McAfee Problem

~bk

I
Political Access
Joined
3 Nov 2003
Messages
3,768
See the attachment. It says unable to connect to the update server. =/
Any idea?
 

~bk

I
Political Access
Joined
3 Nov 2003
Messages
3,768
And my icons beside the clock keep on disappearing.
 

~bk

I
Political Access
Joined
3 Nov 2003
Messages
3,768
Aha! I think i found the bastardido :p

I was scanning my computer with McAfee, and received a virus alert. The file name is configdlr.exe

What do you guys think? Was this causing all those problems?
 

Xie

- geek -
Joined
29 Sep 2003
Messages
5,274
Well it's more then possible that a virus has disabled your AV ... I would scan your system again w/ something like housecall and see if it finds anything else. If your system is then clean you might have to reinstall your AV depending on how the virus went about disabling it.
 

NetRyder

Tech Junkie
Joined
19 Apr 2002
Messages
13,256
Yeah, certain viruses attempt to disable or cripple antivirus software in certain ways. My roommate got a virus yesterday, and it brought Norton down to its knees. Besides that, it added every major antivirus manufacturer's URL to the hosts file and mapped them all to 127.0.0.1, so he couldn't even head over to Symantec's site to find a solution until I told him what the problem was.
Freaky...
 

~bk

I
Political Access
Joined
3 Nov 2003
Messages
3,768
Xie said:
Well it's more then possible that a virus has disabled your AV ... I would scan your system again w/ something like housecall and see if it finds anything else. If your system is then clean you might have to reinstall your AV depending on how the virus went about disabling it.

I will do that in a moment.
 

~bk

I
Political Access
Joined
3 Nov 2003
Messages
3,768
Ok. I found one more virus when I scanned with Housecall.

Name of virus: DOS_AGOBOT.HM
Scan result: Non-cleanable
File: C:\Windows\system32\drivers\etc\hosts

So this is means I have to go to his particular folder and deleted that file?
 

~bk

I
Political Access
Joined
3 Nov 2003
Messages
3,768
I'm done with the scanning. After the scan was finished, I deleted that file.
So what do I do now?
 

j79zlr

Glaanies script monkey
Political Access
Joined
16 Feb 2003
Messages
2,725
The only line that should be in the hosts file by default is

127.0.0.1 localhost

everything else can be removed.
 

ming

OSNN Advanced
Joined
17 Jun 2003
Messages
4,252
j79zlr said:
The only line that should be in the hosts file by default is

127.0.0.1 localhost

everything else can be removed.
What is this file for? and what are the addresses in the file?
I've got probably 2 A4 pages full of addresses in that file. :p

Last line says "#END of KL Supertrick...."
 

~bk

I
Political Access
Joined
3 Nov 2003
Messages
3,768
j79zlr said:
The only line that should be in the hosts file by default is

127.0.0.1 localhost

everything else can be removed.

I don't get it. :confused:
 

j79zlr

Glaanies script monkey
Political Access
Joined
16 Feb 2003
Messages
2,725
The host file overrides name resolution, so an entry like

216.239.57.99 google.com

would resolve google.com to that IP address. Some new spyware hijacks this file and points normal address [i.e. symantec.com] to a spyware site.

now if you put in there

216.239.57.99 yahoo.com

Typing yahoo.com would actually take you to google.

this is what the default hosts file looks like

Code:
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
 

~bk

I
Political Access
Joined
3 Nov 2003
Messages
3,768
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

Don't know if i'm supposed to post this but that's whats in the file.
 

j79zlr

Glaanies script monkey
Political Access
Joined
16 Feb 2003
Messages
2,725
~bk said:

I posted the default file, then you posted the same thing, yes that is what you are supposed to have in that file.
 

ming

OSNN Advanced
Joined
17 Jun 2003
Messages
4,252
sooo... what if it says something like 127.0.0.1 www.yahoo.com?? or 127.0.0.1 abcdefg?
 

~bk

I
Political Access
Joined
3 Nov 2003
Messages
3,768
j79zlr said:
I posted the default file, then you posted the same thing, yes that is what you are supposed to have in that file.

Oopss!

So that means everything is fine now?
 

Members online

Latest profile posts

Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
Terrahertz wrote on Electronic Punk's profile.
Yo fellas!
Electronic Punk wrote on Sazar's profile.
Where are you buddy?
Perris Calderon wrote on Electronic Punk's profile.
Hey EP! All good with me, applying for Microsoft MVP right now, should have done this a while ago.

Notifications don't work, I only found your response by coming back to hunt up some threads, if you want, give me your email address so we can keep in touch easier!
Perris Calderon wrote on Electronic Punk's profile.
EP, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there!

Forum statistics

Threads
61,997
Messages
673,411
Members
5,589
Latest member
EmilyFox