just cleaned up an infected computer and it was redirecting search results, I found that the bad search results were coming from the hosts file, interestingly if you browse to c:\windows\system32\drivers\etc\ there is no hosts file present even with "show hidden files" turned on, I tried running hijackthis but it said that it could not rewrite the hosts file and that I must do it manually.
now if I type into run "notepad c:\windows\system32\drivers\etc\" it pulls up the bad hosts file. Now I save the hosts file elsewhere and remove the .txt extension and go to place it in that directory it comes up with the "would you like to replace file 'hosts"' but after I say yes it comes up with error "cannot move hosts: a file with that name already exists" I have tried this in safe mode logged on as administrator with no luck. but I cannot for the life of me rewrite the hosts file.
any ideas are greatly appreciated.