Why are the links I click hijacked? Resolution!!!

[Duncan.F]

Hi Guys,
Been out! I ran hijack this but it came up with an error message saying that 'something was preventing it from accessing the host file'. It then said pretty much what I had already been told on TP, ie windows32/etc/hosts. Did that but all that comes up is a 'sample file' which I copied in an earlier post. Seems like a perfect vicious circle!

Dunc

 

[Duncan.F]

Looks like click-jacking? If you're using IE, it's not great news. Firefox has a plug in called NoScript, which circumvents click-jacking.

Hi
I predominantly use the latest Firefox....

Dunc

 

[Duncan.F]

This what Hijack produces, given the limitation mentioned above.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:12:02, on 18/10/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Apoint\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\LaCie\Genie Backup Assistant\GBMAgent.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
C:\Program Files\Modern English\Gigs and Tours Desktop Widget\gat_rssreader.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shareware-en.com/en/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [GBMLite8AgentLaCie] C:\Program Files\LaCie\Genie Backup Assistant\GBMAgent.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Gigs and Tours Desktop Widget.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate1c9b870bd8bb760) (gupdate1c9b870bd8bb760) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Kodak AiO Device Service (KodakSvc) - SDSD - C:\Program Files\Kodak\printer\center\KodakSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12529 bytes

 

[2blue4u]

I ran hijack this but it came up with an error message saying that 'something was preventing it from accessing the host file'.

Yet another indicator of a trojan infection.

In order to get your life back and stop this never-ending and pointless research, you have two choices:

1. Re-install

2. Chuck it in the bin

 

[Duncan.F]

Yet another indicator of a trojan infection.

In order to get your life back and stop this never-ending and pointless research, you have two choices:

1. Re-install

2. Chuck it in the bin

Mmmm reinstall what? Everything? I don't have a lot of the discs as it came ready installed...Vista, photoshop...

Dunc

 

[2blue4u]

Looking at the Hijack list, I'd say it was several years overdue a reinstall.

I had the misfortune of owning a sony vaio once If I recall, it has a hidden recovery partition accessed by one of the function keys at startup. I think Alt-F10 is used for something. Then again, this may help.

I think I only attempted to use it once before wiping the entire hard drive and installing the OS my way, rather than sony's.

 

[neil_g]

anyone with a sound computer knowledge should be able to fix this for you in about 20 mins with a quick skim through the registry.

i suspect that the actual trojen is now gone but the remains of the registry entries are still redirecting your browser..

you could if you felt inclined search the registry for the URL you are being redirected to and edit the registry entry(ies)..

 

[nikonuser]

Download and try CCleaner that cleans the registry......no harm in trying before you put your hand in your pocket!!
Dave

 

[Woblee]

Ccleaner only tidys stuff up to keep your PC running well, it doesn't reomve any viruses or malware/spyware.

Spend your time hunting down discs and programs to re-install then wipe your drive and start afresh.

 

[Mikesphotaes]

Ccleaner only tidys stuff up to keep your PC running well, it doesn't reomve any viruses or malware/spyware.

Spend your time hunting down discs and programs to re-install then wipe your drive and start afresh.

Aye, stop mucking about, you could have had this all sorted ages ago.

Mind and change all your bank passwords once your fresh install is complete.

 

[neil_g]

or give it to someone who works in IT (and not PC World or Joe Bloggs PC Store) with a pack of biscuits/beer/cake. 20 min job i tells thee.

 

[Islander]

A quick scan of the log shows that you have two anti virus programs running - Avast and Avira. You should only have one as they are likely to interact and cause problems in themselves.

I would be deeply suspicious of this entry:

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

Winsock is the TCP/IP networking stack and an ideal place to stick a redirect. However, without seeing the machineor doing further research it's hard to say for sure.

There may be registry entries that are causing the problem, usually run entries in the user hives that automatically relaunch any malware after removal but that's beyond the scope of online help. You need to get a professional to have a proper look at it, or as others have suggested, save your data and rebuild.

 

[trencheel303]

anyone with a sound computer knowledge should be able to fix this for you in about 20 mins with a quick skim through the registry.

i suspect that the actual trojen is now gone but the remains of the registry entries are still redirecting your browser..

you could if you felt inclined search the registry for the URL you are being redirected to and edit the registry entry(ies)..

Agreed Neil. If I were sitting in front of this I'd have it right as rain in no time at all - hardly ever need to reinstall Windows these days unless the install is genuinely utterly f****ed.

If the OP can wait till I'm home (about 6 ish) I'll go through that HiJack log and say what to remove.

