Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


missing or well hidden host file...

  • Please log in to reply
1 reply to this topic

#1 expresso


  • Members
  • 1 posts
  • Gender:Male
  • Location:Vancouver, Canada
  • Local time:03:58 AM

Posted 11 August 2011 - 12:04 AM

I've run mbam and tdss killer and some other tools as well. I found lots of various infections and malwarebytes removed all the infections. TDSS killer found a rootkit and cleaned it successfully. Nothing weird spiking the CPU, and no suspicious processes in taskmgr. Seems all the dll and app files were removed. I've checked DNS settings and TCP/IP settings and all is well. However, I'm getting lots of google search redirects, I have an idea that's it's all in host file, but hosts is well hidden. HOSTS file does not appear in the drivers/ect dir at all, and yes I have show hidden files and OS files ticked. I've tried searching for in in WINPe environment to no avail. It seems like it's hidden from the Windows file system or something. I'm running WINXP Pro SP3 fyi. Anyone see this before?? The key is how to find the HOSTS file. Once I get there I'm sure I'll find 100+ entries that I can remove and save myself an image restore on this dirty box. :)

any feedback would be most excellent.


BC AdBot (Login to Remove)


#2 hamluis



  • Moderator
  • 56,287 posts
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:58 AM

Posted 11 August 2011 - 08:54 AM


There may be more than one hosts file, some defense programs install one automatically on the system.

C:\Windows\System32\drivers\etc is the file path for mine, easily found by using the XP Search function.

See first comment by md usa spybot fan at http://forums.spybot.info/showthread.php?t=13977 .


Edited by hamluis, 11 August 2011 - 08:58 AM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users