Re: New comp. Got infected before SP2 installed.

From: t.cruise (t__cruise_at_[NoSpam)
Date: 09/10/04 

Date: Fri, 10 Sep 2004 10:14:25 -1000

There are worms/viruses that edit the Windows XP Hosts file, adding entries that make it
impossible to connect to web sites for various antivirus program makers and antivirus
update sites, and various other web sites. Editing the Hosts file, to get rid of those
entries, so you can get to the Norton updates, might be the thing to do. If the above is
the problem, then after editing the Host file, reboot (with a firewall enabled) and you
should be able to update your Norton, then scan your drive for viruses after the update.

How to edit the Hosts file:

 Windows XP
  1.. Click Start, and then click Search.
  2.. Click All files and folders.
  3.. In the "All or part of the file name" box, type:

  hosts

  4.. Verify that "Look in" is set to "Local Hard Drives" or to (C:).
  5.. Click "More advanced options."
  6.. Check "Search system folders."
  7.. Check "Search subfolders."
  8.. Click Search.
  9.. Click Find Now or Search Now.
  10.. For each Hosts file that you find, right-click the file, and then click "Open
With."
  11.. Deselect the "Always use this program to open this program" check box.
  12.. Scroll through the list of programs and double-click Notepad.
  13.. When the file opens, delete all the entries in the Hosts file except for the
following line:

  127.0.0.1 localhost

  14.. Close Notepad and save your changes when prompted.
T.C.
t__cruise@[NoSpam]hotmail.com
Remove [NoSpam] to reply

"Marcus" <anonymous@discussions.microsoft.com> wrote in message
news:01e201c4976a$be45ceb0$a401280a@phx.gbl...
> Hi,
>
> The technical support phone line closed a few hours ago
> for the weekend and these newgroups have been unbelievably
> helpful before :)
>
> I just got a new computer with Windows XP. I also just got
> broadband. I had waited to connect to the internet until
> broadband arrived so Windows Update would work faster.
> I connected to the internet. Everything running fine.
>
> I have Norton on my computer, but every time i ever tried
> to do the live update, it would say it couldnt connect.
> www.systemac.com would not work on internet explorer
>
> I run windows update.
>
> A few critical updates. Im downloading and Send Receive
> ratio is about 1:4 or so. At about 52% the windows update
> seems to stall. And im fully uploading. 15 mins later. Ive
> uploaded 40 megs to 17 meg download....
>
> I load up taskmanager. I spot wuamgrd.exe, google it,
> comes up as a probable virus. I end it, but windows update
> doenst resume.
>
> Shut down, restart.
>
> This time i end the wuamgrd.exe before connecting to
> internet. Run Update. Works. Still uploading though, but
> it finishes. Restart.
>
> End wuamgrd.exe, connect to internet. Im still uploading
> at maximum... so i download Kerio's firewall. Install.
>
> 4 programs seem desperate to communicate with internet:
> wuamgrd.exe
> wmmon32.exe
> SPOOLSVD32.exe
> sysentry32.exe
> (as far as i can remember)
>
> Run Update again. Download and install SP2.
>
> Restart.
>
> I allowed Internet explorer to be an exception on the
> Windows Firewall that got installed after SP2. And i
> disabled the Kerio one.
>
> My problems are these:
> 1) I cannot access ANYTHING online. Explorer seems to try
> to access a whole host of similar urls (www.WHATEVER.net
> www.WHATEVER.com.net etc) but nothing works. I am
> accessing these newsgroups from another computer.
>
> 2)I cannot update the antivirus software so i cannot
> detect what the viruses on my computer are.
>
> 3)I did all this from a new computer with a clean windows
> XP. I just spent my entire day trying to get this computer
> to work. Im frustrated that its not, and i cant
> immediately see how to fix this. Technical support is
> closed until Monday, but when i ran them up before
> regarding update pausing, the guy didnt have a clue.
>
> Thank you all for bothering to read all of this, and I
> thank you all too if you can provide any help :) 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.759 / Virus Database: 508 - Release Date: 9/9/2004

Relevant Pages

  • Re: Can not see secure sites.
    ... > Thanks Carolyn ... It sounds like your hosts file may have been changed, ... Scan with a current antivirus program (meaning a version not earlier ... you'll get a Windows dialog box saying ...
    (microsoft.public.windowsxp.general)
  • Re: Download problems
    ... Replies are posted only to the newsgroup for the benefit or other readers. ... The Windows version that I am currently using is Windows ME. ... On the Tools menu, click Internet Options. ... Rename your HOSTS file to OLDHOSTS and see if the problem persists. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Download problems
    ... The Windows version that I am currently using is Windows ME. ... On the Tools menu, click Internet Options. ... Quit Internet Explorer. ... Rename your HOSTS file to OLDHOSTS and see if the problem persists. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: WindowsUpdate_80244019 Help
    ... Windows uses the HOSTS file to map IP addys. ... The HOSTS.sam file has been overwritten with a backup of the HOSTS file on my system so I can't see if that entry is unusual or atypical, but it should have no bearing as to any of the MS update servers. ... Scroll down to Win HTTP Web Proxy Auto-Discovery Service ...
    (microsoft.public.windowsupdate)
  • Re: IE cannot open lots of sites
    ... Which version of Windows / Internet Explorer? ... Panel or Security Center) before disabling a third-party firewall. ... Open the HOSTS file with notepad. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)