Solved

Windows 7 ignoring hosts file!

Posted on 2011-03-07
9
1,267 Views
Last Modified: 2012-05-11
I have windows 7 64 bit, and it is now ignoring the hosts file!!

This seems to have happened, just after running some tools suggested to me at bleepingcomputer.com.   The tools were OTL.exe and OTM.exe.    (This was part of an effort to remove a not incredibly bad malware, that would redirect perhaps 1 our of 20 google links I clicked to another site)

Anyway -- windows is ignoring the hosts file now, and the people at bleepingcomputer claim that all the tools did was clean out the host file -- they did nothing to stop windows from paying attention to it.

I can put something in the hosts file, and then try running a ping, and it will not find it.

Please help!
0
Comment
Question by:Xetroximyn
9 Comments
 
LVL 62

Accepted Solution

by:
☠ MASQ ☠ earned 84 total points
ID: 35063038
Are you editing the hosts file by running your text editor in "Run as Administrator" mode?
And editing the hosts file (no file extension) at %systemroot%\system32\drivers\etc\ then restarting the PC?

0
 
LVL 12

Assisted Solution

by:Kent W
Kent W earned 83 total points
ID: 35063051
0
 
LVL 8

Assisted Solution

by:subhashchy
subhashchy earned 83 total points
ID: 35063082
After trying above steps if still  issue seems persist then try these .

1. Open notepad in "RunAsAdministrator" mode
2. Edit Hosts file from Drivers\etc directory.
3. Add a dummy line, like  say  127.0.0.1 blahblah.com
4. Open a commnd promot and type "ipconfig /flushdns" and press enter
5. Again type "ipconfig /displaydns" and press enter.

Are you seeing the dummy entery here,the blah blah .com entry . Let us know the outcome..
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 166 total points
ID: 35063151
Xetroximyn--Forgive me.  I do not understand "ignoring the HOSTS file".  If those other programs "cleaned out " the HOSTS file, there is nothing to ignore.
The normal function of a HOSTS file nowadays is to block access to certain URL s.
A good explanation is
http://www.mvps.org/winhelp2002/hosts.htm                     
0
 

Author Comment

by:Xetroximyn
ID: 35063311
I use the hosts file so that I can point a particular name to an particular IP address.  Because I access exchange through a hamachi VPN.

After this tool cleared out the hosts file, I did in fact put my needed entries back in there.  and they were in fact ignored.   I know the entries where getting saved, because I could reopen the hosts file and see them there.  (I am quite used to editing the hosts file -- thats why I was so shocked to see windows ignore the hosts file)

Normally after editing the hosts file there is no need to reboot.  I just make a change, and try a ping to the name, and it resolved to the IP I specified.

But in the course of troubleshooting this, I tried everything under the sun, including
ipconfig /flushdns
nbtstat -R
and rebooting

Still the hosts file was ignored.

Eventually I tried system restore to before I ran these tools, and thank god it is working like normal again.  (I can add things to the hosts file and immediately they take, no reboot or flushdns required)

Any idea how this can happen?







0
 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 166 total points
ID: 35063393
Xetroximyn--Glad to hear all is well.   I have no idea what happened.  Did you reboot after recreating the HOSTS file?  That often cures mayn problems.
Ca
0
 

Author Comment

by:Xetroximyn
ID: 35063400
Oh yea -- I rebooted multiple times.  tried flushdns and nbtstat -R -- nothing would make it pay attention to the hosts file.  (I test with ping)

If I still have this redirect malware on my PC (hard to tell since it only does a redirect every once in a while)

then when I run the tools again this weekend, to try to clean the malware, I will test hosts functionality just before and after each tool, so I can find out exactly which one did it.  

0
 
LVL 69

Assisted Solution

by:Qlemo
Qlemo earned 84 total points
ID: 35067126
nbtstat -R only reads the lmhosts file, not hosts, so that could not help ;-).

Thinking about why a System Restore should have helped - maybe a DLL exchanged (should not), maybe one missing (should neither). Vista and W7 have changed the protecting behaviour (SFC) for system DLLs and files, which is now to be run manually (sfc /once). With XP there has been a service watching for changes, and replacing them immediately, to prevent from Virus and other malicious stuff.
0
 

Author Closing Comment

by:Xetroximyn
ID: 35134410
Thanks!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
NIC set to static, but still pulls DHCP address 8 32
Osiris Ranswomware 31 40
DNS.exe on Azure 2 23
Need to print using Bluetooth: Laser Jet Pro MFP M127fw 3 30
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
By default the complete memory dump option is disabled in windows . If we want to enable the complete memory dump for a diagnostic purpose, we have a solution for it. here we are using the registry method to enable this.
This Micro Tutorial will teach you the basics of configuring your computer to improve its speed. It will also teach you how to disable programs that are running in the background simultaneously. This will be demonstrated using Windows 7 operating…
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question