Recently some of my friends had a problem that I think it is related to ARP spoofing.
The antivirus detects various trojans: especially Tr\Real player trojan on almost every particular website that are 100 % clean: www.viruslist.com, www.softpedia.com, etc.
One thing spotted before this is that after trying to load the webpage the traffic is redirected to some websites like 8v**.biz or 78***.com, etc.
I suggested them to enable ARP protection in Comodo but this didn’t help. Isn’t Comodo protecting against these kind of attacks ?
Another place to check is your HOSTS file in windows/system32/drivers/etc . It overrides your DNS lookups if someone were to want to redirect things.
I’ve already checked that file. It is not modified.
I don’t want to bump my own topic, but I’m really concern if ARP spoof protection is available in Comodo or not ?
Many people start having the same symptoms I described in my first post… with ARP spoof from their network.
Firewall > Advanced > Attack Detection Settings > Protect ARP Cache?
yes… I know that but I’m not sure whether this protects against ARP spoof attacks or not ?
Hes being redirected, you need an antispyware that protects network settings. I know spyware doctor actively protects that. Other then that use the COMODO protection. If you want something more I know Zonealarm PRO can lock the host file from all modification, but thats extreme. Download spyware doctor, from www.pctools.com, get the one with out the antivirus protection, and do a full scan.
It will scan your browser, and network settings, exposing what ever is doing this redirect. The spyware doctor will not remove the threats, so if the scan finds something, then I will instruct you to get the starter version; It has cleaning capabilities and it is part of the free google pack.