Forum Moderators: TheBryster
Bryce F.A.Q (Last Updated: 2024 Nov 26 4:28 pm)
I seriously would not do this.... however, it seems that you may be infected with a virus or trojan. Svchost is used by the os for various reasons, if you look at processes under Task Manager you will often see several occurances of it running, though I must admit I know of no good reason for svchost.exe to be in the registery key mentioned. The host file mentioned generally only has that one line in it, however, I do add additional addresses to block specific site activities. It can not hurt to delete everything else below the above mentioned address. You will find some other lines in there that have been commented out with the #, it is ok to leave those there. I would not recommend this simply because it is advice from a site that does not sell AV / Firewall software. Go to Norton, I believe you can get a free scan there if in the event that you do not have any AV software. I would scan you drives very thoroughly with an AV product of your choice. If you are not using a firewall I would get one as soon as possible. For what it is worth, I have been getting an average of 6 emails a day that are infected and I get about 9 or 10 intrusion attempts a week. It is a dangerous internet world out there, and even if you are NOT on broadband, you really should be using a firewall. I use both a software firewall and antivirus program ( Norton ) and I have not been comprimised yet. Knock on Wood ! :) BabaLouie
Attached Link: http://download.com.com/3000-2144-10214379.html?tag=lst-0-1
striving, you really shouldn't have done that... you've basically hacked yourself. windows would NEVER tell you what to do -let alone google or anyone else. what they're basically asking you is to let them introduce their ads unto your computer. by deleting your localhosts files you are making it easy for them. do me a favor, go to the link above and download the program called adaware. your comp's infected with something called spyware, little virii that take info about you and send them to their companies. Download adaware, let it scan your hd. if it doesn't find at least 20 spyware files i'll put on a too-too and dance around naked. dracDrac, That is exactly what I use my host file for, but most folks are not aware that they can block a load of web ads that way. This is what it does, the IP 127.0.0.1 address points to your local computer, you are telling it that all these ad servers are on your computer. Now, whenever your browser tries to retrieve an ad from an ad server, it will look on your own machine and will fail. This also will also keep these servers from placing cookies on your PC. Below is an example of what would be added to the host file 127.0.0.1 ad.ca.doubleclick.net 127.0.0.1 ad.de.doubleclick.net 127.0.0.1 ad.doubleclick.net For those who may have an interest and are using IE and would like to block port sites or other sites via a simple reg hack the below link goes to a freebie reg hack called IE-SPYAD. http://www.staff.uiuc.edu/~ehowes/resource.htm If anyone needs, I can email a zip file of the reg hack and the ad blocker to them. As a matter of interest, I would like to know what Striving found amiss on his system. In retrospect, I could have done a better job of explaining the above to Striving in my previous post. BabaLouie
ACK ERRGURLGLE...Flarp! NEVER! NEVER! NEVER! NEVER! NEVER! NEVER! NEVER! (is that enough?) NEVER! Delete anything out of your registry unless you know what you are doing and then NEVER! NEVER! (noticing a trend here?)NEVER! do it with out backing up (saving) your registry first! There are several HOAX virus' out there that tell you to delete this or that! What you have is a either spyware or a hoax sent through Instant Messenger! Really depends on the type of popup you saw. 127.0.0.1 is the local host ping IP it tests if your NIC works! Now in the event this is a virus find a site or some software to do a scan and procede from there! But NEEEEEVVVVVEEEEERRRR just start deleting files, unless you think giving your self a lobotomy with a fork is great idea!
I didn't read all the posts but if you do do all that then you can just reinstall your os. ie game over thanks for playing. There are a few programs out there for free that can help ya out alot. 1. Ad-aware @ http://www.lavasoftusa.com/ 2. A pop-up stopper (I use popup popper @ http://www.bayden.com/popper/) google has a tool bar that also blocks pop-ups 3. Virus scanner (I use the avg free version @ http://www.grisoft.com/us/us_index.php) 4. A good personal firewall system (zone alarm) I don't use, as I am behind a hardware/software firewall. All of the above can help!!!
Vile, lobotomy with a fork?! I coulda' done without THAT image...; But yeah NEVER NEVER EVER delete registry files without backup (I thought you needed a few more never evers)...;] Do not believe popups unless they are from YOUR OS, or Firewall, or Virus scanner.... I get these blue ones all the time that LOOK EXACTLY like windows popups, saying there is a breach in my firewall and someone is attemping to hack my comp, they give my IP address, and other general public knowledge stuff, I just ignore them. They are trying to sell me their software, that's all.
Bryce Forum Coordinator....
Vision is the Art of seeing things invisible...
Ah yes the Ahmish(sp) virus - where you're on your honor to delete files your hard drive needs for one reason or another because the ahmish(sp) actually don't have the technology to write viruses, them lacking computers and all they must convince you to delete the files yourself. Usually AVG website is pretty good about anouncing new viruses. Also check Norton, McAfee and MicroSoft Update. Adaware doesn't actually check for viruses but is good for detecting spyware. It is a good thing. If you're on XP you could try running system restore, I don't know that it will help with the deleted files but you might be able to recover them from the wastebasket. - TJ
P.S. before doing anything always confirm the source. Also keep your system upto date!!! Don't be afraid to check microsoft for updates!!! I run xp pro on all my workstations and I have server 2003 on my servers. All these are configured to download updates and alert me when they are ready to install. With the above routine I haven't' really had any problems. Microsoft would never do anything like that. If there was a problem in windows they would attempt to fix it with an update, you would have to download.
Every time I have a prog that crashed, or the comp locks up , or whatever and it asks to send an error report, I always check 'yes', next morning I have a bunch of Windows updates to install...I'm on XPHome...only one that I have trouble with auto updates is McAffee, it screws up the reg entries and then crashes when installing the updates. I have to do updating manually to get any to install at all. Soon as I get $50, it's Norton2004 for me...
