internetinspiration logo
             
Home Internet Guides Privacy & Security Must have software Internet Shopping Earn Money Fun & Games Freebies

Privacy & Security
The Hosts file

The Host file is a bit like an address book, When you instruct your computer to access a web page, you will use the name of the site, e.g. internetinspiration.co.uk. When your computer tries to access the web site for you, it uses a numeric address called an IP address.
Your browser will check your Host file for the IP address of the requested site, if it is not present, (and it usually is not), your browser will use your ISP (internet service provider) to find the IP address, and display the site.

Why should this cause concern?
Malware applications can add entries to the Hosts file for two reasons -
1) To ensure all requests for web sites are redirected through their servers to deliver their web page, advertisements or pop ups and monitor your internet activities.
2) To block access to security related web sites, this will prevent updates to your security software.
These entries can be left behind even if the malware is removed and can result in Cannot find web server errors when attempting to access certain web pages.

Where can I find the Hosts file?
The following applications will allow you to view your Hosts file if you have them installed.
Spybot S&D Click Tools > host file
Microsoft Anti-spyware Click Advanced tools > windows Hosts file
hijack This Click Config... > Misc Tools > Open hosts file manager

Adbin is a free and easy to use Host file editor.

Otherwise there are a couple of ways of getting there, a point to note - the file is called simply Hosts, there is no file extension e.g. .txt

Set Windows to show hidden files and Folders. Help

1) Click Start and then Search. In the box that appears, click All files and folders. Type Hosts into the box marked All or part of file name. and click the Search button.

2) Open Windows Explorer by right clicking on the Start button and selecting Explore. Navigate in the left panel along the following file path. (Look at the file path as a sequential list of files to reach your destination, each level being separated by the '/')

For Windows 95/98/Me
c:\windows\hosts

For Windows NT/2000/XP Pro
c:\winnt\system32\drivers\etc\hosts

For Windows XP Home
c:\windows\system32\drivers\etc\hosts


Once you have found the file, right Click on it and select Open. You will be asked to select which program to open it with, select Notepad.

A clean log file will look like this

All lines beginning with a '#' are comments and ignored by the computer.
The address 127.0.0.1 is setting the address for your computer.
Anything following that entry with an address of 127.0.0.1 will look for the requested web site in your computer which it will not find and stop looking, effectively blocking access to it.
Examples
127.0.0.1     www.microsoft.com will block access to the Microsoft website.
127.0.0.1     www.girosoft.com will block access for AVG anitvirus software.
127.0.0.1     www.google.com will block access to google
66.180.173.39     www.google.co.uk will redirect requests for google.co.uk to 66.180.173.39, which is PremiumSearch.

Using the same principles as Maware, to block access to security related websites, you can also be use the Hosts file to block access to dodgy sites, simply add the name of the web site and give it an address of your computer e.g.

127.0.0.1   www.dodgywebsite.com.

This will not only block access to the sites, it will also prevent any advertisements from their servers being displayed,

A free and easy way of doing this is to use Adbin. All you have to do is drag a pop up advertisement over the bin, it will automatically add the address it was delivered from to your Hosts file, blocking future access to that server.

Some security applications can add known dodgy sites to your Hosts file as part of its protective features, so you may already have a long list of sites with dodgy names. providing these names are preceded with 127.0.0.1, you are being protected.

To repair an infected Host file you can either.
1) Delete the offending lines.
2) Delete or rename the Hosts file. Windows will create a new one on the next reboot.

You should note that if your computer is infected with malware, some will re-infect the Hosts file on each boot up, so the malware must be removed first. You can if you wish you can lock your Hosts file, to prevent anything changing or adding to it. Find the Host file as described above, Right click it and select properties. In the box that pops up, at the Attributes options, click to put a check mark in the box for Read only, Click Apply then OK.

Privacy & Security

Information

E-mail

Viruses

hackers, crackers & firewalls

Trojans

Spyware

Keyloggers

Cookies

BHO's & Hijackers

Drive by downloads

diallers

Scams & Hoaxes

Hijack this-
automatic analysis


Free pest scan

Unwanted processes

How to-Tutorials

Clean up/repair after malware infection

Prevent malware installing

Install Hijackthis

Start in Safe mode

Show hidden files/folders

enable/disable Active X controls

Disable Messenger service pop-ups

Use the Host file

Roguefix -
Removal tool for Rogue spyware removers & Fake Warnings
removal tool


Kill E2Give

Kill MySearch

Kill Sdbot-ADD / lockx.exe

Kill seeve.exe / mediamotors pop ups

Kill Winfixer2005

Kill SysProtect

News/Articles

New Winfixer infection displays fake Blackworm warning

The real cost of Free security software

roguefix removal tool About us Contact us FAQ Links Privacy Statement Site Map Webmasters
Click here to add this page to your favorites
©Internet Inspiration, 2003.      All registered trademarks are observed and respected.
If you receive advertising pop ups whilst viewing this site, you are infected with an ad-serving parasite, because we don't use pop ups. See our Privacy & security section for help with detection and removal.