Hi jeedai555,
i know how you feel, i have copied below the instructions that i could even follow. in order to find the c/windows file right click on start button and then open the windows box from drop down list of files then look for the system 32 folder open it then look for
drivers folder open it and then open the /et c/folder and you will see the hosts folder on the right hand side of the screen. right Click on the host folder and press on the notepad option you will then get a list of files including yahoo, google etc select all and delete them, then paste the following 127.0.0.1 localhost
The above is only a summary of the post below but it is important before you do above you start at rule 1 below.
It worked for me and i have to say i was looking for a number of days for a solution i could follow.
Good luck
Sadfart
POST
Rule 1 is to run these in Safe Mode (reboot, press F8 and then boot windows in "Safe Mode with Networking"). Can't be sure, but the socially inept, friendless, tiny mahood person who designed intervalhehehe seems to have got it to avoid detection in normal Windows mode.
This will take up to an hour or so depending on your machine and the amount of files you have.
For reference, the anti-malware that I used was Spybot S&D updated with the latest files. I also ran Avast anti virus (free Download from internet) and Malwarebytes - all of them spotted some things but not necessarily this.
Run these until the scans come back clean, then reboot into normal mode. You should have no annoying messages now. If you do, then my answer hasn't worked for you.
Once that was done, some smart cookie on the net suggested that if you are still getting Chinese Google/ fake Microsoft site syndrome then your hosts file has been tampered with. If your interested, (which you certainly don't have to be to solve this!) the host file tells your machine that certain requests for URLS by any your browsers should ignore the real site (to do with a service called DNS) and go to wherever the file tells it to - in this case, requests for google and a few other sites are being sent to a malware site or Chinese Google. For me, this was absolutely the case.
For those not familiar with this it is perfectly safe and easy to repair:
Go to C:/Windows/system32/drivers/et c/hosts
Open this in notepad (ignoring system messages telling you that you ought not to play with these files) and delete everything. Then to return to the windows original add this single line and then save:
127.0.0.1 localhost
If you don't trust my reply here check on the web for "windows host file" example and you should find that's OK!
If you see another version of this with lots of text in it don't worry that the descriptive text above the line above isn't there; windows will ignore that since it was for your benefit only. Or add it in, it really doesn't matter.
just followed everything to get out of this annoying situation but when i get to the part where I delete everything in the HOST file and paste the localhost in the file and save, it will not let me save it.......why is this, its the last step and its frustrating me, hope to here from you very soon
Hey, Not sure if you're still checking this but maybe this will help somebody... I got the same thing about an hour ago the same way you did. heres what you do.
ctrl-alt-del and get your task manager running.
End this process "explore"
NOT "explorer".
From there you can scan and more than likely find the file and have it quarantined or deleted. If not, it's in your temp folder.
c:\documents and settings\%username(you)%\local settings\temp\(the culprit file should be something along the lines of IX00 something or another..Delete this file)
once deleted you can go about fixing the host entries intervalhehehe has jacked with.
easiest way is to just search your computer for "hosts" and you will come up with 2 or 3 results..(if you don't wanna search for it then here is the path C:\WINDOWS\system32\drivers\etc )
Hosts
lmhosts
and such
right click the "hosts" file and open with notepad.
select all of the text in there and delete it then save the file.
This last step will fix Internet Explorer to where you can access all your websites now.
NOTE:If you use firefox. Open it and clear all of your private/saved data and your cookies. (this one took me a while to figure out)
After which restart your computer. you should be good to go.
I'll try to check back and see how you fare. Hope this helps others as well.
