A customer had a fairly new Compaq computer infected with over 700 bits of spyware, scams and viruses. I was able to quickly clean those away with the use of Malwarebytes and the resident McAfee Security Center but it left the network and Internet access disconnected.
Further investigation showed that the integrated network adapter had a 169.254.x.x IP address and that the hosts file had been replaced by a scam one that would have just allowed access to the payment websites. I overwrote the hosts file with the default one but after two hours of endeavours I still couldn't get DHCP to give the adapter a valid IP address.
I tried resting the PCP/IP network stack, clearing DNS caches, etc. I inserted a new PCI Ethernet adapter card, but it still wouldn't work. I then thought about the firewall and noticed that McAfee had its Firewall Lockdown activated. Just press the button and Internet access was immediately restored.
So why do McAfee Firewall Lockdown cause a 169.254.x.x IP address on the network adapter and not tell you when you try to reconnect, reboot or even look at it's status page? Rubbish software and I will continue to not recommend it or install it.
Saturday, October 23, 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment