Saved by the DSL...
Forum: User Feedback
Topic: Saved by the DSL...
started by: dslfool
Posted by dslfool on July 08 2004,01:21
Friend's WinXP PC, unable to connect to Symantec via LiveUpdate for virus definitions or to Symantec's web site for manual virus def downloading (later figured out that malware had redirected access to Symantec addresses to a false address).Popped in DSL with firefox.ci, browsed to Symantec, downloaded virus defs, copied to USB flash drive, rebooted to WinXP, copied defs from USB drive, and BOO-YAH!
I love it.
Posted by ke4nt1 on July 08 2004,02:06
Great story!What software detected/removed the malware ?
What was the malware called ?
Thanks for sharing...
73
ke4nt
Posted by dslfool on July 08 2004,05:44
I never did find out exactly what software did the damage - Symantec AntiVirus didn't identify any infections or modified files, so either it couldn't see the malware or the malware was gone. I fixed the problem (per a Windows forum topic I found) by manually editing a file called HOSTS which lists specific locations for addresses (in this case, symantec.com and related addresses were referred to IP 127.0.0.0, so neither LiveUpdate nor a web browser could get to Symantec for updates). I edited out these references and Symantec was once again reachable.(If I had known this before I did the DSL/update thing I wouldn't have had to use DSL to get the new virus definitions, but at the time I thought my first priority was to, by hook or by crook, run a scan with updated definitions, and DSL allowed me to do that with tools I could fit in my shirt pocket. Fun as all get out.)
Although I never identified the malware (or found out how to prevent it from striking again), it just occurs to me that I was getting a skijillion pop-ups in Internet Explorer for McAffee anti-virus products and services. Coincidence???
Posted by ke4nt1 on July 08 2004,06:04
| Quote |
| it just occurs to me that I was getting a skijillion pop-ups in Internet Explorer for McAffee anti-virus products and services. Coincidence??? |
Reverse logic.....
" Nope, Internet Explorer makes for a fine outstanding pop-up server! "
...I'm sure mcafee knows this as well as anyone...
Tnx again,
73
ke4nt
Posted by AwPhuch on July 08 2004,14:09
I run two things1st being < Spybot-S&D >
2nd being < Adaware 6.0 >
Run them just like that and it will clean up all your spyware/malware and all that...
I also recommend Antivirus Personal Edition and < f-prot antivirus >
That keeps me pretty protected
Brian
AwPhuch
Posted by hasty on July 08 2004,14:53
Any time I want to browse I always boot from cd, and anything I download is to a separate download partition.
Plus running in ram makes for fast browsing.
Posted by ke4nt1 on July 08 2004,16:58
Likewise, I always run from LiveCD.My HDInstalls are for testing, and my in-laws.
I agree with AwPhuch on the malware programs.
What I don't like is WHY do they both find items the
other package won't?
Adaware is good about frequent updates, but LOUSY on
detecting and removing most of what I find on M$ boxes.
S&D finds a LOT of stuff that adaware leaves behind, but
the updating and support has been LOUSY up until recently.
And it's my opinion that the 0-30 day malware will still have
free reign in your windoze box until one of these programs
picks it up and adds it to their updates.
So don't get TOO COMFORTABLE doin' your thang' on M$.
Recently IE and IIS have been front page in the news,
so if I were inclined to use them, I'd certainly have other
additions to my arsenal like ZoneAlarm, BitDefender, etc..
Backup, backup, backup....
( and always keep a DSL CD within reach
)73
ke4nt
Posted by ke4nt1 on July 08 2004,21:25
Here is another link to more info on this topic, with somegood tips on using other resources outside the M$ gui.
One of my favs - OC !
< http://www.overclockers.com/tips1162/ >
73
ke4nt
Posted by dslfool on July 08 2004,23:28
Thanks all for the recommendations. I mostly use Macs and, more recently, Linux, so I've been out of the Windows troubleshooting loops for a while.