Can anyone help solve this?

My norton anivirus was deactivated by something and will not allow updates, telling me i cant connect to the internet. I also cannot access any web site with SYMANTIC or NORTON in the address bar.
I was advised in a previous thread to attempt to scan my system using various web pages: trendmicro and panda something. My access to these web pages is also restricted. I eventually was able to scan using Trojan hunter in safe mode (norton wont work in safe ode) and it found and cleaned two viruses. The problem still exsists.
I had resigned myself to not getting this norton issue resolved and just living with it HOWEVER, when i turnes my laptop on today, the welcome screen was different and the wallpaper had reverted to a wallpaper i had months ago(possible system restore issue?). I had already deactivated system restore before this happened. I also found that the program ROXIO i had in my system gone without a trace even though this was here from day1. The main problem i have now is that Windows media player will not stream audio anymore and when i try to copy my material to CD in the media player it wont even recognise my CD drive as being there!!
When i put a cd into my drive it will spin and make the usual sounds but nothing will happen. The laptop has now appeared to have deleted my CD drive!
Im being driven crazy by this and need to know what to do. I dont even have a system restore point to revert to anymore. Is thre anyway i can avoided having to flatten the system as there is no way i can afford to lose the 300+ hours of music in this laptop!
Can someone PLEASE advise!
Thank you for your time,
Rory

have you check your hosts files by going to start>search and type in hosts
doulbe click the hosts.sam and lmhosts.sam and open with notepad, you should only see ONE 127.0.0.1 localhost at the very bottom if you see anything below that, remove it and save
that should fix going to the norton website and do live updates, i would try booting into safe mode and running a full system scan AFTER updating

In the first hosts when opened with notepad there is nothing(just the one 127 thing which i didnt change)
In the other lmhosts i got this

MSCF Ú , 


H
c õ*As lmhosts.sam >ˆ3?Šc[€€ 2æ 343 u|Ê~ÓN uÛ8BƒFú”c댱AAvné»&»e“´/òß ‚ #3 PE $ K , àÐE<âL€”!!j}ìBGZ,ÛÍvß’²fÌ9»¶äl£Ñm•–êêÚ¹Ð.·Y ÿÿÿÿø C 0DB»Ù8Áx&ý÷ûËè[ Š ‰ÑåÀ
Ä.|7nƒÁ‡(ÒÒh@^‰¬Ó"ÿÿ딍n>€`va‰×à+¶ål»Ãtq#Æá @¡Ð»"æ¶w{Å<dQžƒæi~!\8k‡@òï]g…'qš8À û$†­!~ÜZ‡åá 2×#ãn‚QÖqåû—Z© -
Ð’´yQ ÝÑ™ZU¢×‹DõH…Ÿ1ŠÆ·˜˜
NØgš.˜Ü꣖´LcÎö-rÉF‘79âg4}ÇèÁ‹¤‰½@D(`$2´æ÷²*O…]‹ èºDb)°Ÿr:öŽ#<*F‘€<—q¬‚
_mp‰,29ñº¯Åš¼ää1RAåí+f“ä9€;ÂæzVÿ?,-äå7•4s±e֝;]ð½·UÂ×ü9Ùuç×h¢¸ÂÏËiòsJ· ‘(çÄÒ+>cÅÎ[)¥×.‚.\‡ç÷aÙæÌ~ÜoåËùq.;÷>Tm-¹®÷Öä –fžM­«=nGõ´â»ºæ¸´µ„»á¶¿­–V,üÏ6ÓäzQðJ­ÉfV
Q4"AÿXòŸXôŒRŒ˜7—få>LGz¬^û͐
U
y–B!)
B¡e“gc ü²cÖMªx·Îû—%Mfi“¦,ãMá c2ÈÏÃŒüÁiŽ@Š¥¡éå&Šg8®lÚàlxñyEøŠÊƒqbôÏFÀ˳Œ5ҝ™<¤}TcÆJššù=i‰ÄE,L–P˜ÿ wF2T—ÌY1[ô…Ä`9ÝRøQ~‰w­7R%0Qà… m&+ŸÞ¥qñ™[G-?Ø7ý3ŒB#>9¡íðai6 è„H<i<÷|÷¿~å¢9“ñàÉÔåË5_Û– ­ùM:ï>Äåtq’}'-s=¥ûSW4ÿŽ`Ñ~¥o/›‡¶ÉžÌhÖöÆîö /®Ø&Ž¯ùz/8Œ ´žóP
¸ªç@z‹Šg¤ŒLý”Œ9ÇËpÁ –ty²6Ç¥O.”‘ßÞRù÷O$¨M¡'ù~»5|áÜd—Vû\…Oí´ŠR3H›îÔƒ¨X'Š~£`:Wvìr
þ5VLé±³˜'i§y°•†ˆf†Ť«i=óc´E.—©‹Ê87E£­,ðà*°iR²ÚŠ«^þî {‚Æ4ìÙ±>·ù5MOÌÓR:ÐF<r/©Š¡”¾«%º”ØÎz5Nª¶âÂ]Ê=ˆÒ]Ë4ò’ òïzß$%LÜ7óË[ÿ7¤ÛNš–DI§o’‚oD»àÜïž.v›¦
¤ónø@|?ýñT/’ŠdcSÇʶ1)¹cBžRýÕòóÞªONôsÌäoÚ%—Œâ¸Œ³ 4ÈHÌØ.rv5”R#䄯Y»]ÔC°è«´ŒÓB™ìÍšºwG4É2] ÿ ¾åK[Šê%1¾
ÎOtæp€oˆk…Û $þ4‘,ïø{6¼ÇãßM§ËNO®qÙÁßcŸs¬ù·Z¶>¬ L_B3® œ¬ªvñävcý_%3Ü{mߪŸ5†ÜÓ´âtãﾓ҈
å}`ð‰xe6DìŒã^^joí¡í±jNR!Ê)>û@†m!—>^y·Á¸£O|L¥àhŠc]\n¼P8›Sï
–…QOúÇ`¼ Ù³Ôf^aš
Ä~»ÛàŸíÜ·ìë•H±“¯ÕRÔO›H¼!\V|K]3ý]žkAˆj©ë û©…ÛɆ¹ôÔ„W´ð– ¯“ÊÈÝÆ~´õ´²ÉŒeÁUu
c”Vܸ¥€õ<oE;TK*R*å*‡ ±m]-x§.§ð
ªUÝVÖѽ¾$ìÝìÎúk{5i™þkâÀš"Én&z!6šú[Y¶G"´wÙô¥­´>ú¾Šj—k¦º·7šô•ÁUôÆÊì—^=c1VA87#ìÔC'öV4­ÌÍq…3Úto‡Ü'Í Ü

