View Full Version : You'll never guess what I found in my hosts file
HunterAmacker
2009-01-04, 05:28
So, I've noticed for a while now that torrent sites like ThePirateBay and Mininova have been giving me these login prompts when ever I try to vist them. Knowing that neither of these sites would ever require a crude login just to access their homepages, I figured it had to be something nasty on my machine. After digging I around, it occurred to me it had to be my hosts file that was restricting access to these sites. Guess how surprised I was when I opened it up in Notepad++!
http://i42.tinypic.com/ezld6p.png
I think it was modified when I installed a Alcohol 120% crack, but I'm not certain. I'll just delete those *ahem* invalid entries and everything should be fine. What do you guys think about this? Should I be more worried that something tried to mess with my hosts? I'm running a full scan with Norton 2009 and AdAware at the moment, just to play it safe.
Prometheum
2009-01-04, 05:56
Jesus, why the fuck do you people put up with this?
I am honestly surprised every time a post like this comes though NS&H. I mean really. Monkey noises, anti-piracy viruses, what fucking next? You get a piece of spyware that rapes you in the ass with the CD-ROM drive?
You will not get any viruses if you run GNU/Linux. (http://gnewsense.org) Why the fuck would you put up with this bullshit....
HunterAmacker
2009-01-04, 06:04
.... I actually dual boot Vista and Fedora 10. I use Windows to run programs needed for work, so I was trying to download some Daft Punk on TPB while I worked.
Prometheum
2009-01-04, 06:13
Jesus, put that shit in a VM and don't let it get on the net whatever you do
It was running a daemon on your own machine?
HunterAmacker
2009-01-04, 06:45
No, as far as I can tell, it only modified my hosts file to not allow me to connect to mainstream torrent sites.
Why a software crack would do this? I haven't got a clue.
Prometheum
2009-01-04, 19:35
But the "crude login screen" was running on your computer.
HunterAmacker
2009-01-04, 21:28
This is an example of what I was talking about:
http://i40.tinypic.com/23l4bq.png
Its just Firefox's default Login prompt for protect areas.
Prometheum
2009-01-05, 00:54
Okay, so your computer was redirecting it to 192.168.1.1.
Apparently the virus only changes the hosts file. Here's a Torrentfreak article about it. (http://feedproxy.google.com/~r/Torrentfreak/~3/-FQQyKiKatY/)
Jesus, put that shit in a VM and don't let it get on the net whatever you do
It was running a daemon on your own machine?
Dude, you can't run a 'daemon' on windows, you can't fork in the first place.
Welcome to Windows world.
oddballz194
2009-01-05, 19:41
Dude, you can't run a 'daemon' on windows, you can't fork in the first place.
Welcome to Windows world.
On Windows they're called services, but it's the same damn concept.
Forking isn't supported in the WinAPI side of things, but it is supported in Services for Unix-based Applications (SUA), as well as Cygwin (which has a hack to emulate the copy-on-write behavior). fork()'s also not needed for a daemon-style process, since most recent implementations of daemons in the Unix-world use POSIX threads for concurrency due to its low cost compared to copying an entire process. Windows threads can be made to act exactly like POSIX threads for practical purposes.
On Windows they're called services, but it's the same damn concept.
Forking isn't supported in the WinAPI side of things, but it is supported in Services for Unix-based Applications (SUA), as well as Cygwin (which has a hack to emulate the copy-on-write behavior). fork()'s also not needed for a daemon-style process, since most recent implementations of daemons in the Unix-world use POSIX threads for concurrency due to its low cost compared to copying an entire process. Windows threads can be made to act exactly like POSIX threads for practical purposes.
A daemon has to fork, unless invoked by init itself.
Otherwise it's not a daemon.
MrSparkle
2009-01-05, 21:21
I agree with prometheum. People always say comparing windows to linux is like comparing an apple and an orange. If we were talking about a rotten worm infested apple that you wasted money on I'd agree but in my personal experience linux beats windows in most areas. Playing games is one of the only exceptions.
Prometheum
2009-01-05, 21:25
Dude, you can't run a 'daemon' on windows, you can't fork in the first place.
Welcome to Windows world.
I meant "daemon" as "process going on in the background and occasionally doing things like requiring HTTP authentication".
And it's just called CreateProcess. Here's an example:
CreateProcess(NULL, NULL, NULL, (DWORD)NULL, NULL, (int)(DWORD)NULL, (DWORD *)NULL, NULL, NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL, NULL
It just goes on like that.
oddballz194
2009-01-06, 02:41
A daemon has to fork, unless invoked by init itself.
