Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Windows 7 ignoring hosts file!

Posted on 2011-03-07
9
Medium Priority
?
1,286 Views
Last Modified: 2012-05-11
I have windows 7 64 bit, and it is now ignoring the hosts file!!

This seems to have happened, just after running some tools suggested to me at bleepingcomputer.com.   The tools were OTL.exe and OTM.exe.    (This was part of an effort to remove a not incredibly bad malware, that would redirect perhaps 1 our of 20 google links I clicked to another site)

Anyway -- windows is ignoring the hosts file now, and the people at bleepingcomputer claim that all the tools did was clean out the host file -- they did nothing to stop windows from paying attention to it.

I can put something in the hosts file, and then try running a ping, and it will not find it.

Please help!
0
Comment
Question by:Xetroximyn
9 Comments
 
LVL 63

Accepted Solution

by:
☠ MASQ ☠ earned 336 total points
ID: 35063038
Are you editing the hosts file by running your text editor in "Run as Administrator" mode?
And editing the hosts file (no file extension) at %systemroot%\system32\drivers\etc\ then restarting the PC?

0
 
LVL 12

Assisted Solution

by:Kent W
Kent W earned 332 total points
ID: 35063051
0
 
LVL 8

Assisted Solution

by:subhashchy
subhashchy earned 332 total points
ID: 35063082
After trying above steps if still  issue seems persist then try these .

1. Open notepad in "RunAsAdministrator" mode
2. Edit Hosts file from Drivers\etc directory.
3. Add a dummy line, like  say  127.0.0.1 blahblah.com
4. Open a commnd promot and type "ipconfig /flushdns" and press enter
5. Again type "ipconfig /displaydns" and press enter.

Are you seeing the dummy entery here,the blah blah .com entry . Let us know the outcome..
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 664 total points
ID: 35063151
Xetroximyn--Forgive me.  I do not understand "ignoring the HOSTS file".  If those other programs "cleaned out " the HOSTS file, there is nothing to ignore.
The normal function of a HOSTS file nowadays is to block access to certain URL s.
A good explanation is
http://www.mvps.org/winhelp2002/hosts.htm                     
0
 

Author Comment

by:Xetroximyn
ID: 35063311
I use the hosts file so that I can point a particular name to an particular IP address.  Because I access exchange through a hamachi VPN.

After this tool cleared out the hosts file, I did in fact put my needed entries back in there.  and they were in fact ignored.   I know the entries where getting saved, because I could reopen the hosts file and see them there.  (I am quite used to editing the hosts file -- thats why I was so shocked to see windows ignore the hosts file)

Normally after editing the hosts file there is no need to reboot.  I just make a change, and try a ping to the name, and it resolved to the IP I specified.

But in the course of troubleshooting this, I tried everything under the sun, including
ipconfig /flushdns
nbtstat -R
and rebooting

Still the hosts file was ignored.

Eventually I tried system restore to before I ran these tools, and thank god it is working like normal again.  (I can add things to the hosts file and immediately they take, no reboot or flushdns required)

Any idea how this can happen?







0
 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 664 total points
ID: 35063393
Xetroximyn--Glad to hear all is well.   I have no idea what happened.  Did you reboot after recreating the HOSTS file?  That often cures mayn problems.
Ca
0
 

Author Comment

by:Xetroximyn
ID: 35063400
Oh yea -- I rebooted multiple times.  tried flushdns and nbtstat -R -- nothing would make it pay attention to the hosts file.  (I test with ping)

If I still have this redirect malware on my PC (hard to tell since it only does a redirect every once in a while)

then when I run the tools again this weekend, to try to clean the malware, I will test hosts functionality just before and after each tool, so I can find out exactly which one did it.  

0
 
LVL 71

Assisted Solution

by:Qlemo
Qlemo earned 336 total points
ID: 35067126
nbtstat -R only reads the lmhosts file, not hosts, so that could not help ;-).

Thinking about why a System Restore should have helped - maybe a DLL exchanged (should not), maybe one missing (should neither). Vista and W7 have changed the protecting behaviour (SFC) for system DLLs and files, which is now to be run manually (sfc /once). With XP there has been a service watching for changes, and replacing them immediately, to prevent from Virus and other malicious stuff.
0
 

Author Closing Comment

by:Xetroximyn
ID: 35134410
Thanks!
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question