Major Bank On-line Security Problem?

Fair comment - I was using the ter I thought would be better understood, though as you say it is not really the correct term to use.

Out of interest, does he know how to set up a proxy to connect through? Would be interesting to see if the problem persists when using a proxy server.

Did you say that the problem doesn't exist when using Firefox? If so, has he tried uninstalling and re-installing IE to see if that has any effect?

Presumably he has reported the issue to Virgin and they're looking into their DNS configuration?

No - and to be honest he seems happy now that he is using Firefox - and the problem is definitely not there - as he wants to crack on with his work. I may ask him if I can do a remote access to his machine and try some things - but he uses it most of the time.

It doesn't - and he hasn't - I may try that.

Yes - they said that he had a virus!!

Fair play. The new Firefox is a fantastic browser. Far better than IE, so he'll no doubt enjoy his online eperience more now.

LOL. The last resort suggestion of technical helpdesks all around the world.

That's why I was so convinced it was an rogue entry in the hosts file. But that turned out to be clean, so my theory was wrong.

Hmmm. A bit extreme really. But having said that, I'm all out of ideas.

Although, in this case, it's hard to escape that conclusion. A DNS issue would affect Firefox as well as IE, so a compromise on the local PC seems the most likely explanation.

Personally, I'd wipe the hard disk and reinstall the OS.

Mike.

An entry in the hosts file would also affect Firefox. It is more likely to be a rouge BHO (Browser Helper Object), or something similar infecting Internet Explorer.

I wouldn`t say it was extreme. There is a fair chance the PC has been compromised in some way, but nobody can identify how. If you can`t tell how it`s been compromised, how can you fix it and be sure it is no longer compromised? A few hours work to format and reinstall everything removes that worry.

with a caveat that any programmer worth his salt will check for "Read only", before trying to update the file. Many years ago, when I wrote a virus as an acedemic exercise, I included a little bit of code which checked for read-only, unset it, updated the file, then reset it ... in this case, the safest bet is to make sure only the adminstrator

IIRC in *nix based systems, the hosts file can't be modified from a user account, read-only or not.

I thought that was reinstall Windows? Or is that the first resort for all "helpdesks"?

A trojan?

A variant of Vundo ?

Vundofix

if you log on as root, or use sudo, and do chmod 666 /etc/hosts then everyone will be able to change it

You can use a standard account in Windows XP, then you won't be able to change the hosts file. You won't be able to do a lot of other useful things either though.