Advanced tools - host files

[yelgnit4]

Mega problems on my computer - however MS AntiSpyware has
been the most helpful, actually explaining things and how
they work. My problem in the the Windows Host File,
under Advanced Tools. I have hundreds of items listed
under the Host column all with the same Destination
address. From what I gather I've been hijacked, although
non of these shows up on the hijack this program (non MS)
or on the 7 other anti-spyware/virus detection programs
I've run. The options to block these takes 20 seconds to
deactivate. Multiply that by the hundreds that I'll have
to do - my question. Is there another way to block all of
these at once? The option to Permanently remove host is
not available (its grayed out). I've tried host cleaner
product but it just makes a list of these things, no
instructions on how to delete them.

Thanks.

 

[plun]

Hi

Try Hoster and restore to "Microsoft original".

http://www.funkytoad.com/hoster.htm

It is also a good idea to remove all temporarily
junk before any spyware removal, CCleaner can be used.

www.ccleaner.com

 

[plun]

Hi

More about this:

"the 7 other anti-spyware/virus detection programs"

If you are running Spybots "teatimer" or maybe some
other real time protection you must disable this
protection before you can change your hosts file.

Running different programs with RTP is a mess and
MSAS is enough for RTP. Or uninstall MSAS and choose
another antispyware program with RTP.

You can use other antispyware programs for manual scannings.

My opinion is that Lavasofts Adaware, MSAS and CCleaner is enough
for mostly all PCs AND not forget a good updated antivirus program of
course !

TrendMicros Housecall is a good place for extra online checks.

http://housecall.trendmicro.com/

 

[yelgnit4]

Thanks plun. I'll try your suggestions. I do have adaware
and Norton Internet security and run them daily. Norton
has blocked several viruses. I ran the others hoping to
find something that fixes my pertpetual "hangs". I'll
post my results from your suggestion. Thanks.

 

[tobe]

The sites listed in your Hosts file are sites that have been added to
prevent them from re-directing your browser to another site. They, instead,
all get redirected to a "null" site on your own computer, 127.0.0.1. This
is a good thing, as it prevents surreptitious redirection.

If your HOSTS file is very long, it is likely that another spyware-blocking
program has added these there. The prime example is Spybot S&D, which adds
hundreds of files to the Hosts file.

You can examine your HOSTS file by going to C:\windows\system32\drivers\etc.
The hosts file has no extension, but can be opened with WordPad. My hosts
file, with the additions by Spybot S&D, is 52Kb. When I first examined it,
it had multiple entries of the same files from Spybot S&D, and was 412 Kb!.
Spybot adds text to the hosts file, telling you something like 'the
following files are added by Spybot S&D" (nice of them). I edited out all
but one copy of the file (after saving a copy of the original as back-up),
then saved the new file. Save it as a .txt file, then rename it without the
..txt and it will work fine.

The MSAS help files for HOSTS files are less than helpful. You WANT the
file to be re-directed to 127.0.0.1. If you "Block" the file in MSAS, it NO
LONGER re-directs to 127.0.0.1. Therefore, leave these files "un-blocked"
as they originally are: i.e. leave the file alone - it is a good, protective
thing!

 

[plun]

Hi tobe

Malware can also place sites to this hosts file.

If you have hundreds of sites within hosts file it´s nearly impossible
to find these malware entries.

For normal users it´s much better to restore it to Microsoft original,
then let MSAS protect this file with one agent (built in).

It´s old fashion now with block files with MSAS, state of the art, real
time protection !

 

[yelgnit4]

Thanks for the info. I had already taken the advise of
the previous post and restored to Microsoft original. I
had over 8,200 entries! My system is extremly slow even
though I have half of my 40GB left. I have no virus that
I can find. But Microsoft Outlook and Word "hang" all the
time. I thought that this would speed up the machine. It
didn't so I'm now going to look for other possible
causes. I have removed all the scanners except Adaware,
Norton, Zonealarm and the MSAS. Hopefully it will keep
the host file to a manageable level.

 

[plun]

Hi

Did you remove all temporarily junk with CCleaner ?

Also it´s maybe better to use this protocol and end up in
a HijackThis forum.

http://www.aumha.org/a/quickfix.htm

With HijackThis its easier to see whats wrong.

--
plun



yelgnit4 expressed precisely :

 

[yelgnit4]

Yes, did remove the temp junk with CCleaner. Did do the
HijackThis prior to my original post and there weren't
any of the O1 "Hijacks". What is the aumha.org used for?
Not sure if this is a cleaner or a hijack tracker.

Thanks.

 

[plun]

Hi

Aumha.org is a great place with highly skilled "helpers"
for HijackThis log analyze.

About Aumha
http://www.aumha.org/about.htm

HijackThis is used all over world for spywareremovals.
In the beginning younger users got help from this program
but now we have a lot of forums dedicated to spyware removal
with Hijackthis. These new forums using all modern UIs, so called
board forums. Much better then this old fashion newsgroup, messed up
with replies above and below and no qouting.

More HijackThis forums:
http://www.merijn.org/forums.html