 

[gramps]

I would be deeply suspicious of this entry:

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

That's part of Vista's Parental Controls.

 

[gramps]

O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray

Not a good sign, all sorts of potential problems could come from there.

 

[Islander]

That's part of Vista's Parental Controls.

Ah, that'll be HijackThis not keeping up to date then - I'll remember that one in future. Thanks

I couldn't see anything else significant in the log. :shrug:

 

[Islander]

Not a good sign, all sorts of potential problems could come from there.

Napster's a respectable program these days

 

[Duncan.F]

Any point in running hijack in safe mode?

Dunc

 

[TheNissanMan]

If not already fixed and it's a Sony Vaio (looking at the logs) you don't need the discs, I can't remember which 'F' key tyo tap at boot but the Vaios can boot into their own little menu, and do a clean install in next to no time at all.,..

 

[Duncan.F]

I have found the stuff on reloading, apparently its all on here somewhere already! But a question, why can't i just use 'system restore' to a date a month or so ago.....?

Dunc

 

[Duncan.F]

Well after numerous attempts another engineer came round. I explained what was happening and he said 'router mate!' So he had a look at the router and sure enough it was still set to the factory default password and user. And believe it or not username is 'admin' and password is 'password' and every Netgear router is the same...... Hackers know this and do some kind of search and and use it to redirect adresses. Simples!

So he changed the password etc and problem went away! I didn't know whether to laugh or cry!

Dunc

 

[PsiFox]

not needed

 

[Mikesphotaes]

Well it just goes to show how much we all know on here

However, it did prompt me to check my router and change the password!

 

[neil_g]

Well after numerous attempts another engineer came round. I explained what was happening and he said 'router mate!' So he had a look at the router and sure enough it was still set to the factory default password and user. And believe it or not username is 'admin' and password is 'password' and every Netgear router is the same...... Hackers know this and do some kind of search and and use it to redirect adresses. Simples!

So he changed the password etc and problem went away! I didn't know whether to laugh or cry!

Dunc

interesting that someone would take the effort to crack your wireless key then log into your router and change its settings.. sounds like a lot of hassle for little return to me?

 

[Yardbent]

Get to the hosts bit and then this all thats there!
.......................................................
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost.................................

HELP....maybe needed.

reading the above thread, I opened my hosts file
it says as the above, then after the last line
::1 localhost ...it says

# Start of entries inserted by Spybot - Search & Destroy
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
etc etc for about 300+ entries.........:shake:

shall I delete them ALL..................thanks

 

[Yardbent]

including these Malware links
does this mean my Malware is compromised..?
or is Spybot just 'logging' them...

127.0.0.1 malwarealarm.com
127.0.0.1 www.malwarealarm.com
127.0.0.1 malwarealarms.com
127.0.0.1 www.malwarealarms.com
127.0.0.1 malwarebell.com
127.0.0.1 www.malwarebell.com
127.0.0.1 www.malwarebot.com
127.0.0.1 malwarebot.com
127.0.0.1 malwarecore.com
127.0.0.1 www.malwarecore.com
127.0.0.1 malwaredefender2009.com
127.0.0.1 www.malwaredefender2009.com
127.0.0.1 www.malwaredestructor.com
127.0.0.1 malwaredestructor.com
127.0.0.1 malwareguard.com
127.0.0.1 www.malwareguard.com
127.0.0.1 www.malware-online-scaner.com
127.0.0.1 malware-online-scaner.com
127.0.0.1 www.malwareprotector2008.com
127.0.0.1 malwareprotector2008.com
127.0.0.1 www.malwareremovalbot.com
127.0.0.1 malwareremovalbot.com
127.0.0.1 www.malware-scanner.com
127.0.0.1 malware-scanner.com
127.0.0.1 www.malwarewipe.com
127.0.0.1 malwarewipe.com
127.0.0.1 www.malwarewiped.com
127.0.0.1 malwarewiped.com
127.0.0.1 www.malwarewipesupport.com
127.0.0.1 malwarewipesupport.com
127.0.0.1 www.malwarewipeupdate.com
127.0.0.1 malwarewipeupdate.com

 

[neil_g]

spybot adds in these listings so that your browser does not go to these sites.. nothing to worry about.

 

[Yardbent]

spybot adds in these listings so that your browser does not go to these sites.. nothing to worry about.

thanks for that....

 

[neil_g]

basically 127.0.0.1 is the internal network address of your computer so any requests to those listed sites will only ever connect to yourself and not the actual bad sites.