Removing or Deleting the Hosts file in XP

I have encountered a malware program that changes the attributes of the hosts file after it becomes modified by the program. This results in the in ability to easily modify the file. There is a procedure that I have used to modify the attributes of the hosts file.

You can use Trend Micro's HiJackThis to view your hosts file and see if there are additional lines in the file.

1. You will need a boot CD for XP. Most often it is your XP install disk.

2. Use the repair utilities to get to the command line.

3. Use these commands to unhide the file and allow it to be modified.

Attrib -R C:\WINDOWS\system32\drivers\etc\hosts

Attrib -H C:\WINDOWS\system32\drivers\etc\hosts

4. Reboot the PC and then navigate to the hosts file.

5. Now you can remove all of the entries in the hosts file that have been added by the malware program and save it using NotePad or HiJackThis.