Solved

Windows 7 ignoring hosts file!

Posted on 2011-03-07
9
1,262 Views
Last Modified: 2012-05-11
I have windows 7 64 bit, and it is now ignoring the hosts file!!

This seems to have happened, just after running some tools suggested to me at bleepingcomputer.com.   The tools were OTL.exe and OTM.exe.    (This was part of an effort to remove a not incredibly bad malware, that would redirect perhaps 1 our of 20 google links I clicked to another site)

Anyway -- windows is ignoring the hosts file now, and the people at bleepingcomputer claim that all the tools did was clean out the host file -- they did nothing to stop windows from paying attention to it.

I can put something in the hosts file, and then try running a ping, and it will not find it.

Please help!
0
Comment
Question by:Xetroximyn
9 Comments
 
LVL 62

Accepted Solution

by:
☠ MASQ ☠ earned 84 total points
ID: 35063038
Are you editing the hosts file by running your text editor in "Run as Administrator" mode?
And editing the hosts file (no file extension) at %systemroot%\system32\drivers\etc\ then restarting the PC?

0
 
LVL 12

Assisted Solution

by:Kent W
Kent W earned 83 total points
ID: 35063051
0
 
LVL 8

Assisted Solution

by:subhashchy
subhashchy earned 83 total points
ID: 35063082
After trying above steps if still  issue seems persist then try these .

1. Open notepad in "RunAsAdministrator" mode
2. Edit Hosts file from Drivers\etc directory.
3. Add a dummy line, like  say  127.0.0.1 blahblah.com
4. Open a commnd promot and type "ipconfig /flushdns" and press enter
5. Again type "ipconfig /displaydns" and press enter.

Are you seeing the dummy entery here,the blah blah .com entry . Let us know the outcome..
0
 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 166 total points
ID: 35063151
Xetroximyn--Forgive me.  I do not understand "ignoring the HOSTS file".  If those other programs "cleaned out " the HOSTS file, there is nothing to ignore.
The normal function of a HOSTS file nowadays is to block access to certain URL s.
A good explanation is
http://www.mvps.org/winhelp2002/hosts.htm                    
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:Xetroximyn
ID: 35063311
I use the hosts file so that I can point a particular name to an particular IP address.  Because I access exchange through a hamachi VPN.

After this tool cleared out the hosts file, I did in fact put my needed entries back in there.  and they were in fact ignored.   I know the entries where getting saved, because I could reopen the hosts file and see them there.  (I am quite used to editing the hosts file -- thats why I was so shocked to see windows ignore the hosts file)

Normally after editing the hosts file there is no need to reboot.  I just make a change, and try a ping to the name, and it resolved to the IP I specified.

But in the course of troubleshooting this, I tried everything under the sun, including
ipconfig /flushdns
nbtstat -R
and rebooting

Still the hosts file was ignored.

Eventually I tried system restore to before I ran these tools, and thank god it is working like normal again.  (I can add things to the hosts file and immediately they take, no reboot or flushdns required)

Any idea how this can happen?







0
 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 166 total points
ID: 35063393
Xetroximyn--Glad to hear all is well.   I have no idea what happened.  Did you reboot after recreating the HOSTS file?  That often cures mayn problems.
Ca
0
 

Author Comment

by:Xetroximyn
ID: 35063400
Oh yea -- I rebooted multiple times.  tried flushdns and nbtstat -R -- nothing would make it pay attention to the hosts file.  (I test with ping)

If I still have this redirect malware on my PC (hard to tell since it only does a redirect every once in a while)

then when I run the tools again this weekend, to try to clean the malware, I will test hosts functionality just before and after each tool, so I can find out exactly which one did it.  

0
 
LVL 68

Assisted Solution

by:Qlemo
Qlemo earned 84 total points
ID: 35067126
nbtstat -R only reads the lmhosts file, not hosts, so that could not help ;-).

Thinking about why a System Restore should have helped - maybe a DLL exchanged (should not), maybe one missing (should neither). Vista and W7 have changed the protecting behaviour (SFC) for system DLLs and files, which is now to be run manually (sfc /once). With XP there has been a service watching for changes, and replacing them immediately, to prevent from Virus and other malicious stuff.
0
 

Author Closing Comment

by:Xetroximyn
ID: 35134410
Thanks!
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Article by: Lee
Windows 7 Ultimate and Enterprise (and 2008 R2) introduced a new feature you may not be aware of - Boot from VHD.   Boot from VHD (or what Microsoft refers to asNative Boot allows you to install Windows to a VHD (Virtual Hard Disk) file that is t…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This Micro Tutorial will teach you how to change your appearance and customize your Windows 7 interface to your unique preference. This will be demonstrated using Windows 7 operating system.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now