Thats not a mistake above, thats what i copied and pasted from it. Is this supposed to be there?

Please respond. Thank you.

that file should not be there
all the hosts files that you do have besides LM host should look like this

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

the lmhost file SHOULD look like this

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample LMHOSTS file used by the Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to computernames
# (NetBIOS) names. Each entry should be kept on an individual line.
# The IP address should be placed in the first column followed by the
# corresponding computername. The address and the computername
# should be separated by at least one space or tab. The "#" character
# is generally used to denote the start of a comment (see the exceptions
# below).
#
# This file is compatible with Microsoft LAN Manager 2.x TCP/IP lmhosts
# files and offers the following extensions:
#
# #PRE
# #DOM:<domain>
# #INCLUDE <filename>
# #BEGIN_ALTERNATE
# #END_ALTERNATE
# \0xnn (non-printing character support)
#
# Following any entry in the file with the characters "#PRE" will cause
# the entry to be preloaded into the name cache. By default, entries are
# not preloaded, but are parsed only after dynamic name resolution fails.
#
# Following an entry with the "#DOM:<domain>" tag will associate the
# entry with the domain specified by <domain>. This affects how the
# browser and logon services behave in TCP/IP environments. To preload
# the host name associated with #DOM entry, it is necessary to also add a
# #PRE to the line. The <domain> is always preloaded although it will not
# be shown when the name cache is viewed.
#
# Specifying "#INCLUDE <filename>" will force the RFC NetBIOS (NBT)
# software to seek the specified <filename> and parse it as if it were
# local. <filename> is generally a UNC-based name, allowing a
# centralized lmhosts file to be maintained on a server.
# It is ALWAYS necessary to provide a mapping for the IP address of the
# server prior to the #INCLUDE. This mapping must use the #PRE directive.
# In addtion the share "public" in the example below must be in the
# LanManServer list of "NullSessionShares" in order for client machines to
# be able to read the lmhosts file successfully. This key is under
# \machine\system\currentcontrolset\services\lanmanserver\parameters\nullsessionshares
# in the registry. Simply add "public" to the list found there.
#
# The #BEGIN_ and #END_ALTERNATE keywords allow multiple #INCLUDE
# statements to be grouped together. Any single successful include
# will cause the group to succeed.
#
# Finally, non-printing characters can be embedded in mappings by
# first surrounding the NetBIOS name in quotations, then using the
# \0xnn notation to specify a hex value for a non-printing character.
#
# The following example illustrates all of these extensions:
#
# 102.54.94.97 rhino #PRE #DOM:networking #net group's DC
# 102.54.94.102 "appname \0x14" #special app server
# 102.54.94.123 popular #PRE #source server
# 102.54.94.117 localsrv #PRE #needed for the include
#
# #BEGIN_ALTERNATE
# #INCLUDE \\localsrv\public\lmhosts
# #INCLUDE \\rhino\public\lmhosts
# #END_ALTERNATE
#
# In the above example, the "appname" server contains a special
# character in its name, the "popular" and "localsrv" server names are
# preloaded, and the "rhino" server name is specified so it can be used
# to later #INCLUDE a centrally maintained lmhosts file if the "localsrv"
# system is unavailable.
#
# Note that the whole file is parsed including comments on each lookup,
# so keeping the number of comments to a minimum will improve performance.
# Therefore it is not advisable to simply add lmhosts file entries onto the
# end of this file.

