Privacy & SecurityThe Host file is a bit like an address book, When you instruct your computer to access a web page, you will use the name of the site, e.g. internetinspiration.co.uk. When your computer tries to access the web site for you, it uses a numeric address called an IP address.
The Hosts file
Your browser will check your Host file for the IP address of the requested site, if it is not present, (and it usually is not), your browser will use your ISP (internet service provider) to find the IP address, and display the site.
Why should this cause concern?
Malware applications can add entries to the Hosts file for two reasons -
1) To ensure all requests for web sites are redirected through their servers to deliver their web page, advertisements or pop ups and monitor your internet activities.
2) To block access to security related web sites, this will prevent updates to your security software.
These entries can be left behind even if the malware is removed and can result in Cannot find web server errors when attempting to access certain web pages.
Where can I find the Hosts file?
The following applications will allow you to view your Hosts file if you have them installed.
Spybot S&D Click Tools > host file
Microsoft Anti-spyware Click Advanced tools > windows Hosts file
hijack This Click Config... > Misc Tools > Open hosts file manager
Adbin is a free and easy to use Host file editor.
Otherwise there are a couple of ways of getting there, a point to note - the file is called simply Hosts, there is no file extension e.g. .txt
Set Windows to show hidden files and Folders. Help
1) Click Start and then Search. In the box that appears, click All files and folders. Type Hosts into the box marked All or part of file name. and click the Search button.
2) Open Windows Explorer by right clicking on the Start button and selecting Explore. Navigate in the left panel along the following file path. (Look at the file path as a sequential list of files to reach your destination, each level being separated by the '/')
For Windows 95/98/Me
For Windows NT/2000/XP Pro
For Windows XP Home
Once you have found the file, right Click on it and select Open. You will be asked to select which program to open it with, select Notepad.
A clean log file will look like this
All lines beginning with a '#' are comments and ignored by the computer.
The address 127.0.0.1 is setting the address for your computer.
Anything following that entry with an address of 127.0.0.1 will look for the requested web site in your computer which it will not find and stop looking, effectively blocking access to it.
127.0.0.1 www.microsoft.com will block access to the Microsoft website.
127.0.0.1 www.girosoft.com will block access for AVG anitvirus software.
127.0.0.1 www.google.com will block access to google
126.96.36.199 www.google.co.uk will redirect requests for google.co.uk to 188.8.131.52, which is PremiumSearch.
Using the same principles as Maware, to block access to security related websites, you can also be use the Hosts file to block access to dodgy sites, simply add the name of the web site and give it an address of your computer e.g.
127.0.0.1 www.dodgywebsite.com.This will not only block access to the sites, it will also prevent any advertisements from their servers being displayed,
A free and easy way of doing this is to use Adbin. All you have to do is drag a pop up advertisement over the bin, it will automatically add the address it was delivered from to your Hosts file, blocking future access to that server.
Some security applications can add known dodgy sites to your Hosts file as part of its protective features, so you may already have a long list of sites with dodgy names. providing these names are preceded with 127.0.0.1, you are being protected.
To repair an infected Host file you can either.
1) Delete the offending lines.
2) Delete or rename the Hosts file. Windows will create a new one on the next reboot.
You should note that if your computer is infected with malware, some will re-infect the Hosts file on each boot up, so the malware must be removed first. You can if you wish you can lock your Hosts file, to prevent anything changing or adding to it. Find the Host file as described above, Right click it and select properties. In the box that pops up, at the Attributes options, click to put a check mark in the box for Read only, Click Apply then OK.
Privacy & Security
hackers, crackers & firewalls
BHO's & Hijackers
Drive by downloads
Scams & Hoaxes
Free pest scan
Clean up/repair after malware infection
Prevent malware installing
Start in Safe mode
Show hidden files/folders
enable/disable Active X controls
Disable Messenger service pop-ups
Use the Host file
Removal tool for Rogue spyware removers & Fake Warnings
Kill Sdbot-ADD / lockx.exe
Kill seeve.exe / mediamotors pop ups
New Winfixer infection displays fake Blackworm warning
The real cost of Free security software