Results 1 to 8 of 8

Thread: Alien Host file

  1. #1
    New Lounger
    Join Date
    Feb 2015
    Posts
    18
    Thanks
    9
    Thanked 0 Times in 0 Posts

    Cool Alien Host file

    Hi all,

    I need some help here.

    Every Monday evening I run deep security scans to check for unwanted things on my pc. To night I ran Rkill and it came up with two host files.

    1. 127.0.0.1 localhost
    2. 127.0.0.1 kdkjnejid.com

    Item 2 is unwanted. I checked on the internet, and this is a black listed hacker.

    Ok, so how do I get rid of this additional host file. Obviously this person/s can see whats on the pc? right? Can they control the pc like a BOT?

    Any help will be appreciated.

  2. #2
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,492
    Thanks
    284
    Thanked 577 Times in 480 Posts
    Item 2 is blocked by the hosts file; if any software calls for it by name, it is pointed back to your own machine. 127.0.0.1 = Home/local machine.

  3. The Following User Says Thank You to satrow For This Useful Post:

    avamy (2015-03-02)

  4. #3
    New Lounger
    Join Date
    Feb 2015
    Posts
    18
    Thanks
    9
    Thanked 0 Times in 0 Posts
    So, what you are saying, that my pc and pocket are safe?

    I am not so clued up on the finer details of IT, but could you explain a bit further in layman terms as to why item 2 is reflected, and where would it have come from as an example. How would I identify the responsible 'Software'?

    Tx Avamy

  5. #4
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,191
    Thanks
    48
    Thanked 986 Times in 916 Posts
    A HOSTS file has at least 2 parts to each entry. Yours has 2 parts.
    Part 1: The IP address of the system listed in part 2.
    Part 2: The system name in nice easy to remember and type letters.

    When you type an address in your browser, e.g. kdkjnejid.com, your browser asks your computer what IP address to use. The first place your computer looks for that information is the HOSTS file. In this case the IP is 127.0.0.1, so the request is sent to your PC and nowhere else, it doesn't even make it to the internet.

    cheers, Paul

  6. The Following User Says Thank You to Paul T For This Useful Post:

    satrow (2015-03-02)

  7. #5
    2 Star Lounger 1PW's Avatar
    Join Date
    Feb 2011
    Location
    North of the 38th parallel.
    Posts
    131
    Thanks
    26
    Thanked 46 Times in 28 Posts
    @avamy Please tell us what security software you are using and possibly we can help you determine the origins of your second entry in the HOSTS file.

    Thank you.

  8. #6
    WS Lounge VIP Browni's Avatar
    Join Date
    Dec 2009
    Location
    Rochdale, UK
    Posts
    1,653
    Thanks
    38
    Thanked 161 Times in 139 Posts
    Indeed @1PW. it doesn't look like a complete Hosts file and something must have been responsible for the 2nd entry.

  9. #7
    Silver Lounger RolandJS's Avatar
    Join Date
    Dec 2009
    Location
    Austin metro area TX USA
    Posts
    1,733
    Thanks
    95
    Thanked 128 Times in 125 Posts
    Both SpywareBlaster and Spybot versions 1 & 2 are just two of many programs that use the host file. I'm wondering if one of them may have set up this defense.
    "Take care of thy backups and thy restores shall take care of thee." Ben Franklin revisited.
    http://collegecafe.fr.yuku.com/forum...-Technologies/

  10. #8
    Super Moderator
    Join Date
    Aug 2012
    Location
    Durham UK
    Posts
    6,631
    Thanks
    147
    Thanked 882 Times in 844 Posts
    Quote Originally Posted by RolandJS View Post
    Both SpywareBlaster and Spybot versions 1 & 2 are just two of many programs that use the host file. I'm wondering if one of them may have set up this defense.
    I've been wondering what stuck it in as well ?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •