My HOSTS file got wiped!! Anyone else had a look at theirs?

Discussion in 'PC' started by Cardamom, Sep 23, 2020.

  1. Cardamom

    Cardamom Producer

    Joined:
    Jan 9, 2015
    Messages:
    67
    Likes Received:
    99
    Hi guys.

    Whew. No problems as of yet, but man. I just went to check one of my audioz files prerequisites - to have the hosts file set to block 'calling home' (Overloud) and lo and behold, ALL my entries - years worth - were wiped! It was like a Windows did a fresh install of the hosts file - there were no blockers to be seen (127.0.0.0.'s) at all for all my software (Tone2, Overloud, Techsmith, Adobe, etc.).

    Anybody else check their HOSTS file lately? I can only figure this must have happened as a result of getting the May update for Windows 10. Good thing we've been busy raising a new puppy for the last while - otherwise I might have noticed some timed-out software and had no idea why!

    Windows 10 - Build 2004 - installed June 12 2020 (OS Build 19041.508)

    CHECK YOUR HOSTS FILE! LET ME KNOW WHAT YOU DISCOVER!

    (EDIT: Just realized that it could have been a recent update of Malwarebytes Anti-Malware that wiped the Hosts file, but I'm doubtful of that. Set Malwarebytes to ignore the etc folder in the Drivers Directory of the System 32 Directory)

     
    Last edited: Sep 23, 2020
  2.  
  3. Krusk

    Krusk Kapellmeister

    Joined:
    Sep 6, 2020
    Messages:
    77
    Likes Received:
    42
    R.I.P...:sad:

    Windows 10 is an unmitigated ecological disaster for the digital world and no one can do anything about that.:excl:
     
    • Like Like x 1
    • Agree Agree x 1
    • Disagree Disagree x 1
    • List
  4. karatebaka

    karatebaka Member

    Joined:
    Mar 11, 2019
    Messages:
    31
    Likes Received:
    7
    It happened to me awhile ago.
    Yes, I think mine also caused by an antivirus program (forgot which one). It was pirated one. I think the program detected if it's a pirated copy from the hosts file, so it got wiped. :rofl:

    Also sometimes some programs are trying to modify the hosts file during installation as well to prevent piracy.
     
    Last edited: Sep 23, 2020
  5. Krusk

    Krusk Kapellmeister

    Joined:
    Sep 6, 2020
    Messages:
    77
    Likes Received:
    42
    Off-topic:

    This is the last version of Windows 10 been released lately, just google it:
    • Windows 10 20H2 (19042.538) Compact & Lite
    • Architect: 64bit
    • size: 2.72 GB
    I think it would great for audio production.
     
    • Like Like x 1
    • Agree Agree x 1
    • List
  6. Krusk

    Krusk Kapellmeister

    Joined:
    Sep 6, 2020
    Messages:
    77
    Likes Received:
    42
    A good way is changing its property to read-only.

    https://www.majorgeeks.com/files/details/ntfs_permissions_tools.html
     
    • Agree Agree x 3
    • Useful Useful x 2
    • List
  7. Burninstar

    Burninstar Producer

    Joined:
    Sep 17, 2011
    Messages:
    502
    Likes Received:
    142
    Location:
    Behind my instrument
    I put overloud on my hosts list, but it did not block it. I tried for hours to google and fix the issue. Finally used firewall instead.

    I uninstalled then installed the software again, although it does not call home anymore or identify as a demo it still shuts down after ten minutes.

    Does anyone know how to remove all traces of the app and vst gem.voice so I can try it again. I really like what it does. Thanks in advance.

    Win 7 Reaper
     
    • Interesting Interesting x 1
    • List
  8. Krusk

    Krusk Kapellmeister

    Joined:
    Sep 6, 2020
    Messages:
    77
    Likes Received:
    42
    You need:
    1. a Virtual machine
    2. a clean OS inside it
    3. VMWare ThinApp
    First install an OS inside a Virtual machine. Then install ThinApp inside that. Then run ThinApp. ThinApp saves the original settings (including registry and all files of the system). Then install your software inside virtual OS and authorize it and let ThinApp detect all the changes. After detection, it shows all the modifications. You can trace those modifications and can find the change spots. Then apply those alterations in your original OS.

