A
amell
Hi: I run Windows 2K (IE 6.0) and I recently began
receiving the following page when I tried to go to several
websites (notably Google):
Before undertaking the fix, I wanted to know if these
instructions were legitimate or part of the hack. Can
anyone help?
Much thanks,
amell
---------------------------------------------------------
"If you see this page your hosts file has been hacked.
Please use the instruction below to clean your machine.
You cannot reach the site you where trying to reach
without following this procedure! - Please follow the
steps provided in this document and make sure to download
all patches for your computer from the Windows Update Site
which can be found here:
http://windowsupdate.microsoft.com
1. Start regedit,
find
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
\Run ,
delete starting of svchost.exe file,
reboot your computer,
delete file svchost.exe in windows directory.
2. Reboot windows and start in
SAFE MODE (F8 key on keyboard before windows starting),
delete file winlogon.exe in directory: C:\Documents and
Settings\All Users\Start Menu\Programs\Startup
3. Clear your 'hosts' file.
How to edit your hosts file: locate it first, either by
browsing to the directory (as shown above) or by
hitting "Start - Search - select all files and folders -
type in 'hosts' (without the quotation marks) and hit
search. When the file is found, click with your right
mouse button on the file and select 'Open With...' This
will bring up a list of programs to edit the file with.
Select Notepad from that list and click OK. - Remove all
lines from the file and type in: 127.0.0.1 localhost. Now
close the file and save your changes.
For Windows 95/98/Millenium machines: Locate the file
hosts in your C:\Windows directory. Just delete it or edit
it with a text editor like notepad and make sure there is
only one line there:
127.0.0.1 localhost
For Windows 2000 machines: Locate the file hosts in your
C:\Winnt\System32\Drivers\Etc directory. Just delete it or
edit it with a text editor like notepad and make sure
there is only one line there:
127.0.0.1 localhost
For Windows XP machines: Locate the file hosts in your
C:\Windows\System32\Drivers\Etc directory. Just delete it
or edit it with a text editor like notepad and make sure
there is only one line there:
127.0.0.1 localhost "
receiving the following page when I tried to go to several
websites (notably Google):
Before undertaking the fix, I wanted to know if these
instructions were legitimate or part of the hack. Can
anyone help?
Much thanks,
amell
---------------------------------------------------------
"If you see this page your hosts file has been hacked.
Please use the instruction below to clean your machine.
You cannot reach the site you where trying to reach
without following this procedure! - Please follow the
steps provided in this document and make sure to download
all patches for your computer from the Windows Update Site
which can be found here:
http://windowsupdate.microsoft.com
1. Start regedit,
find
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
\Run ,
delete starting of svchost.exe file,
reboot your computer,
delete file svchost.exe in windows directory.
2. Reboot windows and start in
SAFE MODE (F8 key on keyboard before windows starting),
delete file winlogon.exe in directory: C:\Documents and
Settings\All Users\Start Menu\Programs\Startup
3. Clear your 'hosts' file.
How to edit your hosts file: locate it first, either by
browsing to the directory (as shown above) or by
hitting "Start - Search - select all files and folders -
type in 'hosts' (without the quotation marks) and hit
search. When the file is found, click with your right
mouse button on the file and select 'Open With...' This
will bring up a list of programs to edit the file with.
Select Notepad from that list and click OK. - Remove all
lines from the file and type in: 127.0.0.1 localhost. Now
close the file and save your changes.
For Windows 95/98/Millenium machines: Locate the file
hosts in your C:\Windows directory. Just delete it or edit
it with a text editor like notepad and make sure there is
only one line there:
127.0.0.1 localhost
For Windows 2000 machines: Locate the file hosts in your
C:\Winnt\System32\Drivers\Etc directory. Just delete it or
edit it with a text editor like notepad and make sure
there is only one line there:
127.0.0.1 localhost
For Windows XP machines: Locate the file hosts in your
C:\Windows\System32\Drivers\Etc directory. Just delete it
or edit it with a text editor like notepad and make sure
there is only one line there:
127.0.0.1 localhost "