Bryce Forum Coordinator....
Vision is the Art of seeing things invisible...
All sounds very nasty. Personally, I blame Bill Gates, but then I blame him for a lot of things. My car broke down the other day and I blamed him for that. Is it just me or does everyone hate the "all eggs in one basket" aspect of the registry? What's wrong with good old INI files? I hate the registry with a passion and come over in a cold sweat when ever it goes wrong, (which, touch wood, is rare). As for popups. I use Zone Alarm Pro for my firewall and they make Pest Patrol which seems pretty good to me. Sometimes I just hanker for the good old days when I could fit an entire OS on a floppy. On a 5.25" floppy! Maybe I'll start a campaign for a MS-DOS version of Bryce.
---------
Phillip Drawbridge
Website
Facebook
As said above, NEVER delete anything from the regedit, unless its written on the MS homepage or you know what it is. Sounds like something that happened to a friend of mine. He got a message to remove stuff from the register editor as well. Problem was, he removed the swapfile... Here are some tools for spyware, check out the app "SpyBot". Freeware, and a great app. It also runs in the background to prevent spyware. http://www.spychecker.com/software/antispy.html And heres a great online virus scan. Ive saved a lot of computers with this one. http://housecall.antivirus.com/housecall/start_corp.asp
Rudolf Herczog
Digital Artist
www.rochr.com
another thing to check is the Microsoft Knowledge base on their site, they provide information and procedures for anything you have problems with. Noone suggests amateurs edit the Registry (unless you're like me, looking for 'gator', 'aol IM', etc..;). My BS meter is pegged in the red over this, I'm pretty sure that this will impact your internet access, this is an 'Amish Virus' (see previous posts) for sure. Also, consider doing a Google search on 'virus hoaxes'..worth a read, for amusement as much as anything else.
I wish I'd said that.. The Staircase Wit
anahl nathrak uth vas betude doth yel dyenvey..;)
Would be even more scary, if they would try to convince them to use Windows Millenium. Talk about buggy system... :)
Rudolf Herczog
Digital Artist
www.rochr.com
AdAware has a new update incase anyone is interested. and striving I'm right behind the NEVER, NEVER, NEVER, calls. it is a big nono unless you know exactly what you are doing. I discovered a new guest user on my brothers puter last night. He had known nothing about it and didn't even know it was a possibility for anyone to hack in and open a user account. Thankfully his admin account is protected by password so they didn't get into the core system. It's just one more thing to check on and you all should just in case. MurkySoft have released a patch for this which came out last week. 8) Catlin
Windows ME is a pile of fettid dingo kidneys. XP on the other hand has only required me to reformat twice and reinstall over an installation 3 times in a year. Pretty good by Micropants standards. I mean microsoft. Interesting link antevark. I'll read it in detail once the room stops spinning (i've just come home from my firms christmas party)
---------
Phillip Drawbridge
Website
Facebook
I don't know about all patches, some of these can add up to 100 megabytes (some of the virus ones). It's your PC, but I wouldn't load a patch unless I needed it. There's too many 'upgrades' built into some of them (remind me to bring up 'ad Rotator' from Microsoft sometime..;)
I wish I'd said that.. The Staircase Wit
anahl nathrak uth vas betude doth yel dyenvey..;)
I only changed over to Win XP 'cos it was bought for me, but I now prefer XP 'cos it's much more stable than 98 and although it comes configured with a lot of nonsense you can configure it to suit your own needs. 8) I never thought I'd ever be advertising MurkySoft products, forgive me. lol 8) Catlin
Attached Link: http://www.answersthatwork.com/Tasklist_pages/tasklist.htm
dunno if anyone mentioned this link... needed some updating the last time i was there but cleared my mind for a bit...This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.
Hey, I went to Google just now and got this message: If you see this page your hosts file has been hacked. Please use the instruction below to clean your machine. You cannot reach the site you where trying to reach without following this procedure! - Please follow the steps provided in this document and make sure to download all patches for your computer from the Windows Update Site which can be found here: http://windowsupdate.microsoft.com 1. Start regedit, find HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun , delete starting of svchost.exe file, reboot your computer, delete file svchost.exe in windows directory. 2. Reboot windows and start in SAFE MODE (F8 key on keyboard before windows starting), delete file winlogon.exe in directory: C:Documents and SettingsAll UsersStart MenuProgramsStartup 3. Clear your 'hosts' file. How to edit your hosts file: locate it first, either by browsing to the directory (as shown above) or by hitting "Start - Search - select all files and folders - type in 'hosts' (without the quotation marks) and hit search. When the file is found, click with your right mouse button on the file and select 'Open With...' This will bring up a list of programs to edit the file with. Select Notepad from that list and click OK. - Remove all lines from the file and type in: 127.0.0.1 localhost. Now close the file and save your changes. For Windows 95/98/Millenium machines: Locate the file hosts in your C:Windows directory. Just delete it or edit it with a text editor like notepad and make sure there is only one line there: 127.0.0.1 localhost For Windows 2000 machines: Locate the file hosts in your C:WinntSystem32DriversEtc directory. Just delete it or edit it with a text editor like notepad and make sure there is only one line there: 127.0.0.1 localhost For Windows XP machines: Locate the file hosts in your C:WindowsSystem32DriversEtc directory. Just delete it or edit it with a text editor like notepad and make sure there is only one line there: 127.0.0.1 localhost ANYONE know if this is real? I haven't been able to load a couple sites the last 2 days.. Including Google... If anyone out there knows the deal on this before I delete things I may need let me know.. Thanks. Bruce