and run it after a pre-defined delay.

Dim $val
$val = RunWait ( "C:\Windows\system32\ipconfig.exe /flushdns", "", @SW_HIDE )
ProcessWaitClose ( "ipconfig.exe", 15 )
Exit

Thanks, Technical, I will give that a whirl.

I have been digging around about this and it looks like it’s something that’s becoming a major problem. The people at isc.sans.org have been writing about this for a while:

http://isc.sans.org/presentations/dnspoisoning.php

and wikipedea has a useful entry on the background of the subject:

http://en.wikipedia.org/wiki/DNS_cache_poisoning

Phishing has got nothing on this. This is practically undetectable. In my case, I presume it was only meant to entice me to download some malware masquerading as anti-malware. I didn’t fall for it mainly because I couldn’t imagine Google pushing any product of that kind. I am fairly sure others have taken the bait hook, line and sinker.

But it could have been more serious and probably will be before too long. Think of the possibilities if you can lead some bank or credit card traffic to some server in a garage. I know - a little dramatic - but it’s not improbable.

I still haven’t been able to determine how to detect it - unless it’s obvious as in my Google error message. I also have no idea why flushing my DNS cache seems to fix the problem. It’s as if the DNS poisoning was detected and corrected by my ISP after the bogus entry made it to my local DNS cache, which is probably the case.

Someone should write an unobtrusive background process that uses idle network times to periodically check any new local DNS cache entries against a secondary DNS server and alert the user of any discrepancies.

I wonder how useful that would be?