so hijackthis found...this guy on my buddies computer

jak3y · Dec 7, 2005

can't seem to fix it though
C:\WINDOWS\system32\drivers\etc\hosts...apparently i should fix it off of the hijackthis site...so any thoughts?
make it a read only file? make a copy?

jak3y · Dec 7, 2005

thought i'd add...
127.0.0.1 localhost
was what was found inside of it
http://www. sophos. com/virusinfo/analyses/w32agobotop.html has something similar to the above IP.

Shadow_Puter_Dude · Dec 7, 2005

The hosts file on XP is located C:\WINDOWS\system32\drivers\etc not C:\WINDOWS\system32\drivers\etc\hosts.

Your friend should follow our sticky.

jak3y · Dec 7, 2005

Shadow, i meant to say that, it is located there...but for some reason HJT(.de) said it should be fixed.
It's in the right home, but why would HJT recommend to "fix it"
Ran Ewido and scanned the sys32 with eTrust and everything is fine, did the sticky routine.

chaslang · Dec 7, 2005

127.0.0.1 localhost is the typical default line that is included. There are normally a bunch of comment lines ahead of it. Automatic analyzer tools are far from perfect.

To truly restore the hosts file in its exact form use the below:

Download HOSTER and then follow the below steps.

Unzip Hoster to a convenient folder such as C:\Hoster

Run Hoster.exe, click Restore Original Hosts and then click OK.

Click the X to exit the program

Log in or Sign up

so hijackthis found...this guy on my buddies computer

jak3y Guest

jak3y Guest

Shadow_Puter_Dude MG Authorized Malware Fighter

jak3y Guest

chaslang MajorGeeks Admin - Master Malware Expert Staff Member