Otherwise it's not a daemon.
Most system-level background processes are in fact spawned from init, much as Windows services are spawned from winlogon.exe. It's an equivalent mechanism. Since services are started by the Windows equivalent of the *nix init process, you yourself have indicated that services are the equivalent of daemons.
Actually, there is a second startup mechanism for Windows services: services.exe. However, the only difference between services launched via services.exe and those launched by winlogon.exe is that services.exe launches them before login. Otherwise, they're perfectly equivalent -- both have direct access to kernel function calls, for example. They can both be considered equivalents to the init process, except that Windows effectively allows per-user init runlevels.
I meant "daemon" as "process going on in the background and occasionally doing things like requiring HTTP authentication".
And it's just called CreateProcess. Here's an example:
CreateProcess(NULL, NULL, NULL, (DWORD)NULL, NULL, (int)(DWORD)NULL, (DWORD *)NULL, NULL, NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL, NULL
It just goes on like that.
Yes, but is CreateProcess the ONLY way to create a new process?
BTW, everybody knows what you meant by daemon :).
Cuz the ONLY way to create a new daemon is by being invoked by init, or forking then killing the parent. (sounds twisted...)
oddballz194
2009-01-07, 00:45
Yes, but is CreateProcess the ONLY way to create a new process?
BTW, everybody knows what you meant by daemon :).
Cuz the ONLY way to create a new daemon is by being invoked by init, or forking then killing the parent. (sounds twisted...)
Yeah, killing your parents with a fork is a rather extreme measure. :o
Prometheum
2009-01-07, 01:24
Yeah, killing your parents with a fork is a rather extreme measure. :o
Well, extreme needs call for extreme measures. There really are few other ways of becoming an daemon.
Yeah, killing your parents with a fork is a rather extreme measure. :o
lol
This is my favorite thread since the one in which Xpenguin was owned.
grusomhat
2009-01-08, 06:20
Back on topic: That login prompt is for your router dude. So that "crude login screen" is nothing but the routers access login. No surprise since it's routing you to 192.168.1.1 Odd though as 127.0.0.1 is just localhost, ie it shouldn't be the default gateway address.
I'm probably missing something though
Lundmark
2009-01-15, 05:14
try pinging 192.168.1.1 and 127.0.0.1. It should be the normal <1ms if you have a clean hosts file for that ip.
Prometheum
2009-01-15, 20:37
try pinging 192.168.1.1 and 127.0.0.1. It should be the normal <1ms if you have a clean hosts file for that ip.
IP addresses don't require consulting a hosts file.
sirholkms
2009-01-15, 20:49
Jesus, why the fuck do you people put up with this?
I am honestly surprised every time a post like this comes though NS&H. I mean really. Monkey noises, anti-piracy viruses, what fucking next? You get a piece of spyware that rapes you in the ass with the CD-ROM drive?
You will not get any viruses if you run GNU/Linux. (http://gnewsense.org) Why the fuck would you put up with this bullshit....
My god your such a pretentious Linux idiot. Your a fool if you think Linux is good. Linux sucks if not only for the fact that all the "good" software is written for Windows and by "good" I don't mean open source software written for Linux by people like you that try to promote the shit and user-friendless operating system Linux, I mean user friendly and potentially commercial software, the kind of software you could be writing if you weren't in denial of the fact that Windows is a success story and Linux is not. So I am going to go use Windows now and not have to worry about navigating my way through a fucking spaghetti maze, because when you are looking for software drivers for the new hardware you just bought that was designed for Windows and you cannot find any for Linux I'll know I'm right. P.S. you could be making money but your made of fail.
Prometheum
2009-01-15, 21:53
My god your such a pretentious Linux idiot. Your a fool if you think Linux is good. Linux sucks if not only for the fact that all the "good" software is written for Windows and by "good" I don't mean open source software written for Linux by people like you that try to promote the shit and user-friendless operating system Linux, I mean user friendly and potentially commercial software, the kind of software you could be writing if you weren't in denial of the fact that Windows is a success story and Linux is not. So I am going to go use Windows now and not have to worry about navigating my way through a fucking spaghetti maze, because when you are looking for software drivers for the new hardware you just bought that was designed for Windows and you cannot find any for Linux I'll know I'm right. P.S. you could be making money but your made of fail.
shut up, you killed yourself.
shut up, you killed yourself.
This.
Nobody will ever trust you again.
Your not the welcome here, gtfo.
sirholkms
2009-01-16, 09:34
Don't try distract people from the fact that you are wasting your time and skill on an OS nobody uses or likes.