Found all these entries in host file

thedoc46

thedoc46

thedoc46

Soldato
Joined
18 Jan 2003
Posts
5,995
Location
Expat in the USA
Not my comp but that of my boss. Anyway, needless to say the hosts file is read only, but it won't allow me to un-hide or un-read only it.. Any idea's???

This is the command i normally use.. (XP Machine)

echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f
attrib -s -h -r "%WinDir%\system32\drivers\etc\hosts"



Here are the entries. and yes, pop-ups are appearing all over the place..
Ran malware bytes too... But to no avail, and this machine had Symantec Corporate AV running at the time it got infected.. Good that Symantec software ! :rolleyes:




127.0.0.1 localhost
74.125.45.100 4-open-davinci.com
74.125.45.100 securitysoftwarepayments.com
74.125.45.100 privatesecuredpayments.com
74.125.45.100 secure.privatesecuredpayments.com
74.125.45.100 getantivirusplusnow.com
74.125.45.100 secure-plus-payments.com
74.125.45.100 www.getantivirusplusnow.com
74.125.45.100 www.secure-plus-payments.com
74.125.45.100 www.getavplusnow.com
74.125.45.100 safebrowsing-cache.google.com
74.125.45.100 urs.microsoft.com
74.125.45.100 www.securesoftwarebill.com
74.125.45.100 secure.paysecuresystem.com
74.125.45.100 paysoftbillsolution.com
74.125.45.100 protected.maxisoftwaremart.com
69.72.227.44 www.google.com
69.72.227.44 google.com
69.72.227.44 google.com.au
69.72.227.44 www.google.com.au
69.72.227.44 google.be
69.72.227.44 www.google.be
69.72.227.44 google.com.br
69.72.227.44 www.google.com.br
69.72.227.44 google.ca
69.72.227.44 www.google.ca
69.72.227.44 google.ch
69.72.227.44 www.google.ch
69.72.227.44 google.de
69.72.227.44 www.google.de
69.72.227.44 google.dk
69.72.227.44 www.google.dk
69.72.227.44 google.fr
69.72.227.44 www.google.fr
69.72.227.44 google.ie
69.72.227.44 www.google.ie
69.72.227.44 google.it
69.72.227.44 www.google.it
69.72.227.44 google.co.jp
69.72.227.44 www.google.co.jp
69.72.227.44 google.nl
69.72.227.44 www.google.nl
69.72.227.44 google.no
69.72.227.44 www.google.no
69.72.227.44 google.co.nz
69.72.227.44 www.google.co.nz
69.72.227.44 google.pl
69.72.227.44 www.google.pl
69.72.227.44 google.se
69.72.227.44 www.google.se
69.72.227.44 google.co.uk
69.72.227.44 www.google.co.uk
69.72.227.44 google.co.za
69.72.227.44 www.google.co.za
69.72.227.44 www.google-analytics.com
69.72.227.44 www.bing.com
69.72.227.44 search.yahoo.com
69.72.227.44 www.search.yahoo.com
69.72.227.44 uk.search.yahoo.com
69.72.227.44 ca.search.yahoo.com
69.72.227.44 de.search.yahoo.com
69.72.227.44 fr.search.yahoo.com
69.72.227.44 au.search.yahoo.com
 
Last edited:
Angelos_n said:
try deleting it in safe mode
Click to expand...

Tried that.. Actually I think I've tried everything !!! Even taken the drive out of the machine to put it in another machine... Its one of those micro SSD's though and I haven't got an adapter that'll fit it..

I NEED to be able to find a way to give myself access back to the hosts file then I'll be back in business.

How do I do that though?
 
#Chri5# said:
There's probably a (hidden) process running that is protecting the file - you might need to find that, nuke it and then you get access back.
Click to expand...

I think I've managed to fix it via malware bytes's very own File Assasin.

To all those party people doing a search for a similar problem.. :cool:
 
You must log in or register to reply here.
Back
Top Bottom