Re: OT - Help! (Windows corrupted?)

["Mary Landesman" <mlande () bellsouth net>]

Are you using Internet Connection Sharing? That file (hosts.ics) and that IP 
are both typical of ICS.

More info on this topic can be found at:
http://support.microsoft.com/kb/309642

I realize this doesn't answer your question or resolve your original 
problem. However, I'm hoping it will at least help you pinpoint the reason 
for the hosts.ics file and the IP being used therein.

As for the original problem: a few months ago, I also encountered difficulty 
accessing the Custom list on the Windows Update site. Googling the problem, 
I found it was fairly common. I don't recall now what I did to fix it 
(sorry), but I do recall that it wasn't in the suggestions I found online. 
I'll ponder away at it and hopefully remember before too long.

As for being unable to switch users, did you by any chance disable the 
service for fast user switching? That's fairly commonly recommended in many 
of the service tweaks found on various sites, so it wouldn't be unusual if 
you had.

Regards,
-- Mary

----- Original Message ----- 
From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca>
To: <funsec () linuxbox org>
Sent: Sunday, October 08, 2006 9:49 PM
Subject: [funsec] OT - Help! (Windows corrupted?)


> I'm starting to get serious worried.
>
> Initial symptom: for about a month, I've been unable to get at Windows 
> Update.
> Can open the page, but when I try to get a "Custom" list (which is what I 
> usually
> do, in order to see what MS wants to foist off on me), the little green 
> "working"
> bar just keeps on flashing back and forth (for hours, if necessary).
>
> Have installed something that was supposed to fix an Update "filter" 
> problem: no
> joy.
>
> (Have also checked "Windows Genuine Advantage" which reports that I am 
> legit,
> so that wouldn't appear to be an issue.  I know that WGA has thrown fits 
> in some
> cases.)
>
> Tonight I have been unable to use the "Switch User" function.  (I don't 
> use it
> often, so I have no idea how long that has been on the fritz.)  There is a 
> brief
> pause, a brief flurry of activity on the drive, and then nothing else 
> happens.  I can
> continue operating as I am, but don't switch to the login screen.
>
> In planning to run Spybot, I idly wondered if anything had gotten past the
> defences and messed with the hosts file.  I found the hosts file 
> unchanged, but also
> found a hosts.ics file.  This is a new one on me.  There appears to be 
> only one
> entry in it:
> #192.168.1.100 swen.mshome.net # 2011 5 0 8 23 2 34 517
>
> The file was last changed September 5, 2006.
>
> Swen is the name of the machine.  I have a Linksys/Cisco firewall router, 
> but the
> default address for that is 192.169.1.1.
>
> (All of these things may, of course, be unconnected with one another.)
>
> Any suggestions or info?
>
> I'm beginning to wonder if I need to restore or reinstall somehow, and 
> I've never
> had to do that before ...
>
> ======================  (quote inserted randomly by Pegasus Mailer)
> rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
> The desire of knowledge, like the thirst of riches, increases
> ever with the acquisition of it.                   - Laurence Sterne
> Dictionary of Information Security  www.syngress.com/catalog/?pid=4150
> http://victoria.tc.ca/techrev/rms.htm
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list. 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.