Im sorry Josh, but what exactly are you telling me to do now? Do i copy and paste that in or something?
Thanks again,
Rory

no, so that way when you open your "hosts" file you can compare it to my host file, and that is what it is supposed to look like
the bottom one is the LMhosts file, so you can compare that as well

your LMhosts file needs to be deleted (the one with all the jumbled, letters and symbols) that is not legit
are you searching in hidden and system files and folders?

Josh,
A BREAKTHROUGH! Heres what i found in the hosts file in system 32 or something

127.0.0.1 downloads-eu1.kaspersky-labs.com
127.0.0.1 downloads2.kaspersky-labs.com
127.0.0.1 downloads4.kaspersky-labs.com
127.0.0.1 downloads1.kaspersky-labs.com
127.0.0.1 downloads-us1.kaspersky-labs.com
127.0.0.1 www.trendmicro.com
127.0.0.1 trendmicro.com
127.0.0.1 rads.mcafee.com
127.0.0.1 customer.symantec.com
127.0.0.1 liveupdate.symantec.com
127.0.0.1 us.mcafee.com
127.0.0.1 updates.symantec.com
127.0.0.1 update.symantec.com
127.0.0.1 www.nai.com
127.0.0.1 nai.com
127.0.0.1 secure.nai.com
127.0.0.1 dispatch.mcafee.com
127.0.0.1 download.mcafee.com
127.0.0.1 www.my-etrust.com
127.0.0.1 my-etrust.com
127.0.0.1 mast.mcafee.com
127.0.0.1 ca.com
127.0.0.1 www.ca.com
127.0.0.1 networkassociates.com
127.0.0.1 www.networkassociates.com
127.0.0.1 avp.com
127.0.0.1 www.kaspersky.com
127.0.0.1 www.avp.com
127.0.0.1 kaspersky.com
127.0.0.1 www.f-secure.com
127.0.0.1 f-secure.com
127.0.0.1 viruslist.com
127.0.0.1 www.viruslist.com
127.0.0.1 liveupdate.symantecliveupdate.com

This looks promising. Do i now delete the whole file, update the defs, and boot into safe for a full scan?

Thank you!!

NO do delete the whole file
delete the LMHOSTS file that was all scrambled
only delete what you posted to me and save it as i said in my original post

Only if you have a lmhosts [with NO extension] and you IMPORTED it does the lmhosts file apply. You can check this with nbtstat -c. All lmhosts entries should show up here with this command if preloaded as they should be.

That LMHOSTS file is how you block access to web sites you want to restrict. Basically you say go to the loopback address if you want to go to that web site which is a dead end.

The file with the gooblygook is corrupted. THIS MAY MEAN YOUR DISK DRIVE IS ALSO CORRUPTED. You need to go to a cmd/command prompt and type "chkdsk /f" and answer yes. Shutdown and reboot. This will fix any disk errors. You are ADVISED to backup and important data first.

At this stage I highly recommend backup your data and reload everything from scratch. You would boot the XP cd via the bios and delete/recreate and format the drive partition. Install from there.

I wouldn't bother with any further repair attempts! Youv'e got bad problems and you will have reformat and install. I would consentrate on saving what files you can by transfering them off the drive. When you have got it all back together... keep your music and other valuable data in a different drive than the one with your OS.

yea forget putting an hour of work into it, compared to hours reloading windows, copying the music back over, reloading all your programs, ect...might as well go work for sbc, or dell, or some huge corp. when they tell you should reload over a bad username and password...

Complete Computer Service, Inc.
NW Indiana

also, i have seen plenty of times the lmhosts files (1 of a few) look that way and it was not because of the hard drive (virus, adware spyware) which you can tell from how your host file looks...it would be easier and require a lot less thinking to just reload tho

Complete Computer Service, Inc.
NW Indiana

Rory, the entries in the HOSTS file are preventing you from doing an online scan.
close IE , rename HOSTS to HOSTS.OLD, open IE and do the online scans. They should work now.

The HOSTS file is not required but you may have a few entries there to save. The 127.0.0.1 LOCALHOST isn't required but a good idea. Fix that later.

If you still have problems, post in the security forum.

good luck & don't format