Results 1 to 8 of 8

Thread: Alien Host file

  1. #1
    New Lounger
    Join Date
    Feb 2015
    Posts
    18
    Thanks
    9
    Thanked 0 Times in 0 Posts

    Cool Alien Host file

    Hi all,

    I need some help here.

    Every Monday evening I run deep security scans to check for unwanted things on my pc. To night I ran Rkill and it came up with two host files.

    1. 127.0.0.1 localhost
    2. 127.0.0.1 kdkjnejid.com

    Item 2 is unwanted. I checked on the internet, and this is a black listed hacker.

    Ok, so how do I get rid of this additional host file. Obviously this person/s can see whats on the pc? right? Can they control the pc like a BOT?

    Any help will be appreciated.

  2. #2
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,674
    Thanks
    307
    Thanked 604 Times in 503 Posts
    Item 2 is blocked by the hosts file; if any software calls for it by name, it is pointed back to your own machine. 127.0.0.1 = Home/local machine.

  3. The Following User Says Thank You to satrow For This Useful Post:

    avamy (2015-03-02)

  4. #3
    New Lounger
    Join Date
    Feb 2015
    Posts
    18
    Thanks
    9
    Thanked 0 Times in 0 Posts
    So, what you are saying, that my pc and pocket are safe?

    I am not so clued up on the finer details of IT, but could you explain a bit further in layman terms as to why item 2 is reflected, and where would it have come from as an example. How would I identify the responsible 'Software'?

    Tx Avamy

  5. #4
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,520
    Thanks
    54
    Thanked 1,038 Times in 966 Posts
    A HOSTS file has at least 2 parts to each entry. Yours has 2 parts.
    Part 1: The IP address of the system listed in part 2.
    Part 2: The system name in nice easy to remember and type letters.

    When you type an address in your browser, e.g. kdkjnejid.com, your browser asks your computer what IP address to use. The first place your computer looks for that information is the HOSTS file. In this case the IP is 127.0.0.1, so the request is sent to your PC and nowhere else, it doesn't even make it to the internet.

    cheers, Paul

  6. The Following User Says Thank You to Paul T For This Useful Post:

    satrow (2015-03-02)

  7. #5
    2 Star Lounger 1PW's Avatar
    Join Date
    Feb 2011
    Location
    North of the 38th parallel.
    Posts
    131
    Thanks
    26
    Thanked 46 Times in 28 Posts
    @avamy Please tell us what security software you are using and possibly we can help you determine the origins of your second entry in the HOSTS file.

    Thank you.

  8. #6
    WS Lounge VIP Browni's Avatar
    Join Date
    Dec 2009
    Location
    Rochdale, UK
    Posts
    1,750
    Thanks
    39
    Thanked 178 Times in 155 Posts
    Indeed @1PW. it doesn't look like a complete Hosts file and something must have been responsible for the 2nd entry.

  9. #7
    Silver Lounger RolandJS's Avatar
    Join Date
    Dec 2009
    Location
    Austin metro area TX USA
    Posts
    1,831
    Thanks
    105
    Thanked 138 Times in 135 Posts
    Both SpywareBlaster and Spybot versions 1 & 2 are just two of many programs that use the host file. I'm wondering if one of them may have set up this defense.
    "Take care of thy backups and thy restores shall take care of thee." Ben Franklin revisited.
    http://collegecafe.fr.yuku.com/forum...-Technologies/

  10. #8
    Super Moderator
    Join Date
    Aug 2012
    Location
    Durham UK
    Posts
    7,127
    Thanks
    165
    Thanked 937 Times in 895 Posts
    Quote Originally Posted by RolandJS View Post
    Both SpywareBlaster and Spybot versions 1 & 2 are just two of many programs that use the host file. I'm wondering if one of them may have set up this defense.
    I've been wondering what stuck it in as well ?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •