[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1291
  • Last Modified:

Windows 7 ignoring hosts file!

I have windows 7 64 bit, and it is now ignoring the hosts file!!

This seems to have happened, just after running some tools suggested to me at bleepingcomputer.com.   The tools were OTL.exe and OTM.exe.    (This was part of an effort to remove a not incredibly bad malware, that would redirect perhaps 1 our of 20 google links I clicked to another site)

Anyway -- windows is ignoring the hosts file now, and the people at bleepingcomputer claim that all the tools did was clean out the host file -- they did nothing to stop windows from paying attention to it.

I can put something in the hosts file, and then try running a ping, and it will not find it.

Please help!
0
Xetroximyn
Asked:
Xetroximyn
6 Solutions
 
☠ MASQ ☠Commented:
Are you editing the hosts file by running your text editor in "Run as Administrator" mode?
And editing the hosts file (no file extension) at %systemroot%\system32\drivers\etc\ then restarting the PC?

0
 
Kent WSr. Network / Systems AdminCommented:
0
 
subhashchyCommented:
After trying above steps if still  issue seems persist then try these .

1. Open notepad in "RunAsAdministrator" mode
2. Edit Hosts file from Drivers\etc directory.
3. Add a dummy line, like  say  127.0.0.1 blahblah.com
4. Open a commnd promot and type "ipconfig /flushdns" and press enter
5. Again type "ipconfig /displaydns" and press enter.

Are you seeing the dummy entery here,the blah blah .com entry . Let us know the outcome..
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
jcimarronCommented:
Xetroximyn--Forgive me.  I do not understand "ignoring the HOSTS file".  If those other programs "cleaned out " the HOSTS file, there is nothing to ignore.
The normal function of a HOSTS file nowadays is to block access to certain URL s.
A good explanation is
http://www.mvps.org/winhelp2002/hosts.htm                     
0
 
XetroximynAuthor Commented:
I use the hosts file so that I can point a particular name to an particular IP address.  Because I access exchange through a hamachi VPN.

After this tool cleared out the hosts file, I did in fact put my needed entries back in there.  and they were in fact ignored.   I know the entries where getting saved, because I could reopen the hosts file and see them there.  (I am quite used to editing the hosts file -- thats why I was so shocked to see windows ignore the hosts file)

Normally after editing the hosts file there is no need to reboot.  I just make a change, and try a ping to the name, and it resolved to the IP I specified.

But in the course of troubleshooting this, I tried everything under the sun, including
ipconfig /flushdns
nbtstat -R
and rebooting

Still the hosts file was ignored.

Eventually I tried system restore to before I ran these tools, and thank god it is working like normal again.  (I can add things to the hosts file and immediately they take, no reboot or flushdns required)

Any idea how this can happen?







0
 
jcimarronCommented:
Xetroximyn--Glad to hear all is well.   I have no idea what happened.  Did you reboot after recreating the HOSTS file?  That often cures mayn problems.
Ca
0
 
XetroximynAuthor Commented:
Oh yea -- I rebooted multiple times.  tried flushdns and nbtstat -R -- nothing would make it pay attention to the hosts file.  (I test with ping)

If I still have this redirect malware on my PC (hard to tell since it only does a redirect every once in a while)

then when I run the tools again this weekend, to try to clean the malware, I will test hosts functionality just before and after each tool, so I can find out exactly which one did it.  

0
 
QlemoDeveloperCommented:
nbtstat -R only reads the lmhosts file, not hosts, so that could not help ;-).

Thinking about why a System Restore should have helped - maybe a DLL exchanged (should not), maybe one missing (should neither). Vista and W7 have changed the protecting behaviour (SFC) for system DLLs and files, which is now to be run manually (sfc /once). With XP there has been a service watching for changes, and replacing them immediately, to prevent from Virus and other malicious stuff.
0
 
XetroximynAuthor Commented:
Thanks!
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now