funsec mailing list archives

OT - Help! (Windows corrupted?)

From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca>
Date: Sun, 08 Oct 2006 20:49:14 -0800

I'm starting to get serious worried.

Initial symptom: for about a month, I've been unable to get at Windows Update.  
Can open the page, but when I try to get a "Custom" list (which is what I usually 
do, in order to see what MS wants to foist off on me), the little green "working" 
bar just keeps on flashing back and forth (for hours, if necessary).

Have installed something that was supposed to fix an Update "filter" problem: no 
joy.

(Have also checked "Windows Genuine Advantage" which reports that I am legit, 
so that wouldn't appear to be an issue.  I know that WGA has thrown fits in some 
cases.)

Tonight I have been unable to use the "Switch User" function.  (I don't use it 
often, so I have no idea how long that has been on the fritz.)  There is a brief 
pause, a brief flurry of activity on the drive, and then nothing else happens.  I can 
continue operating as I am, but don't switch to the login screen.

In planning to run Spybot, I idly wondered if anything had gotten past the 
defences and messed with the hosts file.  I found the hosts file unchanged, but also 
found a hosts.ics file.  This is a new one on me.  There appears to be only one 
entry in it: 
#192.168.1.100 swen.mshome.net # 2011 5 0 8 23 2 34 517

The file was last changed September 5, 2006.

Swen is the name of the machine.  I have a Linksys/Cisco firewall router, but the 
default address for that is 192.169.1.1.

(All of these things may, of course, be unconnected with one another.)

Any suggestions or info?

I'm beginning to wonder if I need to restore or reinstall somehow, and I've never 
had to do that before ...

======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
The desire of knowledge, like the thirst of riches, increases
ever with the acquisition of it.                   - Laurence Sterne
Dictionary of Information Security  www.syngress.com/catalog/?pid=4150
http://victoria.tc.ca/techrev/rms.htm
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

OT - Help! (Windows corrupted?) Rob, grandpa of Ryan, Trevor, Devon & Hannah (Oct 08)
- Re: OT - Help! (Windows corrupted?) Mary Landesman (Oct 08)
- Re: OT - Help! (Windows corrupted?) Andrew Haninger (Oct 08)
- Re: OT - Help! (Windows corrupted?) Brian Loe (Oct 10)