Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog

When you can't access AV vendor websites

Created: 21 Apr 2009 • 1 comment
BNH's picture
+2 2 Votes
Login to vote

In the past, we see threats modify Windows host file to redirect AV vendor websites to loopback address.
Some security software also injects known bad URLs into the same host file with loopback address.

Well nowadays the bad guys are getting smart and does more advanced stuff than host file modification.

In few recent malwares [ie. Conficker aka Downadup], we see that infected machines are unable to access AV vendor sites although the host file is empty.
And ping to av website yield a address resolution.

Well now there are a few tricks we can do to evade this issue.

Its an old trick by removing DNS cache on our machine and check it everytime required to the DNS server.
Microsoft has a KB for this as written in .
It is as simple as typing : 'net stop dnscache' or 'sc servername stop dnscache' [without ''] in your Start -> Run box.

And again, you can always visit for an eye test :)

Comments 1 CommentJump to latest comment

SAM_SHAIKH's picture


The above document really helped me as we were facing such issues in our company.

Thanks and keep posting such valuable information.


Login to vote