Kaspersky
Solved

http://wpad.domain.name/wpad.dat

  • 27 September 2021
  • 9 replies
  • 353 views

I was hacked a week ago after that I've done a hard reset twice and i downloaded Kaspersky, since i installed Kaspersky i've been getting this notification about an acces denied event named "Svchost”.

I also noticed my internet connection has been slow

I know there's another post with this issue but i tried what the post says but it doesnt work for me

 

Evento: Acceso denegado
Usuario: (My pc name)
Tipo de usuario: Usuario activo
Nombre de la aplicación: svchost.exe
Ruta de la aplicación: C:\Windows\System32
Componente: Web Anti-Virus
Descripción del resultado: Bloqueado
Tipo: Vínculo malicioso
Nombre: http://wpad.domain.name/wpad.dat
Precisión: Exacta
Nivel de amenaza: Alta
Tipo de objeto: Página web
Nombre del objeto: wpad.dat
Ruta del objeto: http://wpad.domain.name
Motivo: Bases de datos
Fecha de publicación de las bases de datos: Ayer, 26/09/2021 04:29:00 p.

(Im sorry for my broken english but im really tired and stressed)

 

icon

Best answer by Berny 27 September 2021, 23:23

View original

9 replies

Userlevel 7
Badge +9

@Andru Welcome.

Please see step 4 in this important pinned Topic from @Danila T. 

 

@Andru Welcome.

Please see step 4 in this important pinned Topic from @Danila T. 

Hi, i tried step 2 and 3 and neither worked, what does it mean "this router is not recommended for use.”?

 

Userlevel 7
Badge +9

@Andru Please see quote below in the pinned Topic :

 

A lot of routers/modems are preset that DNS suffix.

This isn't new, this has been used for 20 years now.

Using a DNS suffix like that means that it is theoretically possible for a mal-wisher to change the file at its location, and eventually have it loaded into the user's system, thus setting up an unwanted proxy server, and intercept browsing data.”

@Andru Please see quote below in the pinned Topic :

 

A lot of routers/modems are preset that DNS suffix.

This isn't new, this has been used for 20 years now.

Using a DNS suffix like that means that it is theoretically possible for a mal-wisher to change the file at its location, and eventually have it loaded into the user's system, thus setting up an unwanted proxy server, and intercept browsing data.”

Okay so, what am i supposed to do? what's the better option?

Userlevel 7
Badge +9

@Andru Please contact your Router manufacturer or your ISP.

@Andru Please contact your Router manufacturer or your ISP.

Alright but, what should i say? i dont know how to explain it to them

Userlevel 7
Badge +9

@Andru Please copy/paste above comments in your request.

Hello,
I having the same issue.
I rest my router, changed the password, and of course updated to the latest firmware.
I have spoken to my ISP, but they did not seems to be able to solve it.

Is there a way that changing a setting in my router can solve this? For what should I look?

I have 2 routers, and I don’t want to replace them unless I’m sure I have to.
Another things, if I get new routers, how do I make sure they wull not cause the same problem? For what should I be looking when choosing  new ones?

Apprefciate all comments and ideas.
Thanks.
 

Userlevel 7
Badge +9

@Hayatt Welcome

Please contact Kaspersky Technical Support https://my.kaspersky.com/techsupport#/requests/new 

Reply