    Of course you can use other alternatives than ThinApp.
     
    • Like Like x 2
    • Useful Useful x 1
    • List
  9. Cardamom

    Cardamom Producer

    Joined:
    Jan 9, 2015
    Messages:
    67
    Likes Received:
    99
    GOOD NEWS! Found my C-Drive backup from April (or thereabouts) stored on one of my redundant redundant backup hard-drives. Hoping this will prove valuable - my restoring the blocks back into the HOSTS file that were there previously. As I said, I encountered no problems due to lack of use of some of the HOSTS blocked items, as I didn't use them much. Anyway, they're in play now and I figure that's all that's needed. I'll see what I installed 'POST' that C-drive backup to be sure. THANKS EVERYONE!
     
  10. Cardamom

    Cardamom Producer

    Joined:
    Jan 9, 2015
    Messages:
    67
    Likes Received:
    99
    • Like Like x 1
    • Agree Agree x 1
    • List
  11. Burninstar

    Burninstar Producer

    Joined:
    Sep 17, 2011
    Messages:
    502
    Likes Received:
    142
    Location:
    Behind my instrument
    Thanks for the info Krusk. I may have fixed the problem by reinstalling Reaper. It has been working now for about two hours with no problems.

    I do appreciate knowing the troubleshooting method you outlined and I will try that if the situation acts up again.
     
  12. mithat

    mithat Noisemaker

    Joined:
    Dec 25, 2013
    Messages:
    17
    Likes Received:
    3
    Location:
    Istanbul
    Lots of AV software does that to make sure that nobody hijacks your DNS resolution. Just block them from firewall rules or from your router/modem.
     
    • Like Like x 1
    • Agree Agree x 1
    • List
  13. WillyA

    WillyA Producer

    Joined:
    Oct 26, 2019
    Messages:
    200
    Likes Received:
    93
    Best Answer
    Make sure that you have a STRONG password, at least 8 characters, with upper and lower case, one or more numbers and one or more extended ASCII character and it must NEVER be a word that you can find in any dictionary. Hackers are running scripts 24 x 7 trying to brute force guess passwords and the use the entire dictionary.

    Get a copy of W10Privacy and block all the Windows back doors, spyware and garbage. Windos 10 is a security nightmre.

    Finally get a copy of Malwarebytes Firewall Control (free) and set it so that you have to confirm every attempt to send anything ourside of your computer. The first couple of days, you have to do some work checking what is trying to write where, but once you have got it working, its not a problem like Little Snitch on Mac, that drives you dilly every time you go to a website.

    Make your hosts file read only. Only change it when you have to write to it.

    If you've got an old PC lying around, download Smoothwall Express and install it as a Firewall, so everything has to come in and out of the Firewall. It isn't rocket science.

    I use the free version of Malwarebytes. It's the only one that I've found that you can tell NOT to quarantine something and it doesn't. AVG, Avira and the other refuse to accept what you tell them to leave alone and they delete it anyway or refuse to let you run it.

    I only check my computer monthly. but I check every piece of sofware that I download and if I'm not sure, I use a VMware workstation or a sandbox
     
  14. Strat4ever

    Strat4ever Platinum Record

    Joined:
    Aug 17, 2019
    Messages:
    274
    Likes Received:
    176
    I had this issue in the past I had used an AV or malware program that F*D up my hosts and registry, I now make backups and keep a copy of my hosts file on a very small USB which I tape to the side of my PC with piece of duct tape, this way it doesn't get lost or misplaced.
     
    • Like Like x 1
    • Useful Useful x 1
    • List
  15. Mr. X

    Mr. X Kapellmeister

    Joined:
    Jan 14, 2014
    Messages:
    102
    Likes Received:
    52
    It is common that the Hosts file is cleaned up from time to time during Windows Updates, that's why I always back up the file.
     
