Hi
I have version 6... running on Win98. It has been fine for years.
Now, in the status box, instead of telling me that it is time to update
my definitions, it shows the message:
'Unable to read the virus definitions date: Run LiveUpdate'
If I do, it freezes whilst saying it is trying to connect to symmantec.
If I use Task manager to End TAsk, I still ahve to reboot as it upset
other internet applications.
Any clues?
Ta.
Here's an article from the Tom Coyote forum. It's a long-shot since
it is new to the internet, but this will help get the word out:
~~~~~~~~~~~~~~~~~
Are you having difficulty accessing security-related web sites ?
You could have been hit by one of the latest hosts file scam by the
Not-Coolwebsearch people...
Easy enough to fix this.
Get this program called Hosts File Reader. It will show the hosts file
wherever it is located.
http://members.shaw.ca/techcd/VB_Projects/...sFileReader.exe
Run the program and look at the bottom part of the window, if an entry
is there, double click it.
You should see the contents of that file appear in the top part of the
window. You can then change, delete, append, do what you want to the
file using that utility.
If you do not consciously use a hosts file, you can choose to delete it.
If you do use a hosts file, then you probably know how to deal with the
entries listed.
If you aren't sure, there is the "Enable/Disable" function you can use.
Disabling, will backup the current hosts and create a new default one.
By doing this, you should be able to access those sites again.
The current (partial) list of sites blocked by this latest malicious
hosts file is:
forums.spywareinfo.com
www.spywareinfo.com
www.merijn.org
merijn.org
spywareinfo.com
www.computercops.biz
computercops.biz
dslreports.com
www.dslreports.com
www.lavasoftsupport.com
lavasoftsupport.com
forums.net-integration.net
www.tomcoyote.org
tomcoyote.org
www.wilderssecurity.com
wilderssecurity.com
www.lavasoftusa.com
lavasoftusa.com
security.kolla.de
www.security.kolla.de
www.lavasoft.de
lavasoft.de
~~~~~~~~~~~~~~~~
The people who distribute the coolwebsearch.com trojan have added
SpywareInfo and Lavasoft's support site to victims' HOSTS files in a
vain attempt to prevent their victims from receiving assistance in
removing the trojan.
Specifically, spywareinfo.com,
www.spywareinfo.com, lavasoftsupport.com,
and
www.lavasoftsupport.com are redirected to a porn site on infected
machines.
The official addresses for HijackThis and CWShredder are
http://www.merijn.org/files/cwshredder.zip and
http://www.merijn.org/files/HijackThis.exe
If you or someone you are helping elsewhere are blocked from this site,
you can use these alternate addresses to download the file. These
addresses are immune to HOSTS file hijacks.
http://216.180.233.153/~merijn/files/hijackthis.zip
http://216.180.233.153/~merijn/files/cwshredder.zip
http://216.180.233.153/~merijn/
~~~~~~~~~~~~~
HTH,
