Question

Virus doset let me use Google.

I stupidly downloaded a virus that didn't let me change proxy or internet settings, and other stuff. I used malware bytes, adwcleaner, and Windows Defender and I think most of it is gone. Now I cant use google
on chrome it says: ERR CONNECTION RESET
Edge: Hmm, we can't reach this page.

I ran RKILL and it says this

* HOSTS file entries found:

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
34.195.153.94 www.google-analytics.com
34.195.153.94 google-analytics.com
34.195.153.94 mc.yandex.ru
34.195.153.94 top-fwz1.mail.ru
34.195.153.94 site.yandex.net
34.195.153.94 pagead2.googlesyndication.com
34.195.153.94 ad.mail.ru
34.195.153.94 ads.adfox.ru
34.195.153.94 ads.pubmatic.com
34.195.153.94 apis.google.com

20 out of 90 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 01/15/2017 12:13:16 AM
Execution time: 0 hours(s), 2 minute(s), and 32 seconds(s)

Discussion is locked
Follow
Reply to: Virus doset let me use Google.
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Virus doset let me use Google.
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
Answer
Re: hosts file

Rename the hosts file, reboot and try again. It's in c:\windows\system32\drivers\etc and has no extension.

- Collapse -
Thank you

this works, thank so much !

- Collapse -
What I did

But what i did was just delete them and it worked. Also I didn't have to reboot.

- Collapse -
Probably A Good Idea To Replace Bad HOSTS With New One

Since you've deleted the infected HOSTS file, it's probably a good idea to replace it with the original default version of HOSTS just in case DNS problems should come up. Open Notepad, then copy the exact text from the box below into the Notepad document. Once that's done, save the file and name it HOSTS, without a file extension. After you recreate the default HOSTS file, place it in the same location where you deleted the deleted "bad" one.
_____________________________________
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost

____________________________________
Hope this helps.

Grif

Post was last edited on January 16, 2017 11:08 AM PST

- Collapse -
And after that ...

make it read-only to make future infections impossible.

Since the above text is all comment (everything after the first # is comment) you can just as well make a totally empty file (or a file with just a #) and make that read-only. Make sure it isn't called hosts.txt, because that doesn't work.

Post was last edited on January 16, 2017 11:55 AM PST

CNET Forums

Forum Info