    • Agree Agree x 2
    • Interesting Interesting x 1
    • List
  16. Olaf

    Olaf Producer

    Joined:
    Jun 5, 2011
    Messages:
    424
    Likes Received:
    146
    • Interesting Interesting x 1
    • Useful Useful x 1
    • List
  17. pratyahara

    pratyahara Platinum Record

    Joined:
    Jun 23, 2020
    Messages:
    425
    Likes Received:
    193
    Just do a backup of your hosts file. And if you do not want it to be deleted easily set its attribute to 'system'.

    cmd
    ATTRIB [+R | -R] [+A | -A] [+S | -S] [+H | -H] [+O | -O] [+I | -I] [+X | -X] [+P | -P] [+U | -U]
    [drive:][path][filename] [/S [/D]] [/L]

    + Sets an attribute.
    - Clears an attribute.
    R Read-only file attribute.
    A Archive file attribute.
    S System file attribute.
    H Hidden file attribute.
    O Offline attribute.
    I Not content indexed file attribute.
    X No scrub file attribute.
    V Integrity attribute.
    P Pinned attribute.
    U Unpinned attribute.
    B SMR Blob attribute.
    [drive:][path][filename]
    Specifies a file or files for attrib to process.
    /S Processes matching files in the current folder
    and all subfolders.
    /D Processes folders as well.
    /L Work on the attributes of the Symbolic Link versus
    the target of the Symbolic Link

    And use this software, and you'll never have to worry about your hosts file anymore:
    https://www.softpedia.com/get/Inter...ts-File-Editor-Nebojsa-Vucinic-Trebinje.shtml
     
    • Useful Useful x 2
    • Love it! Love it! x 1
    • List
  18. pizzafresser

    pizzafresser Producer

    Joined:
    Jan 7, 2017
    Messages:
    256
    Likes Received:
    110
    You could use something like a Pi-Hole instead. It's some software that runs on the Raspberry Pi that acts like a hosts file but works outside of your PC and filters your entire network traffic, even online ads.
    This list here blocks a bunch of microsoft stuff: https://github.com/crazy-max/WindowsSpyBlocker/blob/master/data/hosts/spy.txt
     
  19. Futurewine

    Futurewine Audiosexual

    Joined:
    Oct 4, 2017
    Messages:
    877
    Likes Received:
    550
    Location:
    Sound City Labs
    this is new im taking cautious and thanks for alert.. might want to search for software to quick check file comparison everyday for any changes.. i doubt git is the right tool for this but just to be safe..
     
  20. eldarktufa

    eldarktufa Guest

    Keep a copy of your slash & burn Hosts file and if something changes it, just replace it and set to 'read only'
     
  21. eldarktufa

    eldarktufa Guest

    Quit thinking small when it comes to passwords! I use pw that are 50 to 60 letters, numbers, characters and symbols long. Before you start password engineering, get yourself a copy of TypeItIn for Windows. Password protect it with something only you know and can remember without scratching your noodle. Then create a long password for your target site and save it in TypeItIn. See structure in pic. Then click DONE.

    Here's an example password: 173!3F^Tp%[email protected]^mIRGa>J<620Os98#Bet*
    Don't use that! Make up your own and keep your mouth shut.

    Now all you have to do is go to the login section of the target website, place your cursor in the NAME field and click the TypeItIn button for that site and it will auto enter the info into the site's login fields. If or some reason you can't do it that way, because your target site has an extra hoop you have to jump through, just right-click the TypeItIn button and copy and paste the info manually. Keep a backup of your TypeItIn location on your PC. If you forget the memorable TypeItIn password because you created it when you were stoned, God help you!!

    type-it-in.Png

    In case you haven't figured it out, using TypeItIn releases you from having to remember long passwords, or any passwords, except your TypeItin password. You can create as many logins and passwords as you like in TypeItIn. Just create a new button for each one.
     
    Last edited by a moderator: Oct 6, 2020
Loading...
Similar Threads - HOSTS file wiped Forum Date
Warning: New hosts file "trojan" triggered by Microsoft Defender PC Aug 5, 2020
Collected correct IP adresses to block in "Hosts" file Presets, Patches Jan 8, 2020
R2R hosts file failed Software Apr 28, 2018
Share your HOSTS file here PC Sep 25, 2015
Should you block all your k'd software's hosts sites? Lounge Sunday at 8:45 PM
Loading...