Author Topic: Host File Comprimised  (Read 9487 times)

0 Members and 1 Guest are viewing this topic.

Offline pingy27

  • Newbie
  • *
  • Join Date: Jan 2018
  • Posts: 3
  • Karma: 0
    • View Profile
Host File Comprimised
« on: January 04, 2018, 11:05:21 am »
I ran the tweaking repair program to no avail. Here is this log:

Log:
Tweaking.com - Windows Repair 2018 (v4.0.11)
────────────────────────────────────────────────────────────────────────────────

System Variables
────────────────────────────────────────────────────────────────────────────────
OS: Windows 10 Home
OS Architecture: 64-bit
OS Version: 10.0.16299.125
OS Service Pack:
Computer Name: NIRAJS
Windows Drive: C:\
Windows Path: C:\WINDOWS
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\frys
Current Profile SID: S-1-5-21-1194787716-3700177108-3318147629-1000
Current Profile Classes: S-1-5-21-1194787716-3700177108-3318147629-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\WINDOWS\ServiceProfiles
Local Settings AppData: C:\Users\frys\AppData\Local
────────────────────────────────────────────────────────────────────────────────

System Information
────────────────────────────────────────────────────────────────────────────────
System Up Time: 0 Days 17:04:27

Process Count: 159
Commit Total: 5.74 GB
Commit Limit: 7.18 GB
Commit Peak: 5.90 GB
Handle Count: 72278
Kernel Total: 479.81 MB
Kernel Paged: 318.80 MB
Kernel Non Paged: 161.01 MB
System Cache: 1.60 GB
Thread Count: 2002
────────────────────────────────────────────────────────────────────────────────

Memory Before Cleaning with CleanMem
────────────────────────────────────────────────────────────────────────────────
Memory Total: 5.95 GB
Memory Used: 4.54 GB(76.2547%)
Memory Avail.: 1.41 GB
────────────────────────────────────────────────────────────────────────────────

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
────────────────────────────────────────────────────────────────────────────────
Memory Total: 5.95 GB
Memory Used: 3.77 GB(63.4235%)
Memory Avail.: 2.18 GB
────────────────────────────────────────────────────────────────────────────────

Starting Repairs...
   Started at (1/4/2018 10:47:49 AM)


The current repair has failed to start for over 30 sec.
Trying Again....


The current repair has failed to start for over 30 sec.
Trying Again....


The current repair has failed to start for over 30 sec.
Trying Again....

   Done, but failed, at (1/4/2018 10:49:50 AM)
   Total Repair Time: 00:02:04

The current repair has failed to start 4 times.
Something is keeping the repair from running.


I am not as tech savvy as I like, so some of this stuff is tricky for me. If anyone can help, that be great.

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Host File Comprimised
« Reply #1 on: January 04, 2018, 12:42:31 pm »
What symptoms are you getting to determine the Host File is compromised ?

This is what the Hosts File does in Windows - http://www.accs-net.com/hosts/what_is_hosts.html

Usually when the Hosts File is corrupt, it's normally because of an infection redirecting you to another website.

Did you run the repair program in Safe Mode with Networking and are you using the latest version 4.0.12 ?

Offline pingy27

  • Newbie
  • *
  • Join Date: Jan 2018
  • Posts: 3
  • Karma: 0
    • View Profile
Re: Host File Comprimised
« Reply #2 on: January 04, 2018, 12:50:10 pm »
I keep getting pop ups on my computer from my Firefox browser and command prompt keeps pooping up and closing before I can even click on it. I've ran Hitman Pro (trial version) and over 400 threats come up each time I scan and delete/quarantine the mals/virus. I have not ran it in Safe Mode, how do I do so?
« Last Edit: January 04, 2018, 12:51:47 pm by pingy27 »

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Host File Comprimised
« Reply #3 on: January 04, 2018, 12:58:21 pm »
Boot up into Safe Mode with Networking and download AdwCleaner - https://www.malwarebytes.com/adwcleaner/

While you can still connect wirelessly, it's easier to Ethernet connect as Win 10 disables wireless in that mode.

Click on Scan and it may list some items in the lower pane it considers to be PuPs - you can uncheck any you want to keep.

When the scan has completed, click on Log File and it will list what else it has found.

Close the doc then hit the Cleaning button where it will produce another report after the reboot of what it has deleted, then see if you still get the pop ups.

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Host File Comprimised
« Reply #4 on: January 08, 2018, 07:59:07 am »
I missed the bit about you asking how to get into Safe Mode.

Press and hold SHIFT and click on Restart - click on Troubleshoot - Advanced options - Start-up Settings - Restart - press the corresponding F key for the mode you want - F5 will give you Safe Mode with Networking.

I don't think Hitman Pro removes anything until you buy it.

The free version of MBAM is an effective antimalware scanner and it will treat PuPs and PuMs as malware when you select Scan from the left pane, click on Custom Scan/Configure Scan - check the box for C: then hit Scan.

You can also include it to check for Rootkits.

This will take a while to run but is thorough.

https://www.malwarebytes.com/mwb-download/
« Last Edit: January 08, 2018, 08:19:39 am by Boggin »

Offline pingy27

  • Newbie
  • *
  • Join Date: Jan 2018
  • Posts: 3
  • Karma: 0
    • View Profile
Re: Host File Comprimised
« Reply #5 on: January 08, 2018, 08:36:12 am »
I will try that! But I also have another problem on Firefox now with maybe the same virus. Every time I go to www.espn.com and click ANYTHING, it redirects me to reimage.com then to another site of its choice. I tried removing from extensions on the browser, went to my Control Panel and Uninstalled whatever was odd or recent and it is still happening. Ive ran Hitman Pro and Malwarebytes to no avail. Any clue? :undecided:

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Host File Comprimised
« Reply #6 on: January 08, 2018, 08:44:16 am »
Have you tried AdwCleaner from my previous link - but have a read through this article as a Refresh may get rid of any malicious add-ons.

https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-using-safe-mode

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Host File Comprimised
« Reply #7 on: January 08, 2018, 08:54:11 am »
This is how to reset the Hosts File back to default if necessary - http://www.thewindowsclub.com/how-to-set-the-windows-7-hosts-file-back-to-default

If you need to take ownership of the file, you can add Take Ownership to your right click menu by following the steps in this article - I have this on my Win 10 machines.

https://www.tenforums.com/tutorials/3841-add-take-ownership-context-menu-windows-10-a.html

Offline ProFix

  • Newbie
  • *
  • Join Date: Feb 2017
  • Posts: 16
  • Location: Illinois
  • Karma: 0
  • All Is One
    • View Profile
    • ProFix Computer Repair
Re: Host File Comprimised
« Reply #8 on: January 08, 2018, 06:24:55 pm »
sound like your browser is Hijacked... did you clean it out??
Thanks,  Frank