Re: Hosts file/NAV cannot repair
From: Malke (noreply_at_invalid.com)
Date: 01/19/05
- Next message: GadgetGuy: "Re: Remote Desktop thru VPN and Network Security"
- Previous message: siljaline: "Re: Hosts file/NAV cannot repair"
- In reply to: Frustrated: "Hosts file/NAV cannot repair"
- Next in thread: Frustrated: "Re: Hosts file/NAV cannot repair"
- Reply: Frustrated: "Re: Hosts file/NAV cannot repair"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 18 Jan 2005 20:22:20 -0800
Frustrated wrote:
> I am trying to clean up a friends computer. Groan. In attempting to
> use live update for NAV 2005, I receive the message that
> 255.255.255.255
> ar.atwola.com is already listed in the hosts file. I tell the program
> yes
> delete it. It does not delete. Searching this site and others, I
> have
> attempted to edit the hosts file, but it does not stick. One advise
> was to
> rename the file, and Windows XP would add a new hosts file. Guess
> what...it
> is for 255.255.255.255! Not the one I wanted!
>
> Can anyone help???
> Frustrated in Florida
Clean up the hosts file in Safe Mode. Do all your scanning and cleaning
in Safe Mode.
1. In XP's Search preferences, set the files and folders handling to
Advanced, and then check the box that will make Search look in hidden
files/folders.
2. Now enter the search term "hosts" without the quotes.
3. You may get several hosts and lmhosts files. Usually you are only
concerned with hosts, but it doesn't hurt to check any others you might
get from the search. Double-click each one to open it. When you do
this, you'll get a Windows dialog box saying that Windows cannot open
this file, do you want to use the web or select from a list to find the
proper program. Choose "select from a list" and highlight Notepad. Make
sure the box to always use this program to open this type of file is
not checked.
4. Now carefully examine the file. Lines that begin with a # are
comments and don't count. Leave them alone. Unless you know you use a
proxy server to get to the Internet or you added entries yourself, the
only uncommented entry that should be there is:
127.0.0.1 localhost
If you see any other entries, delete them and Save the file. Make sure
you scroll all the way down to the bottom of the window if there is a
scrollbar. Do this for each file you found. Now you should be able to
get to antivirus and spyware-fighting websites.
Let us know if you need more help. Remember that you will also need to
clean non-viral malware. Here are general removal instructions:
1) Scan in Safe Mode with current version (not earlier than 2003)
antivirus using updated definitions.
Before you remove malware, get LSPFix (or WinSockFix for XP which you
can get from MajorGeeks) - see links below.
2) Remove spyware with Spybot Search & Destroy and Ad-aware. These
programs are free, so use them both since they complement each other.
There is a new version of CWShredder from Intermute. I would not
install the other Intermute programs, however. Alternately, there are
CoolWebSearch malware removal steps at SilentRunners.
Be sure to update these programs before running, and it is a good idea
to do virus/spyware scans in Safe Mode. Make sure you are able to see
all hidden files and extensions (View tab in Folder Options).
If the malware remains even after you used Ad-aware and Spybot, you can
scan with HijackThis. HijackThis is an excellent tool to discover and
disable hijackers, but it requires expert skill. See below for
HijackThis links, including sites where you can post your HJT logs. A
combination of HijackThis and About:Buster works well in removing the
About:Blank homepage hijacker. Again, this is an expert tool and
novices should get help with it.
3) If you are running Windows ME or XP, you should disable/enable System
Restore because malware will be in the Restore Points. With ME, you
must disable System Restore completely. With XP, you can delete all but
the most recent (presumably clean) System Restore point from the More
Options section of Disk Cleanup (Run>cleanmgr).
4) Make sure you've visited Windows Update and applied all security
patches. Do not install driver updates from Windows Update.
5) Run a firewall.
Links to help with malware:
Software/Methods:
http://www.safer-networking.org - Spybot Search & Destroy
http://www.lavasoftusa.com - Ad-aware
http://www.majorgeeks.com - good download site
http://www.intermute.com/spysubtract/cwshredder_download.html
http://www.silentrunners.org/sr_cwsremoval.html. - SilentRunners
http://www.cexx.org/lspfix.htm - Repair Winsock 2 settings after
removing spyware
HijackThis:
http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Jim
Eshelman
http://forum.aumha.org/
http://spywarewarrior.com/viewforum.php?f=5 - Spyware Warrior HijackThis
forum
http://www.wilderssecurity.com/
http://forums.tomcoyote.org/
General:
http://forum.aumha.org/ - look under "Security" for various forums
http://rgharper.mvps.org/cleanit.htm
http://mvps.org/winhelp2002/unwanted.htm
http://www.aumha.org/a/parasite.htm - The Parasite Fight
http://www.spywarewarrior.com/rogue_anti-spyware.htm
Malke
-- MS MVP - Windows Shell/User Elephant Boy Computers www.elephantboycomputers.com "Don't Panic!"
- Next message: GadgetGuy: "Re: Remote Desktop thru VPN and Network Security"
- Previous message: siljaline: "Re: Hosts file/NAV cannot repair"
- In reply to: Frustrated: "Hosts file/NAV cannot repair"
- Next in thread: Frustrated: "Re: Hosts file/NAV cannot repair"
- Reply: Frustrated: "Re: Hosts file/NAV cannot repair"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
