About Your Host File


Imagine clicking your bookmark and seeing a completely different Web site load in your browser--or trying to go to Google and getting a totally different search site. Some spyware redirects Web addresses on your computer by altering your hosts file.

Normally when you type in a Web address or load a bookmark, it's a plain-English URL, such as www.download.com. However, computers can't understand URLs, so they have to find a corresponding numeric IP address. Your computer first looks for a URL match in your hosts file, a simple text file in your system directory that lists various IP addresses and their corresponding URLs. If it doesn't find a match there, it looks for a domain name system (DNS) on the Internet, which lists all the URLs currently out there and their corresponding IP addresses. Malicious coders can hijack this process by inserting false references into your hosts file.

We're going to show you how to keep your hosts file safe from spyware, so you can be confident your browser takes you where you want to go.

HijackThis 1.99.1
Scan your Registry and hard drive for spyware.

Microsoft Windows AntiSpyware
Prevent software from being installed without your knowledge.

Step 1: Make it read-only
First, we're going to tell you how to find your hosts file, since its location varies on different versions of Windows. The file's name is simply hosts, with no extension. We don't recommend you make any changes to it unless you know exactly what you're doing. In Windows XP, the hosts file should be in this directory path: C:\WINDOWS\SYSTEM32\DRIVERS\ETC. For Windows 2000, look for it here: C:\WINNT\SYSTEM32\DRIVERS\ETC. And in Windows 98 and Me, this is the appropriate path: C:\WINDOWS.

A reliable way to locate the hosts file is to install HijackThis. Once you do, click the "Open the Misc Tools section" button on the main interface, then click the "Open hosts file manager" button in the System Tools section. The directory path for your hosts file appears at the top of the editor window.

Once you've located your hosts file, a quick and easy way to lock it down is to make it a read-only file. Simply right-click the file and choose Properties from the context menu. Click the read-only check box at the bottom of the Properties window, then click OK. Remember that you made it read-only, because in the future you may need to temporarily allow changes for some program installs.

Step 2: Patrol your hosts file
For an easier way to manage and lock your hosts file, download and install WinPatrol. This program manages many aspects of your computer, such as which programs load when you start up your computer and what add-ons Internet Explorer uses. After you install WinPatrol, launch the program and click the Options tab in its main interface. Click the check box that says "Lock hosts file" and you're protected. If you click the "View hosts file" button, it will open in Notepad. By default, WinPatrol watches for programs that try to change your hosts file. It will alert you if something changes the file, giving you the opportunity to block the change. If you don't recognize the name of a program that's trying to change hosts, you should probably block it.

Step 3: Edit entries
Many popular antispyware applications also give you some control over your hosts file. For example, both Microsoft Windows AntiSpyware and CounterSpy show you what's in your hosts file and let you block and remove specific entries. In the main interface of Microsoft AntiSpyware, click the Advanced Tools button. In CounterSpy, it's the System Tools button. On the next screen, click the System Explorers button in Microsoft AntiSpyware or the My PC Explorers button in CounterSpy. From the directory tree on the left side of the next screen in both programs, click Windows Host File. If no changes have ever been made to your hosts file, the only entry you will see is localhost 127.0.0.1. If you see additional entries, especially for well-known Web sites, you may want to block or remove them.

Step 4: Block ads
Our last step is for advanced users only: You can use your hosts file to redirect adware company servers so your PC will never see ads from them. Around the Web, people have compiled lists of ad servers and put them into the hosts file format, redirecting the ad servers to 127.0.0.1, the IP address for your own computer. You can get one of these hosts files and replace your own with it. Unfortunately, most of them block all known ad servers, which could deprive your favorite Web site of revenue from banner ads. If you use one of these ad-blocking hosts files and notice ads are being blocked from a Web site you like, you should find that ad-server entry in your hosts file and remove it.


Back To The Top

Bud's CDs FREE MP3s     Alphabetical Index Of Everything In This Site