Re: Downloading updates in advance

my installation goes like this:
- disconnect the internet cable
- disconnect other hd's
- change BIOS to select cd-rom as 1st boot-device
- insert winxp, reboot pc and start computer from cd
- delete partition
- format the entire drive
- install winxp home
- reboot when nessecairy
- install msi-mainboard (original cd)
- (tried installing all known security progs like you describe and scanned
the disk... i've tried this before and after updating winxp) NO infections
- update winxp
the first or second time i connect to the internet i get hacked
i tried installing & updating winxp completely offline it makes no difference

there are no unknow processes that are active in the register or task manager
but at this time there are 4 svchost.exe that are active
that's the same program from what i get NIS popups
Rules automaticly created for MS Generetic Host Process for WIN32 Server
C:\Windows\System32\svchost.exe

i repeat, there are no mallware infections on the drive, i do not load
infected files
i've blocked MSN Messenger from running in the registry

i'm in the dark, down at sea and up a tree
:((((((((


"Juan" wrote:

I had the same problem after a fresh installation with the only difference
Windows Update froze up instead of getting pop-ups, after a thorough scan
and disinfection, the problem was gone.. I also have read some other posts
about the same thing happening to them so it seems like a fairly recent
modality of attacking.. As you may already know, a recently installed OS is
very vulnerable on the net even with the firewall enabled so your system is
very likely already infected and going to Windows Update to get security
updates, makes the spyware act up as self preservation. You need to install
antispyware applications and thoroughly clean your system before attempting
to update it and if you have to, disinfect in safe mode (F8 at startup) and
with the Internet connection line removed/turned off.

Install the following software and update it before the first scan.
Adaware SE, Spybot Search & Destroy, SpywareBlaster, CWShredder and
HijackThis
http://www.majorgeeks.com/downloads31.html

Also go to Start\Run\type; msconfig and hit Enter\go to Startup tab and
disable unknown process(es) if any are present. Then to to Start\Run\type;
regedit.msc\and go to the Run keys of the LocalMachine and CurrentUser hives
and delete any unknown process if present.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

---------------------------------
"omi" <omi@xxxxxxxxxxxxxxxxxxxxxxxxx> escribió en el mensaje
news:263BB0C6-F1C3-4360-B90E-AB77652317A2@xxxxxxxxxxxxxxxx
1) that's where the problem is, when i go online for updating i get
hacked,
changed my IP zillion times, no luck

3) i have no scanner or printer installed or even connected
i get 5-10 popups from NIS about this very rapidly... i don't think that's
normal
also when i open a webpage, NIS allows +/- 50 coockies for each webpage
also i got a NIS popup request for Ikernel.exe to connect to a DNS-server
(blocked it)
i wunder if there's some permanent RAM in my pc, not the ram-sticks but
something like the BIOS...

4) thnx for the tip.. i changed the registry to prevent messenger from
running

5) i was able to install most winxp updates offline except:
- com_microsoft.886906_NET10_SP3_nld_5556
- com_microsoft.888316_ehome_guide_fix
- com_microsoft.KB867461_DOT_NET_EN_1_0_SP3
- com_microsoft.KB867461_DOT_NET_Tier3
- com_microsoft.KB873369_XP_SP3_eHome_INTL
- com_microsoft.Q816093_VM3810_Ver1
- com_microsoft.Q900036_VS_NET_ES_5520

oh i wish i could get my hands on one of those hackers,
he/she would suffer a very slow death, minimum a month
after messing with this problem for about a month i'm almost ready for a
mental institution

omi

any hackers that wish to vulontier or test me, let's set up a meeting !!

"Juan" wrote:

1) You may need to go to the Windows Update Site first and install the
most
recent version of Windows Update Software* (accept the download before a
regular update search) and after that you can install updates by any
means.

*Check in C:\WINDOWS\Downloaded Program Files and check update software;
Validation tool and Update Class, activex controls are necessary to
update
your system.

2) svchost is a normal system process

3) and Generetic Host Process may be a problem with a scanner or printer
driver. updated drivers will solve it.

4) How to disable or remove Messenger (msmsgs.exe)
http://www.kellys-korner-xp.com/xp_messenger.htm
http://www.dougknox.com/xp/utils/xp_mess_disable.htm
http://www.updatexp.com/disable-messenger-msn.html

-------------------------------------
"omi" <omi@xxxxxxxxxxxxxxxxxxxxxxxxx> escribió en el mensaje
news:F76B64A1-1643-4EAF-9FE5-D36D77A1DB56@xxxxxxxxxxxxxxxx
Well that didn't work,

i downloaded all 90 files (582Mb)
i formatted my drive and reinstalled windows
when i tried to perform the updates one by one
there were some that would not install because the installation
program
was
missing
like : com_microsoft.886903_NET11_SP1_XP_5556
result: i had to go online to search for updates
i needed an installer program first,
then 28 downloads were needed
Now it's up to date but again i'm leaking Mb's :((
In my taskmanager i see there are 5 "svchost.exe" that are active
is this normal ?
svchost.exe - local service
svchost.exe - networkservice
svchost.exe - SYSTEM
svchost.exe - networkservice
svchost.exe - SYSTEM

msmsgs.exe keeps activating itself
My cpu keeps "performing" without me doing anything (variable 0-10%)
and NIS gives popups
"Rules automaticly created for MS generetic Host Process for WIN32
server"
--> c:\Windows\System32\svchost.exe

So i'm back to where i was

Looks like performing updates offline is not that easy as i thought

Any help's appreciated
omi


"Nepatsfan" wrote:

You're welcome.

Nepatsfan

3F675DAE-549C-497E-98E6-D41D736988AA@xxxxxxxxxxxxx,
omi <omi@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
thnx a million

hopefully this will end my virus-nightmare that lasted a
month

thnx again
omi

"Nepatsfan" wrote:

3D5B70BB-0FAC-4851-BCE6-7BFD5F28417B@xxxxxxxxxxxxx,
omi <omi@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Hello,

i'm looking for a way to dl'd winxp-home updates in advance
i want to burn them all on cd
so i can install & update winxp completely updated OFFline
Can someone give me the URL to do that ?
A friend gave me this link but i don't know if it's
relaible http://www.softwarepatch.com/windows/
I think i prefer an originale MSwinxp website

thnx in advance
omi

Go to the following web site:

Welcome to Windows Update Catalog
http://v4.windowsupdate.microsoft.com/catalog/en/default.asp

Click on "Find updates for Microsoft Windows operating
systems".
In the Operating system box, scroll down to the next to last
entry, Windows XP SP2.
Click on it to highlight it and hit the Search button.
Click on "Critical Updates and Service Packs".
Scroll through the list and add all the updates you need to
your download basket.
Do the same for "Recommended Updates".
Once you've completed the selection process click on "Go to
Download Basket".
Use the Browse button to select a handy location on your
hard drive to store the updates.
Hit the Download button.

Here's another Microsoft source for updates:

Microsoft Security Bulletin Search
http://www.microsoft.com/technet/security/current.aspx

Here are a couple of sites you may find useful:

How to download updates and drivers from the Windows Update
Catalog
http://support.microsoft.com/default.aspx?scid=kb;en-us;323166

How to install multiple Windows updates or hotfixes with
only one reboot
http://support.microsoft.com/kb/296861/

Good luck

Nepatsfan














.