antivirus question

[fatt33_b0y]

do i need to be connected to the internet to install avast into my computer, or can i take out the ethernet cord then install it? <br />
<br />
sprry but i have to ask, i have the 30 day trial from kaspersky and it always detects something. its says Intrusion.Win.MSSQL.worm.Helkern! Attacker IP address 218.64.237.219. Protocol/service UDP on local port 1434<br />
<br />
and will avast block this worm too?<br />

 

[chuxxo]

Get nod32 it's better.

And don't just click cancel or ignore when that warning pops up, because it won't do anything to it.

Be sure to click remove or quarantine.

 

[Dj4Dummies]

You don't need to be connected to the internet to install a program but you may need to connect so you can up date.

 

[Lewis_JJ]

Well you will certainly need to be connected to the internet to download the .exe file. But unless product registration is needed (which I don't think it is - I have used avast! before), you should be just fine offline.

I also found avast! to be very sensitive, picking up almost everything.

 

[WesleyG]

You don't need to be connected to install Avast. Of course, you'll want to be connected after install so that it may perform any updates that are available.

I'm not terribly familiar Avast but I believe it should be capable of detecting and blocking the attack you mentioned.

By the way, the ip address you gave, 218.64.237.219, is a valid (real) address. If you enter this address in a web browser you'll see that you get a response. The page will be blank, but if you view the source you'll see. Just thought I'd mention it.

 

[jibbarjabar]

You have nothing to worry about with Helkern.

The Helkern worm (more popularly known as Slammer) attempts to gain access to vulnerable systems through your Port 1434, but your firewall is blocking these attempts and that is exactly why you have a firewall. Your 'wall is doing it's job and doing it well. Give it a cookie!

Even if Helkern / Slammer were to make it past your firewall, your computer could not possibly be infected unless you are running Microsoft SQL Server 2000 for an operating system. Which is highly unlikely.

These attacks, which usually originate from China are so common that they are lumped-together with other common web crap under the moniker "internet noise".