Friend's WinXP PC, unable to connect to Symantec via LiveUpdate for virus definitions or to Symantec's web site for manual virus def downloading (later figured out that malware had redirected access to Symantec addresses to a false address).
Popped in DSL with firefox.ci, browsed to Symantec, downloaded virus defs, copied to USB flash drive, rebooted to WinXP, copied defs from USB drive, and BOO-YAH!
I love it.Great story!
What software detected/removed the malware ? What was the malware called ?
Thanks for sharing...
73 ke4ntI never did find out exactly what software did the damage - Symantec AntiVirus didn't identify any infections or modified files, so either it couldn't see the malware or the malware was gone. I fixed the problem (per a Windows forum topic I found) by manually editing a file called HOSTS which lists specific locations for addresses (in this case, symantec.com and related addresses were referred to IP 127.0.0.0, so neither LiveUpdate nor a web browser could get to Symantec for updates). I edited out these references and Symantec was once again reachable.
(If I had known this before I did the DSL/update thing I wouldn't have had to use DSL to get the new virus definitions, but at the time I thought my first priority was to, by hook or by crook, run a scan with updated definitions, and DSL allowed me to do that with tools I could fit in my shirt pocket. Fun as all get out.)
Although I never identified the malware (or found out how to prevent it from striking again), it just occurs to me that I was getting a skijillion pop-ups in Internet Explorer for McAffee anti-virus products and services. Coincidence???
Quote
it just occurs to me that I was getting a skijillion pop-ups in Internet Explorer for McAffee anti-virus products and services. Coincidence???
Reverse logic.....
" Nope, Internet Explorer makes for a fine outstanding pop-up server! "
...I'm sure mcafee knows this as well as anyone...
