Ralf Hildebrandt wrote:
> * Arancaytar <arancaytar.ilya...@gmail.com>:
>
>> Further investigation showed that the primary DNS server in my settings
>> (85.255.112.204) inexplicably resolves database.clamav.net to 127.0.0.1,
>> which effectively blocks the domain from being accessed. You can see
>> this for yourself by running nslookup database.clamav.net 85.255.112.204:
>>
>> $ nslookup database.clamav.net 85.255.112.204
>> Server: 85.255.112.204
>> Address: 85.255.112.204#53
>
> Why don't you ask your ISP?
>
Well, it's not my ISP (though I did alert the ISP's abuse address); it's
a nameserver I don't remember entering. Fearing an infection, I shut
down Windows and ran a full scan from within my dual-boot Ubuntu system.
In Linux, the DNS was configured normally, so I was able to scan with an
up-to-date signature database.
However, that scan only found "W32.Virut.Gen.D-144" in my Google Chrome
installation, which judging by search results appears to be a known
false positive. Otherwise, nothing.
Since the system doesn't appear to be infected, I guess I just need to
remove the problematic DNS server and replace it with those of my own
ISP - but this was odd enough for me to seek some additional info.
Thanks! :)
--
eternity lies ahead of us, and behind.
have you drunk your fill?
* * *
PGP: http://ermarian.net/downloads/0x27CA5C74
XMPP: arancaytar.ilya...@gmail.com
AOL: 282026638 @icq / RealArancaytar @aim
URL: http://ermarian.net
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
