Home > General > PossibleHostsFileHijack

PossibleHostsFileHijack

A nasty hijacking trick, all right... They are not problems. When I run a full system scan with the MSSE application no viruses are found, still when I add a facebook entry to any of the hosts file, it gets removed Is that normal?

I am really at a loss about what is going on here. I'll learn to type yet,I promise How do I get help? Can we build a world in 1,000 years? they don't really care about their owners but only about their own interests.

Message Edited by mo on 03-10-2009 06:49 AM Cheers Mo Windows 7 64 bit, NIS2013 Yaso_Kuuhl Guru Norton Fighter25 Reg: 19-Feb-2009 Posts: 5,736 Solutions: 198 Kudos: 1,611 Kudos0 Re: Vista and Back to top #13 DaChew DaChew Visiting Alien BC Advisor 10,317 posts OFFLINE Gender:Male Location:millenium falcon and rockytop Local time:07:06 AM Posted 10 March 2009 - 07:55 AM I have I only want you to have a clean PC and peace of mind about it.

  1. Although this seems to have turned out to be a FP, the suspicion of that backdoor trojan infection has left me wondering if I could have someone go over the log
  2. If you don't want all those items in your hosts file then either edit them out manually back to a default or see if MSE can fix it for you.
  3. Rudy Savvy a moment ago Helpful 0 Reply Unmark solved Solved Post × Post Question Hang on a sec!
  4. Malwarebytes' Anti-malware doesn't seem to do the job.
  5. Thanks.Run HJT.Please follow this guide.
  6. Only the US, Liberia and Myanmar are “not metric”?
  7. Posted: 09-Mar-2009 | 8:30PM • Permalink Seems to be going around http://community.norton.com/norton/board/message?board.id=nis_feedback&message.id=37868#M37868 Post 25/25 must be a Vista thing?

Posted: 10-Mar-2009 | 11:56AM • Permalink Thanks Duck. No, it's not Facebook being evil at all. You asked great questions. Why does my SELECT DISTINCT TOP N query scan the entire table?

The Microsoft techs were trying to fix the problem as quickly as possible before people stormed them with angry complaints :-) As for AntiVirus 360 - the mods will help. After this last update I ran the quick scan and it found nothing. Now this is my first time seeing an little "!" pop up so I go to take a peek and see "Win32/PossibleHostsFileHijack" was the problem. https://www.bleepingcomputer.com/forums/t/209673/win32possiblehostsfilehijack-help/ Top Follow:I want to...Get helpRemove difficult malwareAvoid tech support phone scamsSee and search the latest threatsFind answers to other problemsFix my softwareFix updates and solve other problemsSee common error codesDownload and

Modify the registry so that the Trojan is executed when you start Windows.I feel I should also give you this advice now.One or more of the identified infections is a backdoor Posted: 10-Mar-2009 | 3:48AM • Permalink You deserved it because you posted what happened to you, so anyone else reading your thread or searching for the same problem  will find your I have not noticed any abnormal behaviour on my computer and I can access security sites normally etc. A full scan might find other, hidden threats.

If you’re using Windows XP, see our Windows XP end of support page. Who is helping me?For the time will come when men will not put up with sound doctrine. It represents the MAC address of the failed interface or the Globally Unique Interface Identifier (GUID) if NetBT was unable to map from GUID to MAC address. Reset the Hosts file This unwanted software might change the contents of your Hosts file: How can I reset the Hosts file back to the default?

How do I get help? Reset the Hosts file This unwanted software might change the contents of your Hosts file: How can I reset the Hosts file back to the default? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: VPN Client.lnk = ? If you’re using Windows XP, see our Windows XP end of support page.

Need filename and folder please. If neither the MAC address nor the GUID were available, the string represents a cluster device name. Error: (11/10/2014 10:29:43 PM) (Source: EventLog) (EventID: 6008) (User: )Description: The previous system shutdown at 22:26:44 Posted: 10-Mar-2009 | 5:20PM • Permalink Yes It is ok totally blank, though usually there is type explaining the HOSTS file, usually has this or similar # Copyright (c) 1993-1999 Microsoft Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook Have you

I think the two are unrelated, but that's just my opinion. Jem sent me the summary of the action taken in an e-mail, here it is: --- Problem Description: Browser Hijacker Troubleshooting Performed: Action: Check host file Result: Delete the old host If you double left click along the border of Task Manager, the menus go away.

Many thanks thus far, Master Jedi ; ) nathanael.fourie, Jun 15, 2015 #3 nathanael.fourie Private E-2 Hi again ChasLang I followed the steps you layed out.

Why are so few foods blue? I used the 32bit version. SSH broken in for user with no shell How can the regression error term ever be correlated with the explanatory variables? Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook Have you

You got bad news... more stack exchange communities company blog Stack Exchange Inbox Reputation and Badges sign up log in tour help Tour Start here for a quick overview of the site Help Center Detailed Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Signature versions 1.53.283.0 and higher include this fix.

To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1684 Start Time: 01cffa8e1ff2d7d5 Termination Time: 4294967295 Application Path: C:\Windows\system32\wwahost.exe Report Id: 7be87085-6681-11e4-afee-9c2a701a95d4 Faulting package