_dummy_dnsresolver

Psiphon · 01-06-2010 10:31 AM

Hi,

After playing CoH I closed my PC straight down and got the error that it was unable to close the program _dummy_dnsresolver.

I've run various scans on my PC for viruses and trojans etc and found nothing, I've also Googled it and can find very little. I did find a reference to a PC game using this so my query is - is this a valid program used by CoH or have I been hacked?

dummy_dnsresolver doesn't seem like the best name to give a program being used by a Trojan etc.

Any help or info would be greatly appreciated.

L50s: Tanks: Cryofission - Ice/EM - Dr Celsius - Fire/Ice - Saint George - SD/SS | Controllers: Psichosis - Ill/Kin - Major Chaos - Ill/Stm | Scrappers - Neutron Crusader - DM/SR

Currently Levelling: Angelic Blade - BS/WP Scrapper | Seeds of Destruction - Plant/Kin Controller

Obsidius · 01-06-2010 10:44 AM

Sounds like malware, or something a malicious browser tool is using to redirect certain DNS queries to other, less trusted destinations. Try downloading & running LavaSoft Ad-Aware or any other spyware/malware search program, as most vanilla antivirus programs won't pick these up.

And no, this isn't a CoH process. CoH only runs off of one process (cityofheroes.exe).

Psiphon · 01-06-2010 11:14 AM

Thanks for the feedback, I'll try your suggestions and reinstall as a last resort.

L50s: Tanks: Cryofission - Ice/EM - Dr Celsius - Fire/Ice - Saint George - SD/SS | Controllers: Psichosis - Ill/Kin - Major Chaos - Ill/Stm | Scrappers - Neutron Crusader - DM/SR

Currently Levelling: Angelic Blade - BS/WP Scrapper | Seeds of Destruction - Plant/Kin Controller

Katze · 01-06-2010 12:31 PM

Last time I had this I did a search online as well. The only related thing I found on my machine was the Bonjour program (which a few sites considered as "malware") which is installed as part of Apple's i-Tunes /Quick time updates. I uninstalled it just to be safe, and double checked with Hijack This that it was gone. It can also be disabled in Windows services.

Apple's FAQ on Bonjour

--------------
"Chew Electric Death, Snarling Cur!"

Starcloud · 01-06-2010 12:38 PM

Ah. I suppose it's a good thing I've uninstalled QuickTime on my machine then.

Zombie Man · 01-06-2010 07:11 PM

Quote:

Originally Posted by Katze

Last time I had this I did a search online as well. The only related thing I found on my machine was the Bonjour program (which a few sites considered as "malware") which is installed as part of Apple's i-Tunes /Quick time updates. I uninstalled it just to be safe, and double checked with Hijack This that it was gone. It can also be disabled in Windows services.

Apple's FAQ on Bonjour

Which says:

Q. Why does my system report Bonjour as spyware/malware?
In order to provide you accurate information about services on your local network, Bonjour needs to run continuously in the background. Some security systems have not yet been updated to recognize Bonjour as legitimate system software.

No, Apple, it's not flagged as malware because it's running continuously, it's flagged as malware because it installed itself secretly without permission and I have an invective of nasty words to say about any program producers who do such underhanded things like this so that they keep a continual foot-in-the-door on my computer.

Speeding Through New DA Repeatables || Spreadsheet o' Enhancements || Zombie Skins: better skins for these forums || Guide to Guides

Texas Justice · 01-06-2010 08:15 PM

Quote:

Originally Posted by Zombie Man

Which says:

Q. Why does my system report Bonjour as spyware/malware?
In order to provide you accurate information about services on your local network, Bonjour needs to run continuously in the background. Some security systems have not yet been updated to recognize Bonjour as legitimate system software.

No, Apple, it's not flagged as malware because it's running continuously, it's flagged as malware because it installed itself secretly without permission and I have an invective of nasty words to say about any program producers who do such underhanded things like this so that they keep a continual foot-in-the-door on my computer.

Not only does it install Bonjour without notice, iTunes and Quicktime also install the Apple Software Updater that will, again without asking, download and install software updates from Apple. Updates by Apples definition includes the Safari browser that you didn't have installed at all. That isn't an update, that's a totally new program installation that I didn't ask for.

Yeah, Apple is trying to force their software onto your computer and people call Microsoft the Evil Empire

.

If the game spit out 20 dollar bills people would complain that they weren't sequentially numbered. If they were sequentially numbered people would complain that they weren't random enough.

Black Pebble is my new hero.

Master-Blade · 01-06-2010 09:05 PM

I get that on my main PC once in a while as well. I don't do ANY web browsing with it at all, and the only programs I even have installed on it as CoH and HeroStats (both of which I downloaded the install file with my laptop and transferred over my network).

I don't know what Bonjour is, and I don't even have Quicktime or any other "i" products from Apple either.

It only happens if I try shutting down my system almost immediately after logging off the game. I posted about this a long time ago and we chalked it up to a stuck network process that happens sometimes when "exiting to desktop". If my system is idle for at least a minute or so, I can shut down normally anyway.

I don't worry about it. All is fine.