Share via

Rundl32.exe

Anonymous
2010-06-04T14:51:04+00:00

My Webroot program alerts me that a rundl32.exe program is trying to make changes to my host file. should I allow this changes? Also when I click on a link I get re-directed to a completely different site and I have to go back and click on the link I want 3-4 times until I get in to the site I want. It does not happen all the time but often to bugg me. Thx

Windows for home | Previous Windows versions | Security and privacy

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2010-06-05T18:27:05+00:00

    The "hosts" file is located in the following path:

      C:\Windows\System32\Drivers\etc\hosts

    You can open it with any text editor or Notepad.  Under almost all circumstances, it should contain only one line that does not begin with a "#" character and that line should be:

    127.0.0.1       localhost

    Malware often uses the "hosts" file to redirect to different sites -- so if you think you are going to your bank's website, you might instead be going to some other site and typing in your account login and passwords.

    In general, do not allow changes to your hosts file.  The very fact that something tried to change it is indicative that you have some kind of malware on your machine.  Download a program such as "Malwarebytes " and do a thorough scan of your machine.

      HTH,

       JW

    3 people found this answer helpful